XP Defender Pro and Vista Defender Pro are rogue security programs that aggressively spreads through malicious web sites. It forces and entry to computers by exploiting software vulnerabilities. XP Defender Pro virus can penetrate a system without a notice and undetected by an antivirus program. It has the power to embed itself on legitimate system files.
At first stage, it will attempt to hijack Internet browsers and redirect it to a website that will perform virus scan on the computer. The scan will display fake results and attempt to convince users to use XP Defender Pro as a virus remover. Next, it will request to download and install the trial version of fake antivirus software. If completed, it will launch a virus scan and keeps on detecting files and viruses that were not present on the PC. This trick will deceive users and force them to register the program, claiming it as the only solution in removing computer threats. Even with the activated version of XP Defender Pro threats will remain on the computer as long as this rogue security program stays.
The only possible way to resolve this issue is by making use of effective anti-malware product to fully scan the computer.
Technical Details and Additional Information:
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7
Presence of XP Defender Pro and Vista Defender Pro on target computer will produce excessive alert messages to mislead victims. Some of these alerts are the following:
XP Defender Pro Firewall Alert!
XP Defender Pro has blocked a program from accessing the Internet
Internet Explorer is infected with Trojan-BNK.Win32-Keylogger.gen
Private data can be stolen by third parties, including credit card details and passwords.
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan.
Severe system damage!
Spyware and viruses detected in the background. Sensitive system components under attack! Data loss, identity theft and system corruption are possible. Act now, click here for a free security scan.
XP Defender ALERT
System integrity threat!
Warning! Sensitive data may be sent over your Internet connection right now!
Attack from: 126.96.36.199 port: 6301
Attacked port: 4637
XP Defender Pro Removal Procedures
Systematic procedures to get rid of the threat are presented on this section. Make sure to scan the computer with suggested tools and scanners.
NOTE: It is recommended to PRINT or BOOKMARK this instruction because we need to restart Windows during the virus removal process.
Step 1 : Uninstall XP Defender Pro from Windows
1 On Windows Start menu, type Uninstall on Search field. Select Apps & Features on the list. For lower version of Windows, please choose Program and Features. You can uninstall or modify any installed application using this feature.
2 On next window, look for the item "XP Defender Pro" from the list and then, click on Uninstall button.
3 When it prompts for confirmation, please click Uninstall to start deleting XP Defender Pro from Windows operating system.
Step 2 : Remove XP Defender Pro remaining items with this tool
This guide requires a tool called Malwarebytes' Anti-Malware. It is a free tool designed to eradicate various computer infections including XP Defender Pro. MBAM scanner and malware removal tool is distributed for free.
4 In order to completely remove XP Defender Pro, it is best to download and run the recommended tool. Please click the button below to begin the download process.
5 After downloading, right-click on the file mb3-setup-consumer-[version].exe and select Run as Administrator to install the application.
6 Follow the prompts and install with dafault settings. There are no changes needed during the installation process.
7 Malwarebytes Anti-Malware will launch for the first time. If it prompts for database update, it is necessary proceed with this step.
8 Click on Scan Now button on scanner's console to ensure that it thoroughly check the PC for any presence of XP Defender Pro and other forms of threats.
9 Once the scan has completed, Malwarebytes Anti-Malware will issue a list of identified threats. Mark all threats and remove them from the computer.
10 If it prompts to restart the computer, please reboot Windows normally.
Step 3 : Double-check if XP Defender Pro still exists
11 Click on the button below to download Norton Power Eraser from official web site. File will be save on your Windows Downloads folder.
12 After downloading, navigate its location and double-click on the NPE.exe file to launch the program.
13 Norton Power Eraser will run. If it prompts for End User License Agreement, please click on Accept to proceed.
14 On NPE main window, click on Unwanted Application Scan to quickly check the computer for malicious programs including XP Defender Pro.
Step 4 : Run Additional Scanner to Ensure that XP Defender Pro is Totally Deleted
Online Virus Scanner:
Another way to remove a virus without the need to install additional anti-virus software is to perform a thorough scan with free Online Virus Scanner. Browse this page to see a list of free services from specific anti-virus and security company.
Alternative Removal Procedures for XP Defender Pro
Use Windows System Restore to return Windows to previous state
During an infection, XP Defender Pro drops various files and registry entries. The threat intentionally hides system files by setting options in the registry. With these rigid changes, the best solution is to return Windows to previous working state is through System Restore.
To verify if System Restore is active on your computer, please follow the instructions below.
1 On Windows Start menu, type RSTRUI on search field. Then, click the item or press Enter on keyboard.
2 "Restore system files and settings" window will appear. Click Next button to see the list of active restore points.
3 Select the most recent one prior to having XP Defender Pro infection. Click Next to restore Windows to previous working and clean state.
4 It may take a while to fully restore back-up files. Restart Windows when done.
Optional : XP Defender Pro manual uninstall guide
IMPORTANT! Manual removal of XP Defender Pro requires technical skills. Deleting system files and registry entries by mistake may result to total disability of Windows system. We advise you to perform a backup of registry before proceeding with this guide.
1. Kill any running process that belongs to XP Defender Pro.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for XP Defender Pro files (refer to Technical Reference) and click End Process.
2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit and press Enter. This will open registry editor.
- Find and delete registry entries as mentioned in Technical Reference section.
- Close registry editor. Changes made will be saved automatically.
3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.
- Thoroughly scan the computer with your updated antivirus software.
4. Delete all files dropped by XP Defender Pro.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Technical Reference'. Make sure that you execute 'End Task' first before deleting the file. Otherwise, the system will not let you perform this action.