XP Defender Pro and Vista Defender Pro

XP Defender Pro and Vista Defender Pro are rogue security programs that aggressively spreads through malicious web sites. It forces and entry to computers by exploiting software vulnerabilities. XP Defender Pro virus can penetrate a system without a notice and undetected by an antivirus program. It has the power to embed itself on legitimate system files.

At first stage, it will attempt to hijack Internet browsers and redirect it to a website that will perform virus scan on the computer. The scan will display fake results and attempt to convince users to use XP Defender Pro as a virus remover. Next, it will request to download and install the trial version of fake antivirus software. If completed, it will launch a virus scan and keeps on detecting files and viruses that were not present on the PC. This trick will deceive users and force them to register the program, claiming it as the only solution in removing computer threats. Even with the activated version of XP Defender Pro threats will remain on the computer as long as this rogue security program stays.

The only possible way to resolve this issue is by making use of effective anti-malware product to fully scan the computer.

Screenshot Image:

Image of XP Defender Pro

Technical Details and Additional Information:

Damage Level: Medium

Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7

Characteristics (Analysis)

Malware Behavior

Presence of XP Defender Pro and Vista Defender Pro on target computer will produce excessive alert messages to mislead victims. Some of these alerts are the following:

XP Defender Pro Firewall Alert!
XP Defender Pro has blocked a program from accessing the Internet
Internet Explorer is infected with Trojan-BNK.Win32-Keylogger.gen
Private data can be stolen by third parties, including credit card details and passwords.

Stealth intrusion!
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.

Stealth intrusion! Image

System hijack!
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan.

System hijack! Image

Severe system damage!
Spyware and viruses detected in the background. Sensitive system components under attack! Data loss, identity theft and system corruption are possible. Act now, click here for a free security scan.

Severe system damage! Image

XP Defender ALERT
System integrity threat!
Warning! Sensitive data may be sent over your Internet connection right now!

Attack from: port: 6301
Attacked port: 4637
Threat: Macro.PPoint.ShapeShift

System integrity threat! Image

XP Defender Pro Removal Procedures

Systematic procedures to get rid of the threat are presented on this section. Make sure to scan the computer with suggested tools and scanners.

NOTE: It is recommended to PRINT or BOOKMARK this instruction because we need to restart Windows during the virus removal process.

Step 1 : Uninstall XP Defender Pro from Windows

1 On Windows Start menu, type Uninstall on Search field. Select Apps & Features on the list. For lower version of Windows, please choose Program and Features. You can uninstall or modify any installed application using this feature.

Program and Features

2 On next window, look for the item "XP Defender Pro" from the list and then, click on Uninstall button.

Remove Malicious Apps

3 When it prompts for confirmation, please click Uninstall to start deleting XP Defender Pro from Windows operating system.

Step 2 : Remove XP Defender Pro remaining items with this tool

This guide requires a tool called Malwarebytes' Anti-Malware. It is a free tool designed to eradicate various computer infections including XP Defender Pro. MBAM scanner and malware removal tool is distributed for free.

4 In order to completely remove XP Defender Pro, it is best to download and run the recommended tool. Please click the button below to begin the download process.

Download Tool

5 After downloading, right-click on the file mb3-setup-consumer-[version].exe and select Run as Administrator to install the application.

6 Follow the prompts and install with dafault settings. There are no changes needed during the installation process.

7 Malwarebytes Anti-Malware will launch for the first time. If it prompts for database update, it is necessary proceed with this step.

8 Click on Scan Now button on scanner's console to ensure that it thoroughly check the PC for any presence of XP Defender Pro and other forms of threats.

Scan Now

9 Once the scan has completed, Malwarebytes Anti-Malware will issue a list of identified threats. Mark all threats and remove them from the computer.

10 If it prompts to restart the computer, please reboot Windows normally.

Step 3 : Double-check if XP Defender Pro still exists

11 Click on the button below to download Norton Power Eraser from official web site. File will be save on your Windows Downloads folder.

NPE Download

12 After downloading, navigate its location and double-click on the NPE.exe file to launch the program.

13 Norton Power Eraser will run. If it prompts for End User License Agreement, please click on Accept to proceed.

14 On NPE main window, click on Unwanted Application Scan to quickly check the computer for malicious programs including XP Defender Pro.

Norton Power Eraser

15 NPE will proceed with the scan. It will search for Trojans, viruses, and malware like XP Defender Pro. This may take some time, depending on the number of files currently stored on the computer.

Step 4 : Run Additional Scanner to Ensure that XP Defender Pro is Totally Deleted

Online Virus Scanner:
Another way to remove a virus without the need to install additional anti-virus software is to perform a thorough scan with free Online Virus Scanner. Browse this page to see a list of free services from specific anti-virus and security company.

Alternative Removal Procedures for XP Defender Pro

Use Windows System Restore to return Windows to previous state

During an infection, XP Defender Pro drops various files and registry entries. The threat intentionally hides system files by setting options in the registry. With these rigid changes, the best solution is to return Windows to previous working state is through System Restore.

To verify if System Restore is active on your computer, please follow the instructions below.

1 On Windows Start menu, type RSTRUI on search field. Then, click the item or press Enter on keyboard.

RSTRUI Command

2 "Restore system files and settings" window will appear. Click Next button to see the list of active restore points.

3 Select the most recent one prior to having XP Defender Pro infection. Click Next to restore Windows to previous working and clean state.

4 It may take a while to fully restore back-up files. Restart Windows when done.

Optional : XP Defender Pro manual uninstall guide

IMPORTANT! Manual removal of XP Defender Pro requires technical skills. Deleting system files and registry entries by mistake may result to total disability of Windows system. We advise you to perform a backup of registry before proceeding with this guide.

1. Kill any running process that belongs to XP Defender Pro.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for XP Defender Pro files (refer to Technical Reference) and click End Process.

End Task

2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit and press Enter. This will open registry editor.
- Find and delete registry entries as mentioned in Technical Reference section.
- Close registry editor. Changes made will be saved automatically.

Run Regedit

3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.
- Thoroughly scan the computer with your updated antivirus software.

4. Delete all files dropped by XP Defender Pro.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Technical Reference'. Make sure that you execute 'End Task' first before deleting the file. Otherwise, the system will not let you perform this action.

Associated Files and Folders:Added Registry Entries:

About Marco Mathew

Marco Mathew works as Windows Network administrator before establishing precisesecurity.com. Now, Marco is dedicating full-time to help computer users' fight viruses, malware, trojan, worms, adware, and potentially unwanted programs.


  1. Avatarabc defg

    Wanted to say thanks, and let you know that the manual removal instructions were very helpful, and worked great. Thanks to you, I’m rid of this insidious virus!

  2. AvatarAlexandru Fira

    You are wasting your time. Switch to Linux !

  3. Avatarha long


  4. AvatarLaney

    What is the key

  5. AvatarLyskar

    Use Windows security essentials, it’s free, from Microsoft and provides basic protection. or ask your internet provider; some offer a free license on the antivirus of their choice.

  6. Avataronur

    Is there likely to crash my computer?

  7. Avatarresul

    hepiniz orospu cocugusunuz

  8. Avatarearl

    this program is worse than you are claiming.. it locks you out of your bios and takes over your pc. and sends your info on it to another remote pc..

Leave a Comment

Your email address will not be published. Required fields are marked *