XP Security Tool 2011 is a new version of another “famous” rogue anti-spyware XP Security Tool 2010. Just like earlier released program, this one is not much different because it also tries to cheat unaware PC users by reporting made-up computer parasites and then pushing them to install paid commercial version by promising that it will remove everything. However, all this is done to swindle the money because XP Security Tool 2011 is useless and has no capabilities to find or remove any kind of virus. Besides, the ones that are usually detected by this scam are nothing but harmless system files.
It’s a pretty common thing for rogue anti-spywares like XP Security Tool 2011 to use security vulnerabilities in order to get inside the system. All this is done without user’s permission through Trojans viruses and that’s exactly how XP Security Tool 2011 tends to infiltrate one’s computer. Another way of its intrusion is trough fake virus scanner domains – after it offers to run unpaid system scan, computers browser gets hijacked by associated Trojans that later will download XP Security Tool 2011.
No matter how you catch XP Security Tool 2011, when inside a PC and running, it will configure your system to show numerous popup ads that tell about “dangerous” infections detected. Additionally, malware will run its fake system scanners each time you reboot your PC to make you sure that computer is under the great trouble.
However, both pop up ads and scanners tend to report invented viruses what means that you have nothing to worry about. The only thing which should make you concerned is XP Security Tool 2011 which may let the scammers reach your personal information if left inside it. So, undoubtedly you should remove XP Security Tool 2011 as quickly as possible. Besides, XP Security Tool 2011 may disable you from the Internet, so if you find yourself in such situation, follow this guide:
XP Security Tool 2011 removal guide:
To remove XP Security Tool 2011 you will need to download and burn into cd several programs on clean PC or Alternate OS scaner. Here instructions:
a) Burn these programs to CD or write them to USB disk (you can use an MP3 player):
- Spyware Doctor ( https://www.2-viruses.com/spdoc.exe )
- Registry fix : https://www.2-viruses.com/wp-content/uploads/exeregfix.reg to restore normal execution of registry
- You might want to download Hitman Pro or Malwarebytes as alternate scanners. Though you are likely to be able to download them later on.
b) Boot normally. Wait for XP Security Tool 2011 to launch, and run exeregfix.reg . This should allow launching legitimate programs
c) Delete or remove the files that are mentioned in our files box. You can use spyhunter to identify the infected files and additional infections. Do not forget update it before scanning. Remove what it finds.
d) Scan with spyhunter and secondary tools and reboot your PC. This should fully get rid of XP Security Tool 2011.
In some cases virus mutates and you cannot perform some part of these instructions. In such cases we recommend trying scans from within safe mode, or doing Alternate OS scans by tools from one of antivirus program makers, for example this : http://pctools.com/aoss
UPDATE!!!! According to one of malware researchers, S!Ri, you can disable programs hailing from this huge family of malwares by entering this serial code: 1145-17884799-7733 . After some our research, it seems like this key and order number 21197673 should also work for other versions of malwares that change their names according to OS. However, these numbers are expected to change in the near future. After typing them, you should become able to use your anti-spyware, if it fails follow the guide written below.
Automatic Malware removal tools
(Win)
Note: Spyhunter trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions,
(Mac)
Note: Combo Cleaner trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions, Refund Policy ,
I recently had a user logged on WITHOUT administrative (but with poweruser) privileges get infected. The malware only affected his logon profile and other users were able to log in using their profiles without experiencing the problem. When logged on remotely as administrator, I ran Malwarebytes, SpybotS&D, Spyware Hunter, NOD-32 and a couple of others with no problems and none of them found System Tool 2011, which indicates System Tool 2011 did not get into the registry.
But when I logged on as the user with the infected profile, none of the programs would run and I couldn’t find the source of the infection. Any suggestions? I took the computer offline and won’t be able to get to it physically for a couple of days.
kearney bothwell: First, did you do FULL scan with all these tools?
Second when you log in with different user, PC loads only global registry and belonging to particular user. Other user specific registry is not checked. Additionally, if you scanned and the files haven’t been detected, then they weren’t cleaned.
So, I am certain that other user accounts are still infected or the registry is heavily messed up.
I have seen an influx of XP users get this in the last 2 weeks. First a family friend had the pop up, clicked on it and got infected.
Next the pop up appeared on my old desktop, rather than click on any button (click on no thanks and I believe it will install) I reset PC, it seemed to stop it taking hold, whilst I ran my anti spyware.
Next my inlaws got it. By downloadind spybot s&d on a usb stick on my laptop, then installing it onto the stick on infected PC it was removed, but before that it was blocking any activity, no web pages or security software would run.
This site was a help in ridding it. Make sure you have some anti spyware software installed, not just antivirus, and keeping a version installed on an external device may be a good idea if you don’t have a second pc.