XP AntiSpyware 2011

To remove XP AntiSpyware 2011 from an infected computer, all you need is a good anti-malware program. Get the free removal tool and follow the guide on this page to take out the rogue program instantly.

XP AntiSpyware 2011 is a misleading security software. A program aims to trick computer users with fake alerts and warning messages. It may get into the system without users knowledge by means of a Trojan. The Trojan is able to evade your antivirus program with its own sophisticated method. Security experts are calling this skill as rootkit technique.

Coming from the same family as Vista AntiSpyware 2011 and Win 7 AntiSpyware 2011, they share the same design. What separates them from one another is their title. These rogue programs will tweak Windows registry to place itself on the start-up items. To gain full control over the system, XP Anti-Spyware 2011 loads its module right after Windows starts. Once loaded, it has the power to block your software, particularly antivirus program.

Remove XP Anti-Spyware 2011 and if you want to stop any fault from your system. This fake AV software is the culprit for system’s misbehavior. The main objective of rogue software is to provide false data regarding computer’s security status. It will try to force users into obtaining the full version of the program. Showing misleading alerts and fabricated scan results is one tactic it will use to deceive victims. The only way to get rid of XP Anti-Spyware 2011 from the PC is to scan it with real security program. It is best to use anti-malware software as stated below.

Screenshot Image:

Technical Details and Additional Information:

Alias: Vista Antispyware 2011, Win 7 Antispyware 2011

Damage Level: Medium

Systems Affected: Windows XP

Malware Behavior
While XP AntiSpyware 2011 is present on the computer, it will produce too much fake security warnings. This is its own method of pushing user to purchase the licensed version of the software. Some of the fake messages may have these contents:

System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working the background right now. Perform an in-depth scan and removal now, click here.

Stealth intrusion!
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.

Moreover, system tray firewall alert is also used to mislead victims into thinking that PC is under virus attack. It states that Internet browser program is infected with a Trojan. It requires immediate activation of XP AntiSpyware 2011.

Fake warning

How to Remove XP AntiSpyware 2011

Manual Removal Procedure

1. Press Ctrl+Alt+Del on keyboard to stop the process associated to "XP Anti-Spyware 2011". When Windows Task Manager opens, go to Processes tab. Find and end this process.
(random characters).exe

2. You need to update your installed antivirus software. Please connect to the Internet and download the most recent database. This is a one-click process from your AV program’s console.

3. Thoroughly scan the computer and remove any threats found by your antivirus program. If delete option is not available, your best next choice is to quarantine the infected file. There is also a need to manually locate and delete malicious files. Please see the file section for items that are relevant to XP Anti-Spyware 2011.

4. Next, you need to remove registry entries created by XP Anti-Spyware 2011. Please refer to registry section to view entries related to the rogue program.
- (Windows 2000/XP) Go to Start > Run, type "regedit" on dialog box then press Enter on keyboard.
- (Windows Vista/7) Go to Start > Search Program and Files, type "regedit" and press Enter.

5. Exit registry editor when you are done.

6. Get rid of XP Anti-Spyware 2011 start-up entry by going to Start > Run, type msconfig on the "Open" dialog box. It will launch a new window containing System Configuration Utility. Click on the Startup tab and uncheck the following item.
(random characters).exe

7. Click Apply. You need to restart the computer.

XP Anti-Spyware 2011 Removal Tool

In order to remove the threat completely, you need to download and run Malwarebytes Anti-Malware. This is a free malware removal tool. If Trojan infection blocks the downloading of this program, get it using a clean computer. Rename the executable file before executing on the infected PC.

Using AntiSpyware:
To thoroughly remove the virus, it is best to do a separate scan of another security program so that other infected files not detected by anti-virus application can be remove as well. Download and run AntiSpyware Portable Scanner from this link.

Alternative Removal Method for XP AntiSpyware 2011

Option 1 : Use Windows System Restore to return Windows to previous state

If XP AntiSpyware 2011 enters the computer, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. The method also replaces compromised files with a clean version. If you have a saved restore point before XP AntiSpyware 2011 infiltrates the PC, we highly encourage you to execute this procedure if none of the above works. You may proceed with Windows System Restore, click here to see the full procedure.

