XP Antivirus Pro 2013 Removal Report

XP Antivirus Pro 2013

By GoldSparrow in Rogue Anti-Virus Program | 142 views

Rate it:

(No Ratings Yet)

Loading ...

[+] Click Image to Enlarge

XP Antivirus Pro 2013 is a fake anti-virus application that is created by cybercrooks to intimidate victims into believing their computers have been contaminated with numerous security infections. XP Antivirus Pro 2013 operates by attempting to convince PC users to purchase the imaginary full version of scamware. The main problem with XP Antivirus Pro 2013 is that its full edition will not protect the computer from real malware threats because, in reality, it does not exist. Although the name and interface of XP Antivirus Pro 2013 may sound and look legal and reliable, XP Antivirus Pro 2013 will not protect the computer from security threats and fix it. XP Antivirus Pro 2013 is distributed via a Trojan that is downloaded from malicious websites. Trojans use security holes and system vulnerabilities to invade the victimized machine. After installation, XP Antivirus Pro 2013 will launch fraudulent system scans and display pop-up warning messages. XP Antivirus Pro 2013 will create false PC scan results to intimidate you into thinking your computer is corrupted by malware infections. To uninstall XP Antivirus Pro 2013 from the compromised PC, ESG’s malware research team advises you to use a genuine malware removal tool that deals with rogue anti-virus programs.

Type: Rogue Anti-Virus Program

How Can You Detect XP Antivirus Pro 2013?

Download SpyHunter’s Detection Scanner
to Detect XP Antivirus Pro 2013.

Can’t install SpyHunter? Click here to view possible causes of installation issues.

XP Antivirus Pro 2013 Technical Report

As new XP Antivirus Pro 2013 details are reported by our customers and findings from our Threat Research Center, we will update this section.

Fake message for XP Antivirus Pro 2013:

The following fake error message(s) appears for XP Antivirus Pro 2013:

XP Antivirus Pro 2013 Firewall Alert
XP Antivirus Pro 2013 has blocked a program from accessing the internet
Internet Explorer is infected with Trojan-BNK.Win32.Keylogger.gen
Private data can be stolen by third parties, including credit card details and passwords.

System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working in the background right now. Perform an in-depth scan and removal now, click here.

Virus intrusion!
Your computer security is at risk. Spyware, worms and Trojans were detected in the background. Prevent data corruption and credit card information theft. Safeguard your system and perform a free security scan now.

Severe system damage!
Spyware and viruses detected in the background. Sensitive system components under attack! Data loss, identity theft and system corruption are possible. Act now, click here for a free security scan.

‘How XP Antivirus Pro 2013 Infects Your Computer’ Video

XP Antivirus Pro 2013 Removal Details

XP Antivirus Pro 2013 creates the following files in the system:

%CommonApplData%\[RANDOM CHARACTERS_2]
%LocalAppData%\[RANDOM CHARACTERS_2]
%Temp%\[RANDOM CHARACTERS_2]
%UserProfile%\Templates\[RANDOM CHARACTERS_2]

XP Antivirus Pro 2013 creates the following registry entries:

HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\.exe\shell
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command\IsolatedCommand “%1″ %*
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\Content Type application/x-msdownload
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\shell\runas\command\ “%1″ %*
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\shell\open\command\ “[RANDOM CHARACTERS_1].exe” -a “%1″ %*
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\shell\open
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon\ %1
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command\IsolatedCommand “%1″ %*
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command\ “%1″ %*
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\DefaultIcon\ %1
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\shell\open\command
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\shell
HKEY_CURRENT_USER\Software\Classes\.exe\Content Type application/x-msdownload
HKEY_CURRENT_USER\Software\Classes\.exe\ [RANDOM CHARACTERS_0]
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command\ “[RANDOM CHARACTERS_1].exe” -a “%1″ %*
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0_0]\ Application
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\shell\runas\command\IsolatedCommand “%1″ %*
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\shell\open\command\IsolatedCommand “%1″ %*
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\shell\runas

Important Article Disclaimer

This entry was last updated on 11/6/12 and posted on 11/5/12. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.