XP Home Security 2013

Posted: October 2, 2012

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Ranking:	3,587
Threat Level:	1/10
Infected PCs:	7,675

First Seen:	October 2, 2012
Last Seen:	October 16, 2023
OS(es) Affected:	Windows

XP Home Security 2013 is one of the newest editions of FakeRean, a collection of fake anti-malware scanners that block the majority of programs on your PC and display inaccurate malware alerts. XP Home Security 2013 can't detect actual infections but displays fake system scans and pop-up warnings to make it appear as though XP Home Security 2013 can. SpywareRemove.com malware researchers recommend that you disable XP Home Security 2013's startup exploit through methods described in this article and then delete XP Home Security 2013 with any quality anti-malware program, since XP Home Security 2013 is a definitive security risk and doesn't have any positive functions.

How XP Home Security 2013's Idea of Safety Keeps Your Digital Home in Unrest

XP Home Security 2013 uses the skin of an anti-malware program, but this interface, which is common to members of the FakeRean family, is a simple distraction from XP Home Security 2013's actual functions. 'Proactive defense,' firewall configuration and other security-related features are faked, with XP Home Security 2013 using pop-up alerts and the results of its imitative scans to indicate that a virtual army of malware is invading your PC. Given the variety of different pop-ups that XP Home Security 2013 may use for this purpose, SpywareRemove.com malware experts recommend relying only on trusted anti-malware software to detect threats on your PC while you're dealing with a XP Home Security 2013 infection or related PC threats from the FakeRean family such as Antivirus 2008 Pro, Antivirus XP 2008, Windows Antivirus 2008, Vista Antivirus 2008, PC Clean Pro, Antivirus Pro 2009, Rogue.Vista Antivirus 2008, AntiSpy Safeguard, ThinkPoint, Spyware Protection 2010, Internet Antivirus 2011, Palladium Pro, XP Anti-Virus 2011, CleanThis, XP Security 2012, XP Home Security 2012 and AntiVirus PRO 2015.

XP Home Security 2013 may also be involved in more serious attacks against your computer than fake security displays, as SpywareRemove.com malware analysts have noted with the following examples:

XP Home Security 2013 may alter your ability to launch executable (or EXE) program files by forcing them to redirect to itself first. This allows XP Home Security 2013 to block programs arbitrarily, which usually is followed up by a fake infection alert.
XP Home Security 2013 may disable Windows security and maintenance features, including the Windows update management system and built-in security programs (Windows Defender, Security Center and/or Firewall).
Even your browser may not remain unaffected by XP Home Security 2013's hostilities, which can redirect traffic or force your browser to use a malicious proxy. Consequentially, XP Home Security 2013 may block you from various websites with fake 'security threat' warnings that are designed to look like standard error pages.

Resolving a XP Home Security 2013 Dilemma for True Peace at Home

Naturally, XP Home Security 2013 always should be thought of as a danger to your computer, and SpywareRemove.com malware researchers especially advise against following XP Home Security 2013's recommendation of purchasing its full version. However, if desired, you can use freely-distributed registry keys for the FakeRean family as a way to reduce XP Home Security 2013's defenses before removing XP Home Security 2013 entirely.

Given that XP Home Security 2013 has a better than even chance of blocking anti-malware programs that could disinfect your computer, SpywareRemove.com malware experts recommend booting your computer from a USB device-loaded OS as a way to prevent XP Home Security 2013 from launching. Safe Mode may also be used for this purpose, if applicable. Once XP Home Security 2013 is disabled, XP Home Security 2013 can be deleted with appropriate anti-malware software.

XP Home Security 2013 infections can be caused by many methods, since the FakeRean family has been seen using quite a few types of Trojan downloaders, Trojan droppers and even website exploit kits for propagation. When in doubt, you should consider the possibility of other malware on any computer that's infected with XP Home Security 2013 or other members of XP Home Security 2013's family.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

%CommonAppData%\[RANDOM CHARACTERS]

File name: %CommonAppData%\[RANDOM CHARACTERS]
Group: Malware file

%LocalAppData%\[RANDOM CHARACTERS]

File name: %LocalAppData%\[RANDOM CHARACTERS]
Group: Malware file

%Temp%\[RANDOM CHARACTERS]

File name: %Temp%\[RANDOM CHARACTERS]
Group: Malware file

%UserProfile%\Templates\[RANDOM CHARACTERS]

File name: %UserProfile%\Templates\[RANDOM CHARACTERS]
Group: Malware file

%UserProfile%\Start Menu\Programs\XP Home Security 2013\XP Home Security 2013.lnk

File name: %UserProfile%\Start Menu\Programs\XP Home Security 2013\XP Home Security 2013.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file

%UserProfile%\Start Menu\Programs\XP Home Security 2013\

File name: %UserProfile%\Start Menu\Programs\XP Home Security 2013\
Group: Malware file

%UserProfile%\Desktop\XP Home Security 2013.lnk

File name: %UserProfile%\Desktop\XP Home Security 2013.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file

%UserProfile%\Start Menu\Programs\XP Home Security 2013\Uninstall XP Home Security 2013.lnk

File name: %UserProfile%\Start Menu\Programs\XP Home Security 2013\Uninstall XP Home Security 2013.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS]\DefaultIcon\ %1HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Classes\.exe\Content Type application/x-msdownloadHKEY_CURRENT_USER\Software\Classes\.exe\ [RANDOM CHARACTERS]HKEY_CURRENT_USER\Software\Classes\.exeHKEY_CURRENT_USER\Software\Classes\.exe\shellHKEY_CURRENT_USER\Software\Classes\.exe\DefaultIconHKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon\ %1HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command\ "[RANDOM CHARACTERS].exe" -a "%1" %*HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command\IsolatedCommand "%1" %*HKEY_CURRENT_USER\Software\Classes\.exe\shell\openHKEY_CURRENT_USER\Software\Classes\.exe\shell\open\commandHKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command\ "%1" %*HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command\IsolatedCommand "%1" %*HKEY_CURRENT_USER\Software\Classes\.exe\shell\runasHKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\commandHKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS]\Content Type application/x-msdownloadHKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS]HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS]\ ApplicationHKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS]\DefaultIconHKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS]\shell\open\commandHKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS]\shellHKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS]\shell\openHKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS]\shell\runasHKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS]\shell\open\command\ "[RANDOM CHARACTERS].exe" -a "%1" %*HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS]\shell\open\command\IsolatedCommand "%1" %*HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS]\shell\runas\command\ "%1" %*HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS]\shell\runas\command\IsolatedCommand "%1" %*HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS]\shell\runas\command

Additional Information

The following messages's were detected:

#	Message
1	Privacy alert! Rogue malware detected in your system. Data leaks and system damage are possible. Click here for a free security scan and spyware deletion.
2	Privacy threat! Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card details and passwords. Click here to perform a security repair.
3	Severe system damage! Spyware and viruses detected in the background. Sensitive system components under attack! Data loss, identity theft and system corruption are possible. Act now, click here for a free security scan.
4	System danger! Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working in the background right now. Perform an in-depth scan and removal now, click here.
5	System hijack! System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan.
6	Threat detected! Security alert! Your computer was found to be infected with privacy-threatening software. Private data may get stolen and system damage may be severe. Recover your PC from the infection right now, perform a security scan.
7	Virus infection! System security was found to be compromised. Your computer is now infected. Attention, irreversible system changes may occur. Private data may get stolen. Click here now for an instant anti-virus scan.