NEWS
PARASITES
SOFTWARE
FORUM
DIRECTORY

 
 
 
 
 
 
  
Title: XP Anti-Virus 2011
Type: Rogue Antispyware
Also known as: XP AntiVirus 2011, XP Anti-Virus

Remove XP Anti-Virus 2011
Removal instructions

by
 
Severity scale:XP Anti-Virus 2011 severity is 63  (63 / 100)
 
XP Anti-Virus 2011 is a rogue anti-spyware program which applies the basic tricks of scams from this category. Though it declares to be a powerful virus remover, keep in mind that this program is the only one that needs to be eliminated because it reports invented viruses. The rogue program will pretend to scan your computer and immediately will report numerous viruses. Some of its alerts may state about Trojan-BNK.Win32.Keylogger.gen threat for making you scared and push into purchasing its license which will be offered additionally. Pay attention to the fact, that XP Anti-Virus is dangerous and has nothing to do with system security!

XP Anti-Virus 2011 program has been manipulating people into believing it is useful software. However, this rogue anti-spyware mostly penetrates into a random computer system without the user’s knowledge and approval and opens the backdoor of the system to let more threats or allow the scammers to reach your personal information. All this is done with a help of Trojans that infect vulnerable systems through fake online scanners. As you can see, you should not believe XP Anti-Virus 2011 and its spyware detection reports as they are fabricated and have in fact nothing to do with the true condition of machine. Don’t buy this software though it will definitely promise to fix your computer, but remove XP Anti-Virus 2011.

SPECIAL NOTES FOR XP ANTI-VIRUS (2011) REMOVAL:

1. Firstly, type this registry code into its manual registration section to disable alerts interrupting when trying to remove malware: 1147-175591-6550 .

2. If this fails, reboot machine into Safe Mode with networking with a help of F8, launch task manager and stop all 3-letter named processes, also processes named like garbage.

3. Search for malware files on hard disk and delete them, edit registry. You can also use automatic removal program or Spyware Doctor for the last action.

4. Reboot, update your antivirus programs (preferably to internet security versions) and scan again. Make sure you got all the trojans out


Related files: [random].exe

XP Anti-Virus 2011 properties:
• Changes browser settings
• Shows commercial adverts
• Connects itself to the internet
• Stays resident in background

XP Anti-Virus 2011 snapshot:
XP Anti-Virus 2011 removal

Automatic XP Anti-Virus 2011 removal:

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use.
By Downloading any provided Anti-spyware software to remove XP Anti-Virus 2011 you agree to our privacy policy and agreement of use.
remover for XP Anti-Virus 2011
SpyHunter is recommended remover to uninstall XP Anti-Virus 2011. You should confirm using free trial that it detects current version of parasite.

Note: Tested and Confirmed means that we have tested spyware remover with multiple versions of XP Anti-Virus 2011 and got the best results. There might be updated or modified version of particular parasite that require manual killing of parasite process or an update. In such case try other removers in the line.

Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manul removal instructions below.

If you failed to remove XP Anti-Virus 2011 using SpyHunter please report this to us.
Malwarebytes Anti Malware
Download | review
Tested and Confirmed! Malwarebytes Anti Malware removes XP Anti-Virus 2011 (2011-02-22 07:39:40)
STOPzilla
Download | review
Tested and Confirmed! STOPzilla removes XP Anti-Virus 2011 (2011-02-22 07:39:40)
Spyware Doctor
Download | review | tutorial
We are testing Spyware Doctor's efficiency at removing XP Anti-Virus 2011 (2011-08-05 19:45:35)
XoftSpySE Anti Spyware
Download | review

XP Anti-Virus 2011 manual removal:

