Severity scale:  

XP Security 2011. How to remove? (Uninstall guide)

removal by Jake Doevan - -   Also known as XPSecurity2011 | Type: Rogue Antispyware

XP Security 2011 is another way created by fraudulent cyber community to deceive PC users into wasting their money. Besides, because this program is categorized as rogue anti-spyware, people are also tricked into infecting their computers if they run Windows XP. XP Security 2011 is a successor of the very similar programs called XP Internet Security 2010 or recently released Win 7 Internet Security 2011. XP Security 2011 spreads its freeware executables through a fake online scanning sites and misleading pop-up ads that can be randomly displayed when you browse on the web.

Once XP Security 2011 finds itself in your computer, it quickly modifies the registry and invents a number of files so that it could later find them as infections. Additionally, OS gets paralyzed and malware starts disturbing the victim with its fabricated scanners and intensely streamed misleading popup ads. The above alerts tell you that your system is in great danger because it’s being attacked by some extremely dangerous viruses, trojans, keyloggers and additional malware. These alerts say:

System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working the background right now. Perform an in-depth scan and removal now, click here.
System Hijack!
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan.

The only reason why XP Security 2011 plays all this tricky game by reporting imaginary infections is to make you concerned about the status of your computer security. Having fallen in this campaign, XP Security 2011 malware asks to make a purchase of its registered version if you want to save your PC. Now it should be clear that you must avoid this trickery and don’t purchase it. Don’t believe its ads and remove XP Security 2011 from your computer.

UPDATE!!! One of PC security bloggers, S!Ri, has announced about a serial code that may help you to disable those malwares like XP Security 2011 that change their names according to OS they find. Enter this serial code when doing registration: 1145-17884799-7733. This and the order number 21197673 should also work for earlier versions of this type of parasite. After typing them, you should become able to use your anti-spyware, if it fails follow the guide written below. Be aware that these numbers are expected to change in the near future!

To remove XP Security 2011 you will need another PC, as removing it from safe mode with networking will not work in most of the cases.

a) Burn these programs to CD or write them to USB disk. You can use your MP3 player, or smartphone if it has storage functions. This parasite does not spread through USB at the moment:

1.STOPzilla or an automatic removal tool below. Update STOPzilla and run a full system scan.

2.You might want to download Hitman Pro or Malwarebytes as alternate scanners. Though you are likely to be able to download them later on.

b) Boot normally. Wait for XP Security 2011 to launch, and run exeregfix.reg . This should allow launching legitimate programs

c) Delete or remove the files that are mentioned in our files box. You can use STOPzilla to identify the infected files and additional infections or automatic XP Security 2011 removal tool. Do not forget update it before scanning. Remove what it finds.

d) Scan with STOPzilla and secondary tools and reboot your PC. This should fully get rid of XP Security 2011.

do it now!
Reimage (remover) Happiness
Reimage (remover) Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to remove virus damage. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.
Alternative Software
Different security software includes different virus database. If you didn’t succeed in finding malware with Reimage, try running alternative scan with SpyHunter.
Alternative Software
Different security software includes different virus database. If you didn’t succeed in finding malware with Reimage, try running alternative scan with Combo Cleaner.

About the author

Jake Doevan
Jake Doevan - Computer technology expert

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Jake Doevan
About the company Esolutions

  1. Guest says:
    February 18th, 2011 at 1:02 pm

    mine shows up as drw.exe

  2. Guest says:
    March 8th, 2011 at 5:03 pm

    mine showed at grt.exe

  3. Guest says:
    March 15th, 2011 at 12:03 pm

    mine shows up as fbb.exe

  4. Guest says:
    March 15th, 2011 at 2:03 pm

    mine turned out to be lsd.exe

  5. Guest says:
    March 25th, 2011 at 4:03 pm

    Mine shows as jbn.exe

  6. nmj says:
    March 25th, 2011 at 4:03 pm

    This appeared on a staff system as jbn.exe

  7. jcmj says:
    March 26th, 2011 at 1:03 am

    Mine was avc.exe

  8. Guest says:
    April 2nd, 2011 at 5:04 am

    Mine was also jbn.exe

  9. Guest says:
    April 2nd, 2011 at 1:04 pm

    mine was lar.exe.
    Could not run regedit or cmd from start/run.
    Had to create a .bat file with regedit inside and double click it.
    Once regedit opens, it's pretty simple.
    Just search for lar.exe (or whatever it is in your case) and remove all of them.

