Most likely it would be gone regardless of what is posted here.
People behind these rogues are criminal ***wipes to whom I would love to introduce my self (in the most physical manner possible).
I’d love to call them stupid, but that would be false. They are savvy, and know how to stay on the move.
It looks like it is the same people. The “Scare” site always shows up as the same and tries to get you to install a program called Antispy2011.exe
I got no idea which Ad/Banners are doing it though
I went to the link again to see if it was down or up… and it is up… but the virus tried to install on my pc! but avast blocked the virus from downloading! Thank you so much avast! 
Hi folks,
This one also not detected at VT:
hxtp://antivirus-program-2011.ce.ms/fast-scan
VT scan: http://www.virustotal.com/url-scan/report.html?id=9fa26859f2d3ca0d5485e60aeecf622f-1303732030
VT file scan:
http://www.virustotal.com/file-scan/report.html?id=8445f95b1231d462f181ce570023c501a3046a571e224947757d886f6f8095e1-1303739616
Strange to be found benign here: http://wepawet.iseclab.org/view.php?hash=9fa26859f2d3ca0d5485e60aeecf622f&t=1303739892&type=js
obfuscated and wrapped-protected online (see big chunk of obfuscated code)
see WOT warning: http://www.webutation.net/go/review/antivirus-program-2011.ce.ms
polonus
and the Rogue is only detected by Prevx
http://www.virustotal.com/file-scan/report.html?id=9e05babb97a2bc788887e8c7fe63a8c3be1e12d6a89adb4102ca4f0825fa937e-1303743574
Malwarebytes detect it as - Trojan.FakeAlert.PGen
sample sendt avast 
and SUPERAntiSpyware
Hi Pondus,
We are right on it, man, Kaspersky now also detects this as HEUR:Trojan.Win32.Generic,
see for the newer scan results:
http://www.virustotal.com/file-scan/report.html?id=9e05babb97a2bc788887e8c7fe63a8c3be1e12d6a89adb4102ca4f0825fa937e-1303743685 2 /42 (4.8%)
pol
P.S. We need to have this detection added, because this malware is destructive to system 32 files and then computer will not start up anymore, meaning a re-install,
D
and Norman but signature is not released yet - Already detected as W32/Crypt.AVFO
Hi Pondus,
Another one not detected by avast and norman:
Fave av at hxtp://getip-string02.tk/
VT scan: http://www.virustotal.com/url-scan/report.html?id=7e7ce8aa583331ce372ae657dae41a69-1303831762
detected by Bitdefender…
VT file scan: http://www.virustotal.com/file-scan/report.html?id=465186de9157139f2197a618cda2c461790fa5c52ec3ab68dcc114deb180f7df-1303839353 3/ 41 (7.3%)
polonus
and not detected by Malwarebytes
will send sample
EDIT: the rogue is detected by avast
Is this a fake av? Scanned here: http://wepawet.iseclab.org/view.php?hash=3387298540e82cf340508865a49b26b8&t=1303856097&type=js
VT url analysis: http://www.virustotal.com/url-scan/report.html?id=3387298540e82cf340508865a49b26b8-1303849006
VT file analysis: http://www.virustotal.com/file-scan/report.html?id=4193f2ef35f027d3947705aab2aa6f8e8aeb84220d9383123d3f48f063ed0da3-1303856209 not detected
Detected as dangerous site on 3 instances: http://www.urlvoid.com/scan/instantspywareremoval.com
polonus
Polonus I have a quick question… If i got a pop up to donwload the program on instantspywareremoval does that mean i have a virus? or is the program safe?
The Website you listed looks like it wants people to download PCSafeDoctor. I searched google and found a website that has PCSafedoctor on it also. hxxp://www.pcsafedoctor.com/ I wonder if the program is malware or Not
you may ask in Malwarebytes form…they usually know…if not they are quick to find out
Concerning pcsafedoctor, re: http://www.mywot.com/en/forum/11030-pcsafedoctor
polonus
My friend on twitter Asked @Microsofthelps about instantspywareremoval site and Here is their tweet about the program.
http://twitter.com/#!/MicrosoftHelps/status/63258439857602560
You will never be infect by downloading a malware to your computer, the only way that it can infect your computer is if you executed the application. You can save all malwares you want to one folder in your computer, and you won’t be infected. You can visit a exploited web site (fake av warnings in this case) and the site tell you that it found infected files in your computer, but these warnings are fake and your computer is not infected really. Of course, there are exploits that are able to infect you without your concern, this happen when you have your programs and OS out of date. These opportunities are known as “vulnerabilities”.
Hi Llanziek,
Read this here: PCSafeDoctor - http://www.mywot.com/en/forum/11030-pcsafedoctor
The program can detect but for cleansing you need a paid version,
polonus
That’s right. I experienced similar situations with AdwareAlert and SpywareCease. The difference among fake av applications is that some are less annoying. And some not take complete control of computer(like above mentioned, convincing people that the application is safe and real).
Most of the ones i have been getting are targeted for Windows XP/Vista
See: http://wepawet.iseclab.org/view.php?hash=7ba4727cec0c40dde931c239ccb66e72&t=1304424653&type=js
Nothing detected…
From the same domain: Trojan FakeAlert. Rogue AV ’ Security Shield ', see:
VT scan: http://www.virustotal.com/file-scan/report.html?id=8ed62f6f3bed2e23d1eec91ab1d85c9078423bbcea89b3a80b91669444e1e842-1304338934 aka variant of Win32/Kryptik.NGV
see: http://vscan.urlvoid.com/file/3cb045915778215e2fced65afb8434d7/aW5kZXgtcGhw/
decode error on file download…f608b4d5a024e24c409a44da09262497 194 bytes…
polonus