How to remove XP Defender 2013 virus.

XP Defender 2013 is a new computer virus has recently appeared to the worldwide web. XP Defender 2013 is a virus which includes Vista Defender 2013 and Win 7 Defender 2013. This application acts and looks just like a legitimate antivirus, though this is indeed a real nightmare for a PC owner because it is a severe virus indeed. The badware squeezes onto the target machine via drive-by downloads from Internet pages containing malicious scripts. These could be either special designed Web sites with lots of attractive ads and links, or hacked legitimate web resources such as search systems and social networks etc. The virus infiltrates into the system invisibly It adds special registry entries to launch with every Windows login.


The victim usually sees the warning alerts with the following content.

“Attention: Danger!
Alert! System scan for spyware, adware, Trojans and viruses is complete. XP Defender 2013 detected 31 critical system objects. These security breaches may be exploited and lead to the following:
Your system becomes a target for spam and bulky, intruding ads
Browser crashes frequently and web access speed decreases
Your personal files, photos, document and passwords get stolen
Your computer is used for criminal activity behind your back
Bank details and credit card information gets disclosed”
“Click Register to register your copy of XP Defender 2013 and perform threat removal on your system. The list of infections
and vulnerabilities detected will become available after registration”

“Computer security is at risk! Your PC is still under malware attack. Dangerous programs were found to be running in the background. System
crash and identity theft are likely. Remove malware now and get real time intrusion protection?”

“System hijack!
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan”

“Security breach!
Beware! Spyware infection was found. Your system security is at risk. Private information may get stolen, and your PC activity may get monitored. Click for an anti-spyware scan”

“Privacy threat!
Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card
details and passwords. Click here to perform a security repair”

“Virus infection!
System security was found to be compromised. Your computer is now infected. Attention, irreversible system changes may occur. Private data may get stolen. Click here now for an instant anti-virus scan”

“XP Defender 2013 ALERT
System integrity threat!
Warning! Sensitive data may be sent over your Internet connection right now!
Details Attack from 252.211.92.28 port: 20928
Attacked port: 35268
Threat: Trojan-Proxy.Win32.Agent.x
Do you want to block this attack?”

Furthermore, it is difficult to delete the malware because its developers are not interested in their product being easily removable. It can even block the real anti-viruses. In such way it protects itself from being detected. So the cleaning process could be only possible by means of modern powerful anti-virus software. It imitates system scanners and produce numerous fake virus alerts and notifications concerning the system’s condition. Such warnings, as well as scan results are unreal, intended to frighten the user and prompt him/her to buy the commercial version of this software. This is what it’s all about – stealing your hard-earned funds is the main goal of the hackers who have released this utility. To protect oneself from the danger, one should be cautious about visiting unfamiliar Internet pages and keep the legitimate antivirus constantly turned on and updated. Now it is must to get this one off of your computer system. The easy and effective removal is available for you by means of GridinSoft Trojan Killer. The step-by-step removal guide is in your disposal in the section below

  1. Run GridinSoft Trojan Killer:
    Click Win+R and type the direct link for the program’s downloading. http://trojan-killer.net/download.php

  2. If your PC is totally blocked and any attemps to launch the computer in such manner are in vain, use this method:
    take your USB flash drive / Memory Stick and download GridinSoft Trojan Killer installation file from this site http://trojan-killer.net/download.php and save it to your USB flash drive / Memory Stick. Get back to your infected PC and insert the USB Drive / Memory Stick into the respective USB slot.

  3. Install GridinSoft Trojan Killer. (If you have Win 7 you need to click the right mouse button on the icon, pick “Run as” and choose with administrator
    rights.If your PC is totally blocked and any attemps to launch the computer in such manner are in vain, use this method:
    take your USB flash drive / Memory Stick and download GridinSoft Trojan Killer installation file from this site http://trojan-killer.net/download.php and save it to your USB flash drive / Memory Stick. Get back to your infected PC and insert the USB Drive / Memory Stick into the respective USB slot, install and launch GridinSoft Trojan Killer.
  4. IMPORTANT!

    Don’t uncheck the Start Trojan Killer checkbox at the end of installation!

    checkbox
    checkbox

    Manual removal guide of XP Defender 2013 virus:

    Delete XP Defender 2013 files:

    • %LocalAppData%\[rnd_2]
    • %Temp%\[rnd_2]
    • %UserProfile%\Templates\[rnd_2]
    • %CommonApplData%\[rnd_2]

    Delete XP Defender 2013 registry entries:

    • HKEY_CURRENT_USER\Software\Classes\.exe
    • HKEY_CURRENT_USER\Software\Classes\.exe\ [rnd_0]
    • HKEY_CURRENT_USER\Software\Classes\.exe\Content Type application/x-msdownload
    • HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon
    • HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon\ %1
    • HKEY_CURRENT_USER\Software\Classes\.exe\shell
    • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
    • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
    • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command\ “[rnd_1].exe” -a “%1″ %*
    • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command\IsolatedCommand “%1″ %*
    • HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas
    • HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command
    • HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command\ “%1″ %*
    • HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command\IsolatedCommand “%1″ %*
    • HKEY_CURRENT_USER\Software\Classes\[rnd_0]
    • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\ Application
    • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\Content Type application/x-msdownload
    • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\DefaultIcon
    • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\DefaultIcon\ %1
    • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell
    • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\open
    • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\open\command
    • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\open\command\ “[rnd_1].exe” -a “%1″ %*
    • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\open\command\IsolatedCommand “%1″ %*
    • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\runas
    • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\runas\command
    • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\runas\command\ “%1″ %*
    • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\runas\command\IsolatedCommand “%1″ %*

4 thoughts on “How to remove XP Defender 2013 virus.

Leave a Comment

*