AV Protection 2011 - How To Remove?

Type: Rogue Anti-Spyware

AV Protection 2011 is a dangerous rogue anti-spyware that pretends to be legitimate tool important for computer’s security. Most of the users fall into thinking that it is a truly good way to protect their computers against viruses and pay for its faked licensed version. However, purchasing ‘licensed’, ‘full’ or whatever it is called AV Protection 2011 version is not a right decision – we must warn you that this scamware will additionally infect your PC with more viruses and will start playing havoc on it. As soon as you notice it on your computer, remove AV Protection 2011 using legitimate anti-spyware program, such as Hitman Pro or spyhunter.

As soon as it manages to get inside the PC, AV Protection 2011 starts displaying tons of virus reports. All its alerts and scanners declare the same thing: your PC is infected and you must purchase removal services from it. In reality, all these ‘viruses’ are legitimate your system files or the ones that are secretly dropped by AV Protection 2011 once it manages to get on your computer. Be sure that they have nothing to do with a real your computer’s situation and keep in mind that you must simply ignore those alerts. Hailing from the same malwares’ family as System Security 2012 or Guard Online, this scamware displays such alerts:

svchost.exe was replaced with unauthorized program.
It has encountered a problem and needs to close.
If you were in the middle of something, the information you were working on might be lost.
Please tell Microsoft about this problem.
We have created an error report that you can send to us. We will treat this report as confidential and anonymous.

Windows Security Alert
To help protect your computer, Windows Firewall has blocked some features of this program.
Do you want to keep blocking this program?
Name: Zeus Trojan
Publisher: Unauthorized

Warning! Infection found
Unauthorized sending E-MAIL with subject “RE:” to <fake email here> was CANCELLED.

Warning! Infection found
Unwanted software (malware) or tracking cookies have been found during last scan. It is highly recommended to remove it from your computer.
Keylogger Zeus was detected and put in quarantine.
Keylogger Zeus is a very dangerous software used by criminals to steal personal data such as credit card information, access to banking accounts, passwords to social networks and e-mails.

Security Warning
Your computer continues to be infected with harmful viruses. In order to prevent permanent loss of your information and credit card data theft please activate your antivirus software. Click here to enable protection.

Security Warning
Malicious programs that may steal your private information and prevent your system from working properly are detected on your computer.
Click here to clean your PC immediately.

You may ask how AV Protection 2011 is distributed. The way how it gets inside is very simple: it bypasses security barriers of the system with a help of Trojans. Of course, licensed anti-virus and anti-spyware versions help to avoid such infiltration because your system is prevented from security holes that are used by Trojans to enter it. As you can see, AV Protection 2011 is a totally malicious program because it scares you into believing your PC is not safe and then tries to convince you that you need to register its licensed copy. This sort of strategy is normal for rogue anti-spyware programs, so make sure you remove AV Protection 2011 ASAP before it downloads more malwares into it. Follow the steps given below:

1. Download process explorer and safe it on desktop. Rename it to iexplore.exe (or iexplore, if you do not see file extensions). Disable proxy server in your browser.
2. Execute process explorer and look for garbage processes that run from C:\Windows\System32. The name would be like lvvm.exe, 23gwGSGD23523.exe or similar (it has to contain many letters and digits). Stop the process and write down the exact path. Once you stop correct processes, the malware windows will close and icon will disappear.
3. Delete the files you have stopped in the previous step.
4. AV Protection 2011 comes with other trojans usually. Scan your PC with spyhunter, Malwarebytes Anti-Malware for remaining malware processes and files. Full versions of these programs would have protected from AV Protection 2011 infection and saved some time.

Automatic AV Protection 2011 removal tools

Note: Reimage trial provides detection of parasites and assists in their removal for free. You can remove detected files, processes and registry entries yourself or purchase a full version.  We might be affiliated with some of these programs. Full information is available in disclosure

Manual removal


Important Note: Although it is possible to manually remove AV Protection 2011, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend using Reimage or other tools found on 2-viruses.com.


AV Protection 2011 screenshots


About the author

 - Passionate web researcher

I have been working with 2-viruses.com project for a while now and I would like to think that our research team has managed to raise awareness about cyber security. I study the newest infections, help out with manual instructions and answer questions that our users might have.

November 18, 2011 10:57, December 21, 2011 12:54

9 thoughts on “AV Protection 2011

  1. My computer is infected with this, but sometimes it says that the internet is infected and it wont let me go into the internet, But i tried a couple times and it finally did. Ughh, Ima try to get this off. Thanks.

  2. okay, so my computer was, maybe is, infected with this about 20 minutes ago. I immediately knew it was a virus and I took immediate action, but I wasn’t sure exactly what to do since I’m only 16. After 15 minutes of trying to unsuccessfully download a legitimate anti-spyware/malware program, it starting popping up annoying crap all over the screen and I got really scared so I manually shut my computer down, and then when I rebooted it I used System Restore to restore it to about a week ago. I checked and the program isn’t there anymore, but at least 1 of the files is (it’s a file saying that there’s a shortcut to the program from the desktop, which there isn’t anymore) and when I tried to delete it, it said “could not find this item.” Am I safe or should I take more precaution?

  3. AV PROTECTION is a nasty virus, it infected my computer today, and here are the steps i used to get rid of the Virus, Pop-Ups, and spyware screen whioh kept showing when i tried to reboot several times.

    1. run system restore to about a week back, windows 7 will show the dates you can go back to.
    2. i use http://www.avg.com free antiviurs and it found the virus, it had infected like 3 major component files on my computer. it removed them.
    3. run a program called malware bytes which is also free, and it found 2 infected files and removed them.

    Hope this helps.

  4. I got this on my older system, apparently from a streaming sports site. My biggest problem is that it seems to have disabled my mouse and keyboard. I plugged in a USB mouse and tried to use a program downloaded on this laptop, but had no luck. Plus I don’t know how to get into safe mode on boot without the keyboard. While all my symptoms are the same as described here and at other sites, the disabling of the mouse and keyboard seems to be new. In any event, I’ve disconnected the infected system from the Internet, and given the complicated manual removal process, I’m thinking that a professional removal might be the best bet.

  5. i had the same problem happen, is avast a good enough antivirus or should i get spydoctor as well, and if i do will they interfere with one another?

  6. LVVM.EXE. I got file lvvm.exe into my computer and deleted it manually (stopped process using processes manager and deleted file from folder application data/roaming). There were also some files and running processes under names similar to 07R01.exe – so i deleted them as well since they looked very suspicious for me. Then i reboot pc and eventually disclosed that all my web-browsers are no longer able to download web-pages. All of them give error message something like access denied due to proxy problem. At the same time outlook worked and i was able to send/receive emails.
    The solution in my case was to recover system to the date which is you feel prior to the date when you got infected with this file.
    Good luck.

Leave a Reply

Your email address will not be published. Required fields are marked *