XP Security

March 22nd, 2010
Home » Rogue Antispyware » XP Security
Repair and protect your computer easily. Download XP Security removal tool  

XP Security description

XP Security is a malware pretending to be a real protection tool. The truth is that this is all scam. Even if it acts like a real security program, it isn’t so. Malware is also from the same rogue family as XP Security Tool and XP Smart Security 2010 parasites.

It comes a long with a help of trojan which enters your system through its vulnerable spots. Once PC is started malware installs itself automatically and starts to scan computer. After fake scans are finished  you can see your desktop is flooded with all kind of security alerts and threats claiming your computer is infected. This is untrue and do not believe any of the information. It will also offer you to buy XP Security  registered version, but in fact it can’t process any security service. Choose reputable anti-spyware application and terminate malware immediately.

Manual XP Security Removal


XP Security processes:

MSASCui.exe
pw.exe
Help: A Guideline of Killing Malicious Processes


XP Security registry values:

HKEY_CURRENT_USER\Software\Classes\pezfile
HKEY_CLASSES_ROOT\pezfile
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_CLASSES_ROOT\pezfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = "1"
Help: How to edit windows registry entries


Other malicious XP Security files:

%UserProfile%\Local Settings\Application Data\opRSK
%UserProfile%\Local Settings\Application Data\pw.exe
%UserProfile%\Local Settings\Application Data\MSASCui.exe
%UserProfile%\AppData\Local\opRSK
%UserProfile%\AppData\Local\pw.exe
%UserProfile%\AppData\Local\MSASCui.exe

The manual removal of files and registries should be performed by experienced users. A system can be badly affected if any error is done during the manual removal. We recommend using automatic removal tools to delete XP Security, if you are not familiar with deleting malware manually.

Tags:

Trackbacks /
Pingbacks

  1. Remove Win 7 Security, Win 7 Security removal help
  2. Remove Vista Security, Vista Security removal guide

Leave a Reply