How to Remove ‘XP Antivirus 2012’ Malware

XP Antivirus is a fake antivirus software which infects your system. It shows fake warnings about your system security level being low. If you scan your system using it, it will show you false reports of viruses found on your computer. This is just another malicious program which intends to fooling you into paying for bogus antivirus. It infects your computer in such a way, that whenever you run a program, XP Antivirus 2012 pops up and starts showing various fake warnings. You can remove ‘XP Antivirus 2012’ from your system using the following instructions :

Remove XP Antivirus 2012

  1. Restart your computer in the Safe Mode with Networking. To do so, power on your computer and keep hitting F8 key until you see the Windows Advanced Options Menu. Use the up-down arrows keys on your keyboard to highlight Safe Mode with Networking and press Enter.

    Remove XP Antivirus 2012

    If your computer can only boot in the Normal mode and not in the Safe mode, then download winsafeboot.zip. Extract the contents to a folder and run the REG file corresponding to your Windows version. Click Yes when asked and restart your computer.

  2. After booting into the Safe Mode with Networking, follow the instructions on this page to restore EXE associations in Windows. Typically, you would download restore_exe_association.com and run it.
  3. Now open your browser from the desktop shortcut, do not open it from the Start Menu. Then download Malwarebyte’s Anti-Malware from mbam-setup.exe. Double-click on mbam-setup.exe to run the setup and install Malwarebytes’ Anti-Malware (MBAM) on your computer. Choose to update and launch when asked. The update would take some time in downloading the latest malware database from the MBAM servers.

    Malwarebytes' Anti-Malware

  4. After the update is complete, the main window of the MBAM would open. Choose Perform quick scan and click on the Scan button as shown.

    Remove XP Antivirus 2012

  5. The scan would run for some time. After the scan is complete you would see the ‘XP Antivirus 2012’ infected items in the detected malware list. MBAM detects it as Trojan.ExeShell.Gen. The entries would be pre-selected for removal. Click on the Remove Selected to start the removal process.

    Remove XP Antivirus 2012

  6. You would be asked to restart your computer for complete removal. Click on the Yes button to restart your computer.

    Remove XP Antivirus 2012

    This time start the computer in the Normal mode (just do not hit any F8 key). Upon restart the ‘XP Antivirus 2012′ malware should be gone. You should also perform a complete scan using the Malwarebytes’ Anti-Malware and ESET Online Scanner to get rid of any other malware possibly infesting your computer.