XP Security 2013 is one more fake program that wants to get your money for its malicious product. It is the virus like Win 7 Security 2013. It has the same methods of work inside your system. When the rogue gets into your machine it blocks everything. You will be suggested to pay certain sum of money if you want your system to be unblocked.
The reason of such actions is simple. Your system was noticed visiting the sites with adult content or somthing like that. It is not very important because all this is not true. XP Security 2013 virus wants you to believe that it is a real official program. But it is not so. You do not have to pay money for this. There is another way to get rid of XP Security 2013 rogue here below.
Similar video removal guide:
Removal guide of XP Security 2013 virus:
STEP 1.
Run GridinSoft Trojan Killer:
Click Win+R and type the direct link for the program’s downloading.
If it does not work, download GridinSoft Trojan Killer from another uninfected machine and transfer it with the help of a memory stick.
STEP 2.
Install GridinSoft Trojan Killer.
Right click – Run as administrator.
IMPORTANT!
Don’t uncheck the Start Trojan Killer checkbox at the end of installation!
Manual removal guide of XP Security 2013 virus:
Delete XP Security 2013 files:
- %LocalAppData%\[rnd_2]
- %Temp%\[rnd_2]
- UserProfile%\Templates\[rnd_2]
- %CommonApplData%\[rnd_2]
Delete XP Security 2013 registry entries:
- HKEY_CURRENT_USER\Software\Classes\.exe
- HKEY_CURRENT_USER\Software\Classes\.exe\ [rnd_0]
- HKEY_CURRENT_USER\Software\Classes\.exe\Content Type application/x-msdownload
- HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon
- HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon\ %1
- HKEY_CURRENT_USER\Software\Classes\.exe\shell
- HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
- HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
- HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command\ “[rnd_1].exe” -a “%1″ %*
- HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command\IsolatedCommand “%1″ %*
- HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas
- HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command
- HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command\ “%1″ %*
- HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command\IsolatedCommand “%1″ %*
- HKEY_CURRENT_USER\Software\Classes\[rnd_0]
- HKEY_CURRENT_USER\Software\Classes\[rnd_0]\ Application
- HKEY_CURRENT_USER\Software\Classes\[rnd_0]\Content Type application/x-msdownload
- HKEY_CURRENT_USER\Software\Classes\[rnd_0]\DefaultIcon
- HKEY_CURRENT_USER\Software\Classes\[rnd_0]\DefaultIcon\ %1
- HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell
- HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\open
- HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\open\command
- HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\open\command\ “[rnd_1].exe” -a “%1″ %*
- HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\open\command\IsolatedCommand “%1″ %*
- HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\runas
- HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\runas\command
- HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\runas\command\ “%1″ %*
- HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\runas\command\IsolatedCommand “%1″ %*
No comments:
Post a Comment