XP Antivirus Pro, XP AntiMalware 2010, Antispyware XP, XP Defense 2010 and XP Security 2010
XP Antivirus Pro, XP AntiMalware 2010, Antispyware XP, XP Defense 2010 and XP Security 2010 may look like a legit security program created for Windows XP operating system. However, security experts already categorized these programs as rogue. The category includes any computer program that pretends to be useful, where in fact the sole purpose is to mislead users into paying for the full version of the software.
XP Antivirus Pro can trick users in so many ways. One of this is by producing virus scan results that shows manufactured presence of infection. An imaginary threat displayed after the virus scan of XP Antivirus Pro aims on deceiving users. To remind victim about security risks, this virus will constantly display numerous pop-up alerts. This action will lead user into purchasing of the registered version of XP Antivirus Pro.
For a number of occasions while this malware is still inside the computer, XP Antivirus Pro insists to register the product before it can remove any detected threats. In fact, you must eliminate the rogue program first by having a legit and effective solution. Continue browsing to lower part of this page for a recommended removal tool. Follow the procedure to remove XP Antivirus Pro and all of its associated files.
Screen Shot Image:
Technical Details and Additional Information:
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7
Characteristics (Analysis)
XP Antivirus Pro, XP AntiMalware 2010, Antispyware XP, XP Defense 2010 and XP Security 2010 are rogue programs. Unlike Trojans and viruses, rogue anti-virus program will not replicate on itself once loaded inside the PC. These unwanted application typically spreads over the Internet is several methods including fake online virus scanner, bogus multimedia web sites, file-sharing networks, shareware and cracked programs.
When the main executable file is launch, rogue anti-virus instantly alters system settings. Modifications to Internet browser may result to browser redirects that hijack any requested web addresses. Lastly, it will alter registry and create the following entry to run the program when Windows starts.
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\ave.exe” /START “%1″ %*
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe" HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe" HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\ave.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe" HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = "%UserProfile%\Local Settings\Application Data\ave.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\ave.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe" HKLM\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = "1" HKLM\SOFTWARE\Microsoft\Security Center "FirewallOverride" = "1" HKCU\Software\Classes\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "%1" %* HKCU\Software\Classes\secfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "%1" %* HKCR\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "%1" %* HKCR\secfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "%1" %* HKCU\Software\Classes\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\ave.exe" /START "%1" %* HKCU\Software\Classes\secfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\ave.exe" /START "%1" %* HKCR\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\ave.exe" /START "%1" %* HKCR\secfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\ave.exe" /START "%1" %*Associated Files and Folders:
C:\Documents and Settings\All Users\Application Data\[random] %UserProfile%\Local Settings\Application Data\av.exe %UserProfile%\Local Settings\Application Data\ave.exe %UserProfile%\Local Settings\Application Data\[random] %UserProfile%\Local Settings\Application Data\[random] %UserProfile%\Local Settings\Temp\Q[random] %UserProfile%\Templates\[random]
How to Remove XP Antivirus Pro, XP AntiMalware 2010, Antispyware XP, XP Defense 2010 and XP Security 2010
This guide requires a tool called Malwarebytes' Anti-Malware. It is a free tool designed to eradicate various computer infections. MBAM scanner is distributed for free.Boot Windows in Safe Mode With Networking
1. First thing to do is to reboot the computer in Safe Mode with Networking to avoid XP Antivirus Pro, XP AntiMalware 2010, Antispyware XP, XP Defense 2010 and XP Security 2010 from loading at start-up. You may want to print this procedure as we have to restart the computer to complete the removal process.
- Restart the computer.
- Before Windows begins to load, press F8 on your keyboard.
- It will display an Advanced Boot Options menu. Please select Safe Mode with Networking.
- Windows will now start in Safe Mode.
Remove XP Antivirus Pro, XP AntiMalware 2010, Antispyware XP, XP Defense 2010 and XP Security 2010 with MalwareBytes' Anti-Malware
2. Download Malwarebytes’ Anti-Malware (mbam-setup.exe) and save it on your Desktop or any location on your PC.
3. When finish downloading, double-click on the file mbam-setup.exe to install the application.
4. Follow the prompts and install with default configuration.
5. Before the installation completes, check on the following prompts:
- Update Malwarebytes’ Anti-Malware
- Launch Malwarebytes’ Anti-Malware
6. Click Finish. Program will run automatically and you will be prompt to update the program before doing a scan. Please update.
7. When finished updating, Malwarebytes' Anti-Malware will run. Select Perform full scan on main screen to check your computer thoroughly.
8. When scanning is finished click on Show Results.
9. Make sure that all detected threats are checked, click on Remove Selected. This will delete all files and registry entries that belongs to XP Antivirus Pro, XP AntiMalware 2010, Antispyware XP, XP Defense 2010 and XP Security 2010.
10. Restart your computer.
Note: If XP Antivirus Pro, XP AntiMalware 2010, Antispyware XP, XP Defense 2010 and XP Security 2010 prevents mbam-setup.exe from downloading. Download the software from another computer. Renaming it to something like 'anything.exe' can help elude the malware.