Description of XP Security 2011 consequences of its residing on your PC
Windows users have got a new group of counterfeits targeting computers on version specific basis. Remove XP Security 2011 (XPSecurity 2011) as the adware that belongs to the group of clones targeting Windows XP (even if found on other Windows versions). This infection substitutes program of almost the same name, XP Security 2010. However, there are also certain changes in its appearance, as well as extended number of tricks are applied to drop the rogue. Hence the conclusion is that both programs, being very similar, are different enough to be considered as different programs, though their names and program codes and spreading techniques are very similar. Remover for XPSecurity 2011 is available here.
XP Security 2011 Technical Details
- Full name: XP Security 2011, XPSecurity 2011, XPSecurity2011
- Version: 2011
- Type: Rogue anti-spyware
- Origin: Russian federation
Signs of being infected with XP Security 2011:
If your Windows has downloaded updates for its security without your agreement, and the update is XPSecurity 2011, that is a sure sign of infection. Get rid of XP Security 2011 at the earliest opportunity as the pretended update displays the following behaviors.
– it prevents executables from launching. Fortunately, it does not block every attempt and therefore you can use Antimalware solution to dispose of the rogue.
– it registers legitimate files with its virus summary list indicating the path. This lures user into corrupting legit entries with their own hands.
– the adware also tries to block removal-tool.com and other reliable websites providing relevant removal tips for users interested in deleting the counterfeit. How to end the adware processes is explained in the section below that provides manual instruction. This also unblocks web-browser so that you will be able to browse pages of your choice without any restrictions.
You can click here to instantly launch free scan and extermination of detected parasites.
Automatic Removal of XP Security 2011 from your PC:
Remove XP Security 2011 as another name for Windows Update counterfeits. Automated solution will also take due care of excluding the risk of infection re-introduction, as well as of virus, trojans etc. detected by free scanner.
Manual Removal of XP Security 2011:
Regardless of the rogue antispyware you re dealings with, if you are going to perform its manual removal, reboot in Safe Mode to your own benefits before proceeding with its entries deletion.
Termination of malicious process run by the adware is a prerequisite of XP Security 2011 deletion as exe file with active process cannot be deleted due to system restrictions. If the process is idle, you will find no entries bearing the name of exe files specified below in the Task Manger’s Process tab. If any matching found, end the process clicking relevant button.
Remove XP Security 2011 files and dll’s:
%UserProfile%\Local Settings\Application Data\opRSK
%UserProfile%\Local Settings\Application Data\pw.exe
%UserProfile%\Local Settings\Application Data\MSASCui.exe
Unregister XP Security 2011 registry values:
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1″ %*
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1″ %*
HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1″ %*
HKEY_CLASSES_ROOT\pezfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1″ %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “C:\Program Files\Internet Explorer\iexplore.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = “1″
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirewallOverride” = “1″