XP Anti-virus 2011 is a malicious application. Learn how to remove this virus from your computer with easy to follow procedure on this page.
XP Anti-Virus 2011 or also known as Vista Anti-virus 2011 and Win 7 Anti-virus 2011 is a rogue program that will be installed on multiple operating system. XP Anti-virus 2011 is a variant that will be installed on the system running under Windows XP as detected by the Trojan. It has the capability to gather system’s specifications to match the OS and make itself look like a legitimate application. Regardless of the name, these are all the same program developed to persuade computer users and convince them to buy the licensed version by deceptive means. Either by pop-up alerts or task bar warning messages, XP Anti-virus 2011 will declare that computer is dealing with virus problems and removal must be accomplished using the paid version of XP Anti-virus 2011.
Instead of patronizing this potentially unwanted application, immediately run a full scan of the PC using a legitimate security product. Anti-malware application is known to combat rogue programs like XP Anti-virus 2011. On this page is our suggested removal tool that was tested to remove counterfeit applications. Download, install and update the database before running a full scan on the system. Remove all detected threats and if possible run a scan while the computer is in Safe Mode.
Alias: XP Antivirus 2011, Vista Antivirus 2011, Win 7 Antivirus 2011
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7
Technical Details and Additional Information:
If XP Anti-Virus 2011 is installed, unnecessary fake alerts are demonstrated as an scare tactics to mislead victims. Some of this will contain these messages:
XP Anti-virus 2011 Firewall Alert
XP Anti-virus 2011 has blocked a program from accessing the internet
Internet Explorer is infected with Trojan-BNK.Win32.Keylogger.gen
Private data can be stolen by third parties, including credit card details and passwords.
How to Remove XP Anti-virus 2011
Systematic procedures to get rid of the threat are presented on this section. Make sure to scan the computer with suggested tools and scanners.
Step 1 : Scan the computer with recommended removal tool
1 First thing you should do is reboot the computer in Safe Mode with Networking to avoid XP Anti-virus 2011 from loading at start-up.
NOTE: You will need to PRINT or BOOKMARK this procedure, as we have to restart the computer during the removal process.
Remove all media such as Memory Card, cd, dvd, and USB devices. Then, restart the computer and please do the following:
Boot in Safe Mode on Windows XP, Windows Vista, and Windows 7 system
a Before Windows begins to load, press F8 on your keyboard.
b It will display the Advanced Boot Options menu. Select Safe Mode.
Start computer in Safe Mode using Windows 8 and Windows 10
a Close any running programs on your computer.
b Get ready to Start Windows. On your keyboard, Press and Hold Shift key and then, click on Restart button.
c It will prompt you with options, please click on Troubleshoot icon.
d Under Troubleshoot window, select Advanced Options.
e On next window, click on Startup Settings icon.
f Lastly, click on Restart button on subsequent window.
g When Windows restarts, present startup options with numbers 1 - 9. Select "Enable Safe Mode with Networking" or number 5.
h Windows will now boot on Safe Mode with Networking. Proceed with virus scan as the next step.
2 Download our malware removal tool and save it on your Desktop or any location on your PC.
3 Click on the button to start downloading our recommended anti-virus tool. Save it to an accessible location inside your hard drive or clean USB drive if you are downloading from a different PC.
4 When finished downloading, locate and double-click the file to install the application. Windows' User Account Control will prompt at this point, please click Yes to continue installing the program.
5 Follow the prompts and install as 'default' only. There are no changes needed during the installation process.
6 Malwarebytes Anti-Malware will launch for the first time. It is necessary to proceed with software update.
7 After downloading updates, please click on Scan Now button.
8 The tool willl run Threat Scan to ensure that it thoroughly check the PC for any presence of XP Anti-virus 2011 and other forms of threats.
9 Once the scan has completed, Malwarebytes Anti-Malware will issue a list of identified threats. Mark all threats and click on Quarantine Selected.
10 If it prompts to restart the computer, please reboot Windows.
Step 2 : Ensure that no more files of XP Anti-virus 2011 are left inside the computer
11 Click on the button below to download Norton Power Eraser from official web site. Save it to your desktop or any location of your choice.
12 After downloading, navigate its location and double-click on the NPE.exe file to launch the program.
13 Norton Power Eraser will run. If it prompts for End User License Agreement, please click on Accept to proceed.
14 On NPE main window, click on Advanced Scans. We will attempt to remove "XP Anti-virus 2011" by thoroughly scanning your current operating system.