Kill processes:
[random].exe
HELP:
how to kill malicious processes

Delete registry values:
HKEY_CURRENT_USERSoftwareClasses.exe "(Default)" = 'exefile'
HKEY_CURRENT_USERSoftwareClasses.exe "Content Type" = 'application/x-msdownload'
HKEY_CURRENT_USERSoftwareClasses.exeDefaultIcon "(Default)" = '%1' = '"%UserProfile%Local SettingsApplication Data[random].exe" /START "%1" %*'
HKEY_CURRENT_USERSoftwareClasses.exeshellopencommand "IsolatedCommand" = '"%1" %*'
HKEY_CURRENT_USERSoftwareClasses.exeshellrunascommand "(Default)" = '"%1" %*'
HKEY_CURRENT_USERSoftwareClasses.exeshellrunascommand "IsolatedCommand" = '"%1" %*'
HKEY_CURRENT_USERSoftwareClassesexefile "(Default)" = 'Application'
HKEY_CURRENT_USERSoftwareClassesexefile "Content Type" = 'application/x-msdownload'
HKEY_CURRENT_USERSoftwareClassesexefileDefaultIcon "(Default)" = '%1'
HKEY_CURRENT_USERSoftwareClassesexefileshellopencommand "(Default)" = '"%UserProfile%Local SettingsApplication Data[random].exe" /START "%1" %*'
HKEY_CURRENT_USERSoftwareClassesexefileshellopencommand "IsolatedCommand" = '"%1" %*'
HKEY_CURRENT_USERSoftwareClassesexefileshellrunascommand "(Default)" = '"%1" %*'
HKEY_CURRENT_USERSoftwareClassesexefileshellrunascommand "IsolatedCommand" - '"%1" %*'
HKEY_CLASSES_ROOT.exeDefaultIcon "(Default)" = '%1'
HKEY_CLASSES_ROOT.exeshellopencommand "(Default)" = '"%UserProfile%Local SettingsApplication Data[random].exe" /START "%1" %*'
HKEY_CLASSES_ROOT.exeshellopencommand "IsolatedCommand" = '"%1" %*'
HKEY_CLASSES_ROOT.exeshellrunascommand "(Default)" = '"%1" %*'
HKEY_CLASSES_ROOT.exeshellrunascommand "IsolatedCommand" = '"%1" %*'
HKEY_CLASSES_ROOTexefile "Content Type" = 'application/x-msdownload'
HKEY_CLASSES_ROOTexefileshellopencommand "IsolatedCommand" = '"%1" %*'
HKEY_CLASSES_ROOTexefileshellrunascommand "IsolatedCommand" = '"%1" %*'
HKEY_CLASSES_ROOTexefileshellopencommand "(Default)" = '"%UserProfile%Local SettingsApplication Data.exe" /START "%1" %*'
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellopencommand "(Default)" = '"%UserProfile%Local SettingsApplication Data[random].exe" /START "C:Program FilesMozilla Firefoxfirefox.exe"'
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellsafemodecommand "(Default)" = '"%UserProfile%Local SettingsApplication Data[random].exe" /START "C:Program FilesMozilla Firefoxfirefox.exe" -safe-mode'
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetIEXPLORE.EXEshellopencommand "(Default)" = '"%UserProfile%Local SettingsApplication Data[random].exe" /START "C:Program FilesInternet Exploreriexplore.exe"'
HELP:
how to remove registry entries

Delete files:
[random].exe
HELP:
how to remove harmful files

Delete directories:
%AppData%[random]
%AllUsersProfile%[random]
%Temp%[random]
Phone Support to remove XP Anti-Virus 2011
Phone Support to remove XP Anti-Virus 2011

QR code for XP Anti-Virus 2011 removal instructions:

XP Anti-Virus 2011 qrcode
QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.

The reason we add QR code to the website is that parasites like XP Anti-Virus 2011 are really hard to remove on infected computer. you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall XP Anti-Virus 2011 right in your pocket.

Simply use the QR scanner and read removal instructions from mobile device.

SYMPTOMS OF rogue antispyware INFECTION

Rogue AntiSpyware virus enters your PC without your consent or using some sort of social engineering trick. Fake scanner pages, malicious mail attachments or system vulnerabilities are often used. 

Virus has a single goal: to gain money. Like other rogue anti-spyware applications, it will try to convince you that your system is infected with multiple parasites: trojans, adware, or other rogues. Typically, rogues do not provide enough detail about infections detected or show fake results. Rogue anti-spyware like XP Anti-Virus 2011 will not clean any actual infections for free.

Most of the parasites of this type do not have parasite detection engine thus every warning they show is a random one. If you see persistent popups or alerts, you can safely discard them. 

You should never pay for Rogue Anti-spyware application like XP Anti-Virus 2011 as it funds development of other computer parasites.

