XP Internet Security 2013. Removal video

XP Internet Security 2013 is yet another scam that actively bombards various computers in the online world today. It is worth mentioning that this fake antispyware program belongs to the Braviax malware group, thus it acts typically like all other similar Multirogue 2013 programs previously described by us in many posts. Luckily, we’ve been able to trace this XP Internet Security 2013 scam on our test machines and to analyze its behavior. Just as we expected, this hoax presents the bunch of faulty security alerts, warnings, popups and notifications. It is not a surprise that users who don’t realize this program is a fake AV tool would be quite scared with the bunch of deceitful statements reported by this badware.

XP Internet Security 2013, of course, acts like all other rogues of the same malicious clan. It enters your PC without your consent or approval. The very installation process of this malware is hidden from your attention. Hence, you cannot actually terminate the installation process of this badware ahead of time. This scam will keep annoying you with repeated faulty scans that it originates each time you turn your computer on. These fake scans are finalized with the bogus reports about various malwares detected on your system. Of course, this information can’t be of truth. Furthermore, the hoax plans to convince you to buy its fake license, which is not really able to remove real security threats when they do attack your system.

For your convenience and better understanding we’ve decided to create the video guide on removal of XP Internet Security 2013 scam from your system with the help of GridinSoft Trojan Killer. We’ve placed this video guide at YouTube. Enjoy, and may your system be virus-free!

XP Internet Security 2013 removal video guide:

XP Internet Security 2013 step-by-step removal instructions from GridinSoft Trojan Killer anti-virus Lab

Step 1.

Run GridinSoft Trojan Killer. Click Win+R and type the direct link for the program’s downloading.

If it does not work, download GridinSoft Trojan Killer from another uninfected machine and transfer it with the help of a flash drive.

Step 2.

Install GridinSoft Trojan Killer. Right click – Run as administrator.

Run as administrator

IMPORTANT!

Don’t uncheck the Start Trojan Killer checkbox at the end of installation!

Checkbox

Manual removal guide XP Internet Security 2013 virus:

Delete XP Internet Security 2013 files:

  • %LocalAppData%\[rnd_2]
  • %Temp%\[rnd_2]
  • %UserProfile%\Templates\[rnd_2]
  • %CommonApplData%\[rnd_2]

Delete XP Internet Security 2013 registry entries:

  • HKEY_CURRENT_USER\Software\Classes\.exe
  • HKEY_CURRENT_USER\Software\Classes\.exe\ [rnd_0]
  • HKEY_CURRENT_USER\Software\Classes\.exe\Content Type application/x-msdownload
  • HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon
  • HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon\ %1
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command\ “[rnd_1].exe” -a “%1″ %*
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command\IsolatedCommand “%1″ %*
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command\ “%1″ %*
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command\IsolatedCommand “%1″ %*
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\ Application
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\Content Type application/x-msdownload
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\DefaultIcon
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\DefaultIcon\ %1
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\open
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\open\command
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\open\command\ “[rnd_1].exe” -a “%1″ %*
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\open\command\IsolatedCommand “%1″ %*
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\runas
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\runas\command
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\runas\command\ “%1″ %*
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\runas\command\IsolatedCommand “%1″ %*

Leave a Comment


*