Popular Reviews

Adware Removal

» Adware Removal

Rogueware Removal

» Rogueware Removal

Keylogger Removal

Fix PC Errors

Helpful Definitions

Learn More

» Learn More

Antispyware Reviews

Registry Cleaner Reviews

Firewall Reviews

Spam Filter Reviews

Antivirii 2011


5th January 2012 

Antivirii, a New Species in the Rogue Antivirus Family

Security is a top priority with every computer owner and user.  Without an effective and reliable antivirus program, we cannot bank, shop, research, communicate, watch videos, or browse freely.  We need security in order to safeguard our machines, our data, and our privacy.  For every great security program on the market, there are a handful of rogue antivirus programs that seek to exploit our need for protection.  Rogues like Antivirii 2011 want us to believe our systems are under siege and that we need to buy their protection.  Save your money and learn to spot rogue antivirus programs.

What is Antivirii 2011?

Despite new versions, rogue antivirus programs typically behave in the same ways.  Antivirii 2011, a member of the Antivirus Clean 2011 family of rogues, is no different.  It relies on popup ads and false security scans to convince users that their computers are facing several severe threats.  The answer, they are told, is to purchase the “full protection” of their software.  While this can be intimidating and frightening for users, it is important to remember that this rogue cannot scan your computer.  Any “threats” it claims to find are actually harmless files it has created itself.  More importantly, this program cannot provide removal or protection from future threats.

Signs of a Rogue Antivirus Program

After a rogue enters a computer, it goes through a period during which it appears inactive.  During this time, there are no noticeable signs that anything is wrong, but the rogue is modifying security settings in order to run undetected.  After it has done this, and created the harmless files it will claim are threats, you will begin to realize that your machine is not running optimally.  It may run more slowly than usual, have unfamiliar icons in the system tray or desktop, or you may get more frequent redirects when you are trying to browse online.

The most characteristic and unmistakable signs that a rogue has affected your computer are false security scans and popup ads.  The scans are designed to imitate those from legitimate security programs.  You will see “Antivirii 2011” written in small print at the top of the window, as well as in larger print in the center.  The rogue uses a familiar blue and yellow shield icon to create the illusion of legitimacy.  The window indicates that the rogue has scanned your system and found several severe threats, including worms, Trojans, and rootkits. 

On the left side of the window are the options:  Virus Scan, Update Center, Firewall, and About.  You also have the option to “Register” your unlicensed version in order to get full protection and “Remove All” threats.  Clicking any of these options will lead you to a website on which you are urged to purchase the rogue and prompted to enter your credit card information.  Never do this, and close all of these windows using the Task Manager.

The popups pose as security alerts.  These balloon-style messages may appear when you are browsing or when you click on those unfamiliar icons on your desktop or system tray.  Typical examples include:

Your computer is in danger!

Antivirii 2011 has detected some serious threats to your computer!

These viruses need to be eliminated immedeately [sic]!  Please click this icon to remove threats.

Your system is infected!

Your computer is compromised by hackers, adware, malware, and warms!

Antivirii 2011 can remove this infection. Please click this icon to remove threats.

Both the scan results windows and the popups are nothing more than ads; there is no threat to your computer except for the presence of the rogue antivirus program.

 

 

How Does Antivirii 2011 Access Your Computer?  

 

There are two versions of most rogue antivirus programs: the free or trial version and the paid version.  There is no difference between the two in terms of capacity: neither can scan, detect, nor remove threats.  The trial version is downloaded via Trojan. This can happen in any number of ways: you may, for instance, want to download a free video.  A popup tells you that you need to install a video codec in order to view the video.  You do so, but this allows the Trojan to enter.  Once inside, it can deposit malware, including Antivirii 2011.  Trojans often lurk in sites that have gaming, adult, pirated, freeware, shareware, or trending content.

 

 

The paid version has to be user-installed.  This happens when the free version has become downloaded into the system and the user is inundated with popups and warnings.  Wanting to remove threats and protect the system, the user opts to purchase the software.  Unfortunately, this is a waste of money because these programs are not able to offer protection.  Even worse, after purchase, you will still see all of those popups and false scans.

 

Antivirii 2011 Removal

 

 

Regardless of which “version” you have, it is important to remove Antivirii 2011 as quickly as possible.  Not only are the popups irritating, rogues interfere with basic operation and can leave your computer open to other security threats.  The first reaction many users have is to run their antivirus scan.  This is ineffective because rogue antivirus programs are not classified as viruses, so it is unlikely that your security program will pick it up.  Further, the rogue has altered your security settings and has hidden itself in your registry. 


Another common removal attempt is to use the Uninstall feature.  This can eliminate surface traces of the rogue, but it will not remove every file or key associated with it.  This means that Antivirii 2011 can reinstall itself after reboot.  If these basic attempts do not work, what can the user do?

   

·     Manual removal.  For those with experience working with their system registry, manual removal can be effective.  There are risks however, such as inadvertently deleting necessary files and damaging the computer or failing to remove every file or registry key.  If you attempt this, make a backup first and contact us for help if you need with the following instructions.

 

·     Automatic removal. This is easier and requires only that you can run a software program.  Using Malwarebytes Anti-Malware (Malwarebytes has free malware removal) or Enigma's SpyHunter, you simply install the program and let it detect and remove the rogue thoroughly and safely.

 

 

Stop Processes: 

czwcldnm.exe
Antivirii_2011_Setup.exe
%Windows%\antivirii.exe
%Windows%\[random].exe

Delete Files:

%Windows%\[random].exe
czwcldnm.exe
Antivirii_2011_Setup.exe
%Windows%\antivirii.exe

Delete Registry Entries:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe "Debugger"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Security"

 

 



We are affiliated with some of the legitimate programs recommended on this website. Should you choose to use the programs recommended here, we may receive a fee that will help support the site.

NEWS | ARTICLES | REVIEWS | CONTACTS | LINK TO US
All content copyright 2006-2017, RemoveAdware.com.au. Author: Wayne Davis.
All Rights Reserved. All trademarks and company brand names are acknowledged.
Privacy Policy | Terms Of Service