Home Malware Programs Rogue Anti-Virus Programs XP Antivirus 2013

XP Antivirus 2013

Posted: October 1, 2012

Threat Metric

Ranking: 13,145
Threat Level: 5/10
Infected PCs: 5
First Seen: October 1, 2012
Last Seen: December 10, 2021
OS(es) Affected: Windows

XP Antivirus 2013 Screenshot 1Rather than waiting for the New Year’s arrival, the criminals who are behind new variants of FakeRean scamware have released their new 'products early,' with XP Antivirus 2013 as just one of many examples of fraudulent security software. As a rogue anti-malware program, XP Antivirus 2013 is excellent at displaying realistic-looking and dangerous-sounding malware alerts, but SpywareRemove.com malware researchers have long since confirmed that XP Antivirus 2013 can't detect or delete real PC threats. Because XP Antivirus 2013 and other members of its family may also be used to attack legitimate security features of Windows, XP Antivirus 2013 should be considered a high-level threat, and deleting XP Antivirus 2013 with an anti-malware program is advisable as soon as you get an opportunity.

XP Antivirus 2013: the Risk That Keeps on Giving in So Many Ways

Contrary to its looks, XP Antivirus 2013 can't detect malicious software, nor can XP Antivirus 2013 delete malware that's infecting your computer. However, simulated scans and pop-ups by XP Antivirus 2013 attempt to show otherwise, with a colorful assortment of fake alerts and infection warnings that fake the identification of spyware and other high-level PC threats. SpywareRemove.com malware experts encourage total disregard to XP Antivirus 2013's histrionic fake alerts, which can cause you to damage your PC if you follow their advice. Likewise, purchasing XP Antivirus 2013 should never be considered a viable solution to any computers problems.

While XP Antivirus 2013 and other members of the FakeXPA family of fake anti-malware scanners are best known for their misleading security information, XP Antivirus 2013 may also indulge in other attacks. SpywareRemove.com malware experts have noted some of the most dangerous below:

  • XP Antivirus 2013 may disable basic Windows features such as its automatic update, firewall or Security Center.
  • XP Antivirus 2013 may block websites from your browser; these blocks can be accompanied by fake 'dangerous website' warnings.
  • Unrelated programs that aren't disabled via the Registry may be blocked by XP Antivirus 2013 through separate means. Like the aforementioned browser attacks, SpywareRemove.com malware researchers note that, in this case, XP Antivirus 2013 will try to imply that the target is infected, damaged or otherwise dangerous – thus justifying why XP Antivirus 2013 is blocking it.

Staying a Leap Ahead of Next Year's Digital Con Game

As much as XP Antivirus 2013 looks like an anti-malware product, XP Antivirus 2013 doesn't have any legitimate features for your benefit and its requests for purchase should always be ignored. If possible, launching anti-malware software that can delete XP Antivirus 2013 should be a simple solution to any XP Antivirus 2013 infection. If XP Antivirus 2013 blocks the software that could remove it, disabling XP Antivirus 2013 (by Safe Mode or other means) can be considered as a preliminary step.

XP Antivirus 2013's family, FakeRean, includes many members, although some are more distinctly-related to XP Antivirus 2013 than others. Close relatives of XP Antivirus 2013 that SpywareRemove.com malware analysts have found to be active as of the time of this writing include Antivirus 2010, Antivirus 360, AntivirusBEST, Nortel Antivirus, Alpha Antivirus, Cyber Security, MaCatte Antivirus 2009, Eco Antivirus, Antivir, Personal Security, Ghost Antivirus, Antivirus 7, Antivirus GT, Earth Antivirus, Antivirus 8, AntivirusProfessional, AVG Antivirus 2011, E-Set Antivirus 2011 and XP Antivirus 2010.

Infections by XP Antivirus 2013 can be precipitated by Trojan downloaders from a range of different families as well as by drive-by-download exploits that are associated with commercially-distributed exploit kits (Blackhole Exploit Kit, etc).

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to XP Antivirus 2013 may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS].exe File name: %AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS].exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
%CommonAppData%\[RANDOM CHARACTERS].exe File name: %CommonAppData%\[RANDOM CHARACTERS].exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
%LocalAppData%\[RANDOM CHARACTERS].exe File name: %LocalAppData%\[RANDOM CHARACTERS].exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
%Temp%\[RANDOM CHARACTERS].exe File name: %Temp%\[RANDOM CHARACTERS].exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = ''HKEY_CURRENT_USER\Software\Classes\ "(Default)" = 'Application'HKEY_CURRENT_USER\Software\Classes\\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*HKEY_CURRENT_USER\Software\Classes\\DefaultIcon "(Default)" = '%1'HKEY_CLASSES_ROOT\ah\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = ""%LocalAppData%\.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe""HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = ""%LocalAppData%\.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode"HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = ""%LocalAppData%\.exe -a "C:\Program Files\Mozilla Firefox\firefox.exe""HKEY..\..\..\..{Subkeys}HKEY_CLASSES_ROOT\ah\shell\open\command "IsolatedCommand"

Additional Information

The following messages's were detected:
# Message
1Malware intrusion!
Sensitive areas of your system ware found to be under attack. Spy software attack or virus infection possible. Prevent further damage or your private data will get stolen. Run an anti-spyware scan now. Click here to start.
2Privacy alert!
Rogue malware detected in your system. Data leaks and system damage are possible. Click here for a free security scan and spyware deletion.
3Security Breach!
Beware! Spyware infection was found. Your system security is at risk. Private information may get stolen, and your PC activity may get monitored. Click for and anti-spyware scan.
4System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working in the background right now. Perform an in-depth scan and removal now, click here.
5Virus infection!
System security was found to be compromised. Your computer is now infected. Attention, irreversible system changes may occur. Private data may get stolen. Click here now for an instant anti-virus scan.