XP Antivirus 2013

XP Antivirus 2013 Description

XP Antivirus 2013 Screenshot 1Rather than waiting for the New Year’s arrival, the criminals who are behind new variants of FakeRean scamware have released their new ‘products early,’ with XP Antivirus 2013 as just one of many examples of fraudulent security software. As a rogue anti-malware program, XP Antivirus 2013 is excellent at displaying realistic-looking and dangerous-sounding malware alerts, but SpywareRemove.com malware researchers have long since confirmed that XP Antivirus 2013 can’t detect or delete real PC threats. Because XP Antivirus 2013 and other members of its family may also be used to attack legitimate security features of Windows, XP Antivirus 2013 should be considered a high-level threat, and deleting XP Antivirus 2013 with an anti-malware program is advisable as soon as you get an opportunity.

XP Antivirus 2013: the Risk That Keeps on Giving in So Many Ways

Contrary to its looks, XP Antivirus 2013 can’t detect malicious software, nor can XP Antivirus 2013 delete malware that’s infecting your computer. However, simulated scans and pop-ups by XP Antivirus 2013 attempt to show otherwise, with a colorful assortment of fake alerts and infection warnings that fake the identification of spyware and other high-level PC threats.

» Learn more about SpyHunter's Spyware Detection Tool
and steps to uninstall SpyHunter.

SpywareRemove.com malware experts encourage total disregard to XP Antivirus 2013’s histrionic fake alerts, which can cause you to damage your PC if you follow their advice. Likewise, purchasing XP Antivirus 2013 should never be considered a viable solution to any computers problems.

While XP Antivirus 2013 and other members of the FakeXPA family of fake anti-malware scanners are best known for their misleading security information, XP Antivirus 2013 may also indulge in other attacks. SpywareRemove.com malware experts have noted some of the most dangerous below:
  • XP Antivirus 2013 may disable basic Windows features such as its automatic update, firewall or Security Center.
  • XP Antivirus 2013 may block websites from your browser; these blocks can be accompanied by fake ‘dangerous website’ warnings.
  • Unrelated programs that aren’t disabled via the Registry may be blocked by XP Antivirus 2013 through separate means. Like the aforementioned browser attacks, SpywareRemove.com malware researchers note that, in this case, XP Antivirus 2013 will try to imply that the target is infected, damaged or otherwise dangerous – thus justifying why XP Antivirus 2013 is blocking it.

Staying a Leap Ahead of Next Year’s Digital Con Game

As much as XP Antivirus 2013 looks like an anti-malware product, XP Antivirus 2013 doesn’t have any legitimate features for your benefit and its requests for purchase should always be ignored. If possible, launching anti-malware software that can delete XP Antivirus 2013 should be a simple solution to any XP Antivirus 2013 infection. If XP Antivirus 2013 blocks the software that could remove it, disabling XP Antivirus 2013 (by Safe Mode or other means) can be considered as a preliminary step.

XP Antivirus 2013’s family, FakeRean, includes many members, although some are more distinctly-related to XP Antivirus 2013 than others. Close relatives of XP Antivirus 2013 that SpywareRemove.com malware analysts have found to be active as of the time of this writing include Nortel Antivirus, Personal Security, MaCatte Antivirus 2009, E-Set Antivirus 2011, Earth Antivirus, Antivir, XP Antivirus 2010, XP Antivirus 2012, Anti-Virus Professional, Alpha Antivirus, Cyber Security, AntivirusBEST, AVG Antivirus 2011, Antivirus 7, Ghost Antivirus, Antivirus 360, Antivirus 8, Personal Security Pro, Eco Antivirus, Antivirus GT, Antivirus 2010 and Antivirus 2009.

Infections by XP Antivirus 2013 can be precipitated by Trojan downloaders from a range of different families as well as by drive-by-download exploits that are associated with commercially-distributed exploit kits (Blackhole Exploit Kit, etc).

XP Antivirus 2013 Automatic Detection Tool (Recommended)

Is your PC infected with XP Antivirus 2013? To safely & quickly detect XP Antivirus 2013 we highly recommend you run the malware scanner listed below.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
  • The following files were created in the system:
    # File Name
    1 %AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS].exe
    2 %CommonAppData%\[RANDOM CHARACTERS].exe
    3 %LocalAppData%\[RANDOM CHARACTERS].exe
    4 %Temp%\[RANDOM CHARACTERS].exe

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
  • The following newly produced Registry Values are:
    HKEY..\..\{Value}HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*HKEY_CLASSES_ROOT\ah\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*HKEY_CURRENT_USER\Software\Classes\ "(Default)" = 'Application'HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = ''HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*HKEY_CURRENT_USER\Software\Classes\\DefaultIcon "(Default)" = '%1'HKEY_CURRENT_USER\Software\Classes\\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = ""%LocalAppData%\.exe -a "C:\Program Files\Mozilla Firefox\firefox.exe""HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = ""%LocalAppData%\.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode"HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = ""%LocalAppData%\.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe""HKEY..\..\..\..{Subkeys}HKEY_CLASSES_ROOT\ah\shell\open\command "IsolatedCommand"

Additional Information

  • The following messages's were detected:
    # Message
    1Malware intrusion!
    Sensitive areas of your system ware found to be under attack. Spy software attack or virus infection possible. Prevent further damage or your private data will get stolen. Run an anti-spyware scan now. Click here to start.
    2Privacy alert!
    Rogue malware detected in your system. Data leaks and system damage are possible. Click here for a free security scan and spyware deletion.
    3Security Breach!
    Beware! Spyware infection was found. Your system security is at risk. Private information may get stolen, and your PC activity may get monitored. Click for and anti-spyware scan.
    4System danger!
    Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working in the background right now. Perform an in-depth scan and removal now, click here.
    5Virus infection!
    System security was found to be compromised. Your computer is now infected. Attention, irreversible system changes may occur. Private data may get stolen. Click here now for an instant anti-virus scan.
Posted: October 1, 2012 | By
Rate this article:
1 Star2 Stars3 Stars4 Stars5 Stars (10 votes, average: 3.70 out of 5)
Loading ... Loading ...
Threat Metric
Threat Level: 10/10
Detection Count: 37


Leave a Reply

What is 10 + 14 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)