Information added: 2011-02-22 07:39:40
Information updated: 2011-08-05 17:08:20

Additional resources:

Attention: If you know know a reputable website reated to security threats, please add a link here: add url
more resources
0
0
babu
great solution ra
2011 04 08
0
0
Dz4/12/11
Thanks. It helped me a lot.
2011 04 13
0
0
saby
I found that the executable that was triggering the xp antivirus 2011 pop-ups are epy.exe . I opened registry (by putting regedit in the "Run"), searched for epy.exe and removed all the entries. I found 4-6 entries. After that I do not have the menace in my laptop.
The people who create such malicious program are mentally sick.
2011 04 28
0
0
CAT
This junk got into my computer and would not let me run my virus scan or malwarebytes program. It then locked me out of my computer altogether. I am having my windows XP reinstalled as I write this on my desk top. I have had flashing warnings and popups on this desk top about the same virus. I guess it got into both of them. I was searching google for images of tropical pictures to use for my photo site when it showed up on one. I was searching for step by step instructions on google on how to highlight hair and then it popped up on this one. Darn this sucks. It is not that easy to just get rid of. I also did not buy the program that it was trying to get me to do. I ran my virus and malware just before it locked me up and it said all was fine.
2011 05 04
0
0
Hallie
Thats way the betsest answer so far!
2011 05 07
0
0
Joe
I had this virus on Windows XP and did the following to get rid of it:

1. Start - Run - Type "Regedit"
2. "Edit" - "Find" (search for the 3 letter random exe file)
3. Delete every entry that had the 3 letters and ".exe"
4. Example mine was "ipk.exe" so I deleted all that had that in the string. there were about 5-6 entries.
5. Download "MalwareBytes" and run a Full Scan (TWICE).
6. One scan will removed the virus code, but it will try to come back.
7. Run again until its clean.

Note: It could take hours to run
2011 05 13
0
0
dchappell128
Wow i was worried i wouldnt be able to sort this out, thanks alot man. Just one thing, should I buy some antivirus now?
2011 05 14
0
0
Shanique B.
Thank you guys SO much! I thought for sure my laptop was a goner!
2011 05 16
0
0
merckz
this definitely saved my hubbys computer! awesome, u guys!
2011 05 16
0
0
Catherine
Thank you , Thank you, Thank you!!!!!! Its good to know there are good people out there like you!!!!!!!!!
2011 05 28
0
0
Goutham
wowww.... Thank u so much ...... Its help me like awesome
2011 05 30
0
0
lawrence
Put the reg key no in as printed above and hopefully has solved problem
Thank You
2011 05 30
0
0
simon
I think i have got rid of this sick virus as far as i can see but has certenly left its mark. Most of my programs wont run, windos media, word etc, when i try to open such programs an "open with" box pops up but that dont work either.
Thought i would try a system restore but it seems to have disabled the restore wizard, or is there another way?
Thanking you in advance
Simon
2011 05 30
0
0
simon
Help how can i do a system restore after this virus, think it has disabled the restore wizard.
2011 05 30
0
0
jim
Thanks much, but if only it were so simple...

Just got hit with this on our Dell today and Ive got hundreds of rkr.exe processes running. Tried running < taskkill /f /im rkr.exe > from cmd without success.

Now the malware doesnt even launch providing the opportunity to enter the reg key provided. Safe mode or not, machine is just hijacked with blank windows flashing. Any thoughts greatly appreciated.
2011 08 05

Post Comment:

Attention: Use this form only if you have additional information about XP Anti-Virus 2011 parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.
Home page Name



«


* All field required
Latest spyware news:
Subscribe to news

Similar parasites:
Compare spyware removers
Compare free products

HijackThis Log Analyzer Beta 2 HijackThis Log Analyzer Beta 2

I failed to remove XP Anti-Virus 2011 using SpyHunter.

Email


Close

Spreading the knowledge:

It is very hard to fight Computer parasites alone in internet space. If you have a website we would be more than happy if you would help us to spread the knowledge about latest threats. You can help your visitors to manage their Computer system manually without aditional expences. Knowledge is the power, we just need to spread it.
add text box
rss feed
help other
Latest Spyware Threats: Smart Data Recovery | Smart Fortress 2012 | Antivirus Protection 2012 | Internet Security | Internet Security 2012 | System Check | Smart HDD | Security Shield
Agreement of Use | Privacy policy | Webmasters | Contact us | RSS Feeds | Follow us | Like us
© 2001-2011 2-spyware.com All Rights Reserved. Reproduction in part or whole without written permission is prohibited. Powered by: eSolutions.