XP AntiMalware 2011 (sometimes XP antiMalware) is windows XP specific version of fake antivirus that changes names from AntiMalware to AntiSpyware, Security, Guard or Internet Security. This antivirus is distributed by using fake Microsoft Security Update which “upgrades” the security software on XP, but in fact takes over control of PC.
After installation, each program you launch result in launching a file pw.exe – a fake XP antimalware 2011 scanner. It will state that that file is infected and suggests running a system scan. System scan will detect more “infections” and try to convince you into paying for full version of this malware. I strongly recommend not paying for this XP Antimalware. You should contact your bank if you did and change your credit card.
Single files you can launch are internet explorer and firefox browsers. These files are not stopped on startup, but all transfers and browsing is controlled by XP antimalware program. This means that if you visit antivirus sites (and some other random sites), this fake antivirus will show warning about infections and stop from browsing further.
All the time you are bombarded by various system alerts that try to convince you that you are attacked by malware or hackers. These alerts look like this:
Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card details and passwords. Click here to perform a security repair.
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.
You can ignore these warnings, as there are no additional attacks except XP Antimalware itself. This fake antivirus should be removed as soon as possible from the PC
How to remove XP Antimalware 2011
Research Siri posted that XP Antimalware 2011 and related parasites can be removed using key 1145-17884799-7733. This key might work for all parasites of this family. You might need to enter order number, though: 21197673, and do not forget to scan with spyhunter. This keys are only for rogue itself, and not for trojans responsible for infection.
To remove XP Antimalware 2011 you will need another PC, as removing it from safe mode with networking will not work in most of the cases.
a) Burn these programs to CD or write them to USB disk. You can use your MP3 player, or smartphone if it has storage functions. This parasite does not spread through USB at the moment:
- Spyware Doctor ( https://www.2-viruses.com/spdoc.exe )
- Registry fix : https://www.2-viruses.com/wp-content/uploads/exeregfix.reg to restore normal execution of registry
- You might want to download Hitman Pro or Malwarebytes as alternate scanners. Though you are likely to be able to download them later on.
b). Boot normally. wait for XP AntiMalware 2011 to launch, and run exeregfix.reg . This should allow launching legitimate programs
c) Delete or remove the files that are mentioned in our files box. You can use spyhunter to identify the infected files and additional infections. Do not forget update it before scanning. Remove what it finds.
d) Scan with spyhunter and secondary tools and reboot your PC. This should fully get rid of XP Antimalware 2011.
In some cases virus mutates and you can not perform some part of these instructions. In such cases we recommend trying scans from within safe mode, or doing Alternate OS scans by tools from one of antivirus program makers, for example this : http://pctools.com/aoss
I strongly recommend installing legitimate internet security suites and/or purchasing full versions of spyhunter or malwarebytes anti-malware or other good antimalware tools to warn and prevent such infections in the future.
Automatic Malware removal tools