15 On next window, click System Scan to perform standard scan on your computer.
16 NPE will proceed with the scan. It will search for Trojans, viruses, and malware like XP Anti-virus 2011. This may take some time, depending on the number of files currently stored on the computer.
17 When scan is complete. All detected risks are listed. Click on Fix Now to remove XP Anti-virus 2011 and other known threats. Then, restart Windows if necessary.
Step 3 : Remove the Rootkit Trojan that installs XP Anti-virus 2011
Rootkit Remover is a stand-alone utility developed by McAfee. It can be used to detect and remove rootkit Trojan that is associated with XP Anti-virus 2011. This tool can detect rootkit that is part of ZeroAccess, Necurs, and TDSS family.
18 Download Rootkit Remover and save it to your desktop or any accessible location. Click the button below to begin the download.
19 Locate the file rootkitremover.exe and double-click to run the program.
20 When User Account Control prompts if you want to allow the program to make changes on the computer, please click Yes.
21 Rootkit Remover instantly scans the computer and look for presence of Trojans, viruses, and rootkit that is related to XP Anti-virus 2011 .
22 Once it finishes scanning the computer, the tool will require you to restart Windows.
Alternative Removal Procedures for XP Anti-virus 2011
Use Windows System Restore to return Windows to previous state
During an infection, XP Anti-virus 2011 drops various files and registry entries. The threat intentionally hides system files by setting options in the registry. With these rigid changes, the best solution is to return Windows to previous working state is through System Restore.
To verify if System Restore is active on your computer, please follow the instructions below to access this feature.
Access System Restore on Windows XP, Windows Vista, and Windows 7
a Go to Start Menu, then under 'Run' or 'Search Program and Files field, type rstrui.
b Then, press Enter on the keyboard to open System Restore Settings.
c Windows will display list of saved restore points. Select the most recent one to restore Windows to previous working and clean state.
d It may take some time to fully restore back-up files. Restart Windows when done.
Open System Restore on Windows 8 and Windows 10
a For Windows 8 user, go to Start Search, while on Windows 10, use the Start Menu Search and type rstrui.
b Click on the located program to open System Restore window.
c Windows will display list of saved restore points if it is active. Select the most recent one to restore Windows to previous working and clean state.
d It may take a while to fully restore back-up files. Restart Windows when done.
If previous restore point is saved, you may proceed with Windows System Restore.
Option 2 : XP Anti-virus 2011 manual uninstall guide
IMPORTANT! Manual removal of XP Anti-virus 2011 requires technical skills. Deleting system files and registry entries by mistake may result to total disability of Windows system. We advise you to perform a backup of registry before proceeding with this guide.
1 Kill any running process that belongs to XP Anti-virus 2011.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for XP Anti-virus 2011 files (refer to Technical Reference) and click End Process.
2 Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit and press Enter. This will open registry editor.
- Find and delete registry entries as mentioned in Technical Reference section.
- Close registry editor. Changes made will be saved automatically.
3 Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.
- Thoroughly scan the computer with your updated antivirus software.
4 Delete all files dropped by XP Anti-virus 2011.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Technical Reference'. Make sure that you execute 'End Task' first before deleting the file. Otherwise, the system will not let you perform this action.
File Location for Windows Versions:Added Registry Entries:
- %AllUserProfile% for Vista/7 user is C:\ProgramData while for Windows XP/2000 this is C:\Documents and Settings\All Users\
- %UserProfile% for Vista/7 user is C:\Users\<Current User> for Windows Vista/7, for Windows XP/2000 this is C:\Documents and Settings\<Current User>.
- %AppData% for Vista/7 refers to C:\Users\<Current User>\AppData\Roaming, while for Windows XP/2000 user it is C:\Documents and Settings\<Current User>\Application Data.
- %Temp% refers to C:\Windows\Temp\.
Did XP Anti-virus 2011 blocks your Internet access?
It is usual that rogue program prevents user from downloading removal tools from the Internet. Thus, infected computer may be denied to access the Internet by making changes to computer's proxy, DNS, and Hosts file. To solve Internet connection problem, please see our guide in fixing a virus-blocked Internet access. Also, make sure that your Windows Host File is free from any malicious entries. View steps in cleaning Windows host file.