XP Defender description
XP Defender is a fake security tool. This malware is malicious even if it acts like legitimate program. With the aid of trojan infections, spam emails and various websites it tends to be affiliated, one can easily fall victim to this fraudulent application.
Once installed it will display false system security threats and the will prompt you to buy a full version of this program to remove security issues that don’t even there. Malware neither has an ability to detect nor remove computer threats therefore it is not be trusted. it may also hijack your browser to deceptive websites that sell illegal tool. If you choose to purchase it your money will go to bad people who will use it for their malicious intentions, that is why we highly recommend you to ignore the warnings. You’ve better use an effective anti-spyware tool and terminate the parasite as soon as possible.
Manual XP Defender Removal
XP Defender processes:
ave.exe
Help: A Guideline of Killing Malicious Processes
XP Defender registry values:
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_CLASSES_ROOT\secfile\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “av.exe” /START “firefox.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “av.exe” /START “firefox.exe” -safe-mode
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “av.exe” /START “iexplore.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = “1?
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirewallOverride” = “1?
Help: How to edit windows registry entries
Other malicious XP Defender files:
ave.exe