  10. Guest says:
    April 3rd, 2011 at 2:04 pm

    did a system restore fixed issue! this pcdoctor crap ia bullshit wants money like the rest nothing for free!

  11. Guest says:
    April 3rd, 2011 at 2:04 pm

    I logged onto a different account on the PC, then ran system restore. things are looking fine now.

  12. Guest says:
    April 3rd, 2011 at 2:04 pm

    does not work this way any longer tryed failes to launch the file spyware that was downloaded to a usb card. also no longer allows you on the web.

  13. Guest says:
    April 4th, 2011 at 7:04 am

    The code I just used was 1147-175591-6550 it works i.e the xp security 2011 goes through the removing sequence. I can use my internet explorer once again, however I cannot download any malware software, or even access system restore or add remove programs!

  14. Guest says:
    April 4th, 2011 at 12:04 pm

    thanks, the code is working

  15. Guest says:
    April 5th, 2011 at 11:04 pm

    Thank you for the .bat advice
    All solved. Mine was named jyn.exe

  16. Cheda says:
    April 6th, 2011 at 4:04 am

    To register use : 1145-17884799-7733 or 1147-175591-6550

  17. Bolovanel says:
    April 7th, 2011 at 2:04 pm

    mine was sbg.exe … so .. 3 letters . exe

  18. Rob says:
    April 8th, 2011 at 5:04 am

    Used hitman pro and it removed the problem.
    On my pc it was listed as fpv.exe
    All is well now

  19. joe says:
    April 10th, 2011 at 11:04 am

    on these 3 letter files how do you find and identify them. I have had this once got rid of it and went to reload adobe and it came back stronger neweer version

  20. Michael says:
    April 13th, 2011 at 9:04 pm

    A fellow worker has the file lve.exe and when I follwed these instructions to remove it – it came back stronger just like joe said. This time it even shut down applications that were running.

    Whats frustrating is we were running software that doesnt seem to be able to detect the virus.

  21. Syedz says:
    April 18th, 2011 at 7:04 am

    1147-175591-6550 activation code worked!
    but i cannot remove the program from my computer!
    help plz

  22. Mike says:
    May 9th, 2011 at 3:05 pm

    use the code and use hitman and it removed the problem…yay

  23. Rokon says:
    May 16th, 2011 at 9:05 pm

    Tried to use task manager to end process of all suspected 3 letter.exe file, but it didnt work. Fake warnings still kept appearing and the virus would not allow me to open Malwarebytes Anti-Malware or any other cleaning program. Ran “rkill” application that I obtained for free from to interrupt the process. Only then I was able to run the Malwarebytes Anti-Malware program and rid my computer of the infection. FINALLY! What a relief. I wasted a whole night on this damn virus. Hope this helps you to do it quicker.

  24. ted says:
    May 20th, 2011 at 1:05 pm

    This anti virus took control of my computer. I was finally able to rid my computer of it by loading the XP Windows CD at start up. It want through and corrected my defective registry. Once the computer booted up the virus attempted to come back but I did not select it. I ended it in task manager. Then I loaded my virus protection up dates and the problem want away.

  25. Rebz says:
    May 23rd, 2011 at 4:05 pm

    Well, mine was named blp.exe and it got so annoying at some point but I just did a backup of documents that I needed and made a new account in Windows and then deleted my old one and put the documents back where they were and it seems fine now. Everything works like new.

  26. Meg M says:
    May 25th, 2011 at 12:05 pm

    Thanks for the idea of getting on a different user. From another user I was able to run Malwarebytes and delete the little nastiness. But its left me with a problem. On the original user, any icon I click on – Outlook, Excel, Word it asks me what software I would like to use to open it. It says Error – Application Not Found. Help?

  27. Subhas says:
    June 8th, 2012 at 9:32 pm

    I got this @Miintx3 I got this sucker like a month ago, and it semeed to be a bigger badder version of all versions based on its ability to ignore all removal suggestions (even in safe mode nothing semeed to work). I dont know if what I did work or if If it was just coincidence. But It seems I got rid of it by trying to run Rkill (all 6 different names for it wouldnt launch), then trying to run it in applocale, then the same using malware bytes. If you dont have applocale, again, it may be coincidence.

Your opinion regarding XP Security 2011