Option 2 : XP AntiSpyware 2011 manual uninstall guide

IMPORTANT! Manual removal of XP AntiSpyware 2011 requires technical skills. Deleting system files and registry entries by mistake may result to total disability of Windows system. We advise you to perform a backup of registry before proceeding with this guide.

1. Kill any running process that belongs to XP AntiSpyware 2011.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for XP AntiSpyware 2011 files (refer to Technical Reference) and click End Process.

End Task

2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit and press Enter. This will open registry editor.
- Find and delete registry entries as mentioned in Technical Reference section below.
- Close registry editor. Changes made will be save automatically.

Run Regedit

3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.

4. Delete all files dropped by XP AntiSpyware 2011.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Technical Reference'. Make sure that you execute 'End Task' first before deleting the file. Otherwise, the system will not let you perform this action.

Associated Files and Folders:Added Registry Entries:

7 Responses

  1. Mark says:

    I think the virus may be disabled, but my apps will not run. Like cmd.exe

  2. Mike says:

    Mark, there is a registry fix for that on bleepingcomputer . com


    Scan down the page for FixNCR.reg download it to another computer if you have to and run it on the infected computer. It will solve the problem. I had the same problem last month.

  3. Troy says:

    I paid for the software how do I go about getting a refund I had a professional fix it.

  4. Ryan B says:

    I too have Windows XP and got the XP Anti Spyware Virus. This is what worked for me:

    I used a free program called Super Anti Spyware. I have used it previously, and it effectively removed the Windows Repair virus when Malwarebytes could not. It’s totally free and it continues to rock my socks off! Go to “http://www.superantispyware.com/” and download the free edition and then transfer it to your infected computer using a cd or usb drive.

    Also, in order to fix the EXE problem where programs won’t load because of a broken file association, I visited “http :// www . pcreview.co.uk/forums/exe-files-wont-open-t532346.html” and followed Venkatesh’s link “http :// www . dougknox.com/xp/fileassoc/xp_exe_fix.zip”. Inside the zip folder, I found a reg file, which I transferred via usb/ cd, then simply double clicked, and pressed “okay”.

    Abracadabra, my computer was fixed! Hope this works for you too!

    PS. I was able to open Superantispyware and after a couple of scans and quarantines remove the virus completely. Then I used the reg file. If doing them in this order does not work, you might try the reverse (Use reg file first, then wipe out the virus with SuperAntiSpyware).

    PS.S. Make sure to update SuperAntiSpyware, if possible, before scanning. And continue to scan until nothing else needs to be removed.

  5. Scott says:

    Ryan B,

    Thanks, I downloaded that zip file and I think I got the malware off my computer.

    Thanks again bro!

  6. Kyle says:

    For good measure, right now am running SuperAntiSpyware free, Malwarebytes, and Microsoft Security Essentials, all at once. Although Malwarebytes is very good software, SAS has already found 489 adware threats in my files that the other two overlooked. Very surprised! Remains to be see what will happen when they all finish scanning, and hopefully SAS will allow me to remove the bad stuff when all is said and done. Before I download anything to my PC (and I mean ANYTHING), I thoroughly peruse all the reviews from all the safe sites, and then proceed accordingly. So far so good. When the XP Recovery rogue spyware infected my PC last week out of the blue, MES failed to stop it the first time around. Disappointing…afterwards, however, it quarantined three Trojans that were introduced by XP Recovery. Can’t understand why it didn’t stop it the first time around. Why is XP Recovery legal? Whoever manufactured that program should be penalyzed, then fined, and then thrown in jail. It is miserable! Anyway, I best wishes to anyone struggling with XPR, you have my full sympathy. Take care.

  7. Mark Sara says:

    I really like this web, I learned a lot, thanks.

Leave a Reply

Your email address will not be published. Required fields are marked *