XP Defender Pro

March 17th, 2010
Home » Rogue Antispyware » XP Defender Pro
Repair and protect your computer easily. Download XP Defender Pro removal tool  

XP Defender Pro description

XP Defender Pro is a rogue protection program even if it states the other way round. It is accompanied by a malicious trojan which enters the system and leaves a backdoor for XP Defender Pro to come in. It is also a new clone of XP Internet Security 2010 malware. The fake security program only looks like a real antispyware application, but it can’t make any security actions.

As common to other malwares this bogus system also scans user’s computer secretly and then shows fake results with a conclusion that your PC is infected. These warnings about user’s PC being in a high risk is a fraud. It only tries to trick you to purchase illegal anti-spyware tool. Yo need to delete the parasite immediately and make sure you’ve deleted all the affiliated files too.

Manual XP Defender Pro Removal


XP Defender Pro processes:

ave.exe
Help: A Guideline of Killing Malicious Processes


XP Defender Pro registry values:

HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\.exe\shell
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start\command
HKEY_CURRENT_USER\Software\Classes\secfile
HKEY_CURRENT_USER\Software\Classes\secfile\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\secfile\shell
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command
HKEY_CURRENT_USER\Software\Classes\secfile\shell\runas
HKEY_CURRENT_USER\Software\Classes\secfile\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\secfile\shell\start
HKEY_CURRENT_USER\Software\Classes\secfile\shell\start\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | @ = “%AppData%\ave.exe” /START “%1″ %*
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | IsolatedCommand = “%1″ %*
HKEY_CURRENT_USER\Software\Classes\.exe | @ = “secfile”
HKEY_CURRENT_USER\Software\Classes\.exe | Content Type = “application/x-msdownload”
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command | @ = “%AppData%\ave.exe” /START “%1″ %*
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command | IsolatedCommand = “%1″ %*
Help: How to edit windows registry entries


Other malicious XP Defender Pro files:

%AppData%\ave.exe

The manual removal of files and registries should be performed by experienced users. A system can be badly affected if any error is done during the manual removal. We recommend using automatic removal tools to delete XP Defender Pro, if you are not familiar with deleting malware manually.

Tags:

Trackbacks /
Pingbacks

  1. Remove Win 7 Defender, Win 7 Defender removal help
  2. Remove Antispyware XP, Antispyware XP removal tutorial

Leave a Reply