By Jim
Updated on Wednesday, March 24th, 2010
If you haven’t realized it yet, that new anti-spyware program on your computer named XP Security Tool isn’t actually a security tool. It will redirect your browsing to sites that can infect you with more malware. It pesters you to update to a newer version for a fee. It also eats up system resources and sits on your memory, waiting for a chance to grab sensitive data.
Don’t even think of upgrading this software since it’s all a scam to get your money and financial information. It’s best your remove this software immediately before it runs amok in your computer trashing files, editing registry entries and disabling security software. Don’t get lax, you must erase this completely from your system before it deletes important files or worse, crashes your computer completely.
This is one of the nastiest malware out there since it doesn’t show up in virus scans on antimalware apps, disables other security features of your computer and can likely rebuild itself even if you remove it manually. Before you go ahead and reinstall Windows or ship off your computer to a shop, take a look below on how you can remove this malicious software and clean up your computer.
Symptoms Of Infection
- Your computer is acting slow. XP Security Tool slows down your system significantly. This includes starting up, shutting down, playing games, and surfing the web.
- You are getting pestered with pop ups. XP Security Tool infects your registry and uses it to launch annoying pop up ads out of nowhere.
- Searches are redirected or your homepage and desktop are settings are changed. This is a symptom of a very serious XP Security Tool infection.
Dangers Of Infection
Viruses like XP Security Tool will infect your registry and other important system files. If the infection is not treated it can cause a complete collapse of your system.
Some XP Security Tool infections contain spyware and keyloggers which can be used to record sensitive data like passwords, credit card, bank account, and social security numbers. The longer you allow the infection to fester, the greater the chance of identity fraud.
How To Remove Infection Manually
Uninstall XP Security Tool Processes
Delete XP Security Tool Files
Remove XP Security Tool Registry Files
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\ave.exe” /START “%1? %*
HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\ave.exe” /START “%1? %*
HKEY_CLASSES_ROOT\secfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\ave.exe” /START “%1? %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\ave.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “%UserProfile%\Local Settings\Application Data\ave.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\ave.exe” /START “C:\Program Files\Internet Explorer\iexplore.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = “1?
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirewallOverride” = “1?
Popular Search Terms
Remove XP Security Tool
Delete XP Security Tool
Uninstall XP Security Tool
How to get rid of XP Security Tool
How to remove XP Security Tool
XP Security Tool removal
Remove XPSecurityTool
XPSecurityTool removal
XP-Security-Tool
Warning! If Spyware Doctor is blocked by the virus then run your system in safe mode and try again. To do this reboot your system and tap F8 repeatedly as your computer starts up. Then run Spyware Doctor as normal. If this doesn’t work try renaming the Spyware Doctor EXE file.
Posted under Fake Antispyware | No Comments
