By Jim
Updated on Saturday, March 20th, 2010
XP Antimalware is a fake antivirus tool specifically designed to attack Windows XP users. It has a very professional-looking GUI that could easily pass for a legit, useful program. Alas, it is nothing more than a deceitful malware that will try to entice you into purchasing a so-called “full version”.
Just like practically all fake antimalware programs, XP Antimalware can infect your system through trojans. Where can you find these trojans? In bogus websites, that’s where. I wouldn’t download anything from obscure websites if I were you … especially if the downloadable item comes in the form of a useful file like an mp3, video codec, device driver, or Flash player update.
Online scanners in similarly obscure websites are also possible sources of these dangerous trojans. Once the XP Antimalware gets inside your system, it will waste no time attacking your Windows XP registry. That way, it can gain control of your system immediately after your next boot up.
XP Antimalware is also just one of the many fake anti-malware that rely on ave.exe. We’ve talked about this treacherous little file in a very recent post here on this site. I suggest you have a look at it as well.
Symptoms Of Infection
- Your computer is acting slow. XP Antimalware slow down your system significantly. This includes starting up, shutting down, playing games, and surfing the web.
- You are getting pestered with pop ups. XP Antimalware infects your registry and uses it to launch annoying pop up ads out of nowhere.
- Searches are redirected or your homepage and desktop are settings are changed. This is a symptom of a very serious XP Antimalware infection.
Dangers Of Infection
Viruses like XP Antimalware will infect your registry and other important system files. If the infection is not treated it can cause a complete collapse of your system.
Some XP Antimalware infections contain spyware and keyloggers which can be used to record sensitive data like passwords, credit card, bank account, and social security numbers. The longer you allow the infection to fester, the greater the chance of identity fraud.
How To Remove Infection Manually
Uninstall XP Antimalware Processes
Delete XP Antimalware Files
Remove XP Antimalware Registry Files
HKEY_CURRENT_USER\\Software\\Classes\\secfile\\shell\\open\\command “(Default)” = “%UserProfile%\\Local Settings\\Application Data\\ave.exe” /START “%1? %*
HKEY_CLASSES_ROOT\\.exe\\shell\\open\\command “(Default)” = “%UserProfile%\\Local Settings\\Application Data\\ave.exe” /START “%1? %*
HKEY_CLASSES_ROOT\\secfile\\shell\\open\\command “(Default)” = “%UserProfile%\\Local Settings\\Application Data\\ave.exe” /START “%1? %*
HKEY_LOCAL_MACHINE\\SOFTWARE\\Clients\\StartMenuInternet\\FIREFOX.EXE\\shell\\open\\command “(Default)” = “%UserProfile%\\Local Settings\\Application Data\\ave.exe” /START “C:\\Program Files\\Mozilla Firefox\\firefox.exe”
HKEY_LOCAL_MACHINE\\SOFTWARE\\Clients\\StartMenuInternet\\FIREFOX.EXE\\shell\\safemode\\command “(Default)” = “%UserProfile%\\Local Settings\\Application Data\\ave.exe” /START “C:\\Program Files\\Mozilla Firefox\\firefox.exe” -safe-mode
HKEY_LOCAL_MACHINE\\SOFTWARE\\Clients\\StartMenuInternet\\IEXPLORE.EXE\\shell\\open\\command “(Default)” = “%UserProfile%\\Local Settings\\Application Data\\ave.exe” /START “C:\\Program Files\\Internet Explorer\\iexplore.exe”
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center “AntiVirusOverride” = “1?
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center “FirewallOverride” = “1?
Popular Search Terms
Remove XP Antimalware
Delete XP Antimalware
Uninstall XP Antimalware
How to get rid of XP Antimalware
How to remove XP Antimalware
XP Antimalware removal
Remove XPAntimalware
XPAntimalware removal
XP-Antimalware
Warning! If Spyware Doctor is blocked by the virus then run your system in safe mode and try again. To do this reboot your system and tap F8 repeatedly as your computer starts up. Then run Spyware Doctor as normal.
Posted under Fake Antispyware | No Comments
