Description of Windows Antivirus 2011 and consequences of its residing on your PC’s

Windows Antivirus 2011 is perceived by many users as integral inseparable utility in the aforementioned OS. Such effect is achieved thanks to the adware name, as well as abundance of verbal and graphical references to Microsoft and its products. The situation in some instances went as far as to associating by users of the annoyance caused by the above adware with the corporation it mentions to make its lie more trustworthy as some users asked how could it happen that a company of worldwide renowned name concocted and marketed such a nasty program.
It is quite a common practice to assign names of famous products and businesses to counterfeits. Hence this case is just another counterfeit that conceals insidious design under the name which is by default beyond any suspicions.
Remove Windows Antivirus 2011 as it is not an official security tool for the operating system, which name it bears only to defame. Multi-purpose free scanner is available here for easy detection and extermination of the adware and real viruses.

Technical Details and screenshots:

  • Full name: Windows Antivirus 2011, WindowsAntivirus 2011, Win Antivirus 2011
  • Type: Rogue anti-spyware
  • Origin: Russian Federation, Belarus

Signs of being infected with Windows Antivirus 2011

There are multiple schemes in place serving the adware distribution. These interlace in some points. For instance, the adware could be downloaded from website devoted to its inexistent features. The features do not exist in the sense these are specified at the adware description, but not realized in the wild.
The website itemizing those phantom features is a part of at least two schemes. One scheme implies that a visiting machine is already infected, for the browser targeting infection brings user to the fake antispyware website. Another one does not require any infection integrated into targeted PC as it is a website redirect trap that draws visitors to the malware dedicated page.
As a conclusion, case 1 means the visiting machine is already infected, i.e. the page suggesting you the program named Windows Antivirus 2011 is a sign of partial infection integration into computer memory while case 2 does not point at any infections at visiting PC.
Once the adware installation is completed, it runs according to one and same schedule and displays the same windows. Deviations have not been observed.
Click here to get rid of Windows Antivirus 2011 adware or preliminary infection, or just to run free scan in order to ensure your PC is free of infections, or else delete the parasites detected.

Windows Antivirus 2011 automatical removal:

The fake antivirus is capable of arranging partial or complete disordering of web-browser, which might render the below link inaccessible. To fix the issue, just initiate rebooting, and press F8 continuously before system loading to get the list of alternate modes for operating system. Use arrow keys to select Safe Mode with Networking, and try using below link again.

Windows Antivirus 2011 Removal Tool

Manual Removal of Windows Antivirus 2011:

The manual guide for Windows Antivirus 2011 removal does not cover other viruses. It is a principle difference with the above recommended automatic extermination, for impaired system protection caused by the adware activities has doubtlessly provided great opportunities for other infections introduction.

Remove Windows Antivirus 2011 files and dll’s:

%UserProfile%\Start Menu\Programs\Windows Antivirus 2011.lnk
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Antivirus 2011.lnk
%UserProfile%\Application Data\Windows Antivirus 2011\Instructions.ini
%UserProfile%\Application Data\Windows Antivirus 2011\cookies.sqlite
%UserProfile%\Application Data\Windows Antivirus 2011
%UserProfile%\Start Menu\Windows Antivirus 2011.lnk
%UserProfile%\Desktop\Windows Antivirus 2011.lnk
C:\Documents and Settings\All Users\Application Data\23077d\CB130_287.exe

Unregister Windows Antivirus 2011 registry values:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = “1”
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “C:\Program Files\Internet Explorer\iexplore.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirewallOverride” = “1”
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe”
HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1” %*
HKEY_CLASSES_ROOT\pezfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1” %*
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1” %*
HKEY_CURRENT_USER\Software\Classes\pezfile
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1” %*
HKEY_CLASSES_ROOT\pezfile

Windows Antivirus 2011 Remover with free scan