XP Defender 2013

XP Defender 2013 Description

ScreenshotXP Defender 2013 is a fake anti-virus program. This fake security application is part of a very large family of malware, the family that has been around for several years. ESG security researchers have dealt with this family of malware in the past, and there are versions of XP Defender 2013 dating to previous years, with names such as XP Defender 2012 and XP Defender 2011. All of these are the same fake security program with a different name and slight changes to the program's graphic interface. XP Defender 2013 and its variants are all malicious and should be dealt with using a reliable anti-malware program.

There are many variants and clones of XP Defender 2013. These include fake security programs with names like

Fake security software in XP Defender 2013's family of malware is characterized by its ability to change in order to match the infected computer's operating system. XP Defender 2013 is the variant of this threat that attacks computers with the Windows XP operating system. However, computers with the Windows 7 or Windows Vista operating systems will be infected by Windows 7 Defender 2013 or Vista Defender 2013 respectively. This happens because the Trojan that installs XP Defender 2013 first detects the victim's computer's operating system and then installs a version of XP Defender 2013 that will match that operating system.

There are few differences between XP Defender 2013 and most other fake security programs. Basically, XP Defender 2013 will try to trick the PC user into believing that their machine has become infected with malware. It will harass the victim with numerous error messages and fake system alerts, all designed to convince the victim to 'upgrade' to a premium version of XP Defender 2013, but upgrading is expensive and just as useless. Both the 'full version' and the 'free' version of XP Defender 2013 have no way of detecting or removing malware in the victim's computer. Even worse, these fake security programs use malicious scripts, associated Trojans and other malware techniques in order to cause problems deliberately on the victim's computer in order to gain access to the victim's credit card information and steal the victim's money.

Technical Information

Screenshots & Other Imagery

XP Defender 2013 Image 1 XP Defender 2013 Image 2 XP Defender 2013 Image 3 XP Defender 2013 Image 4 XP Defender 2013 Image 5 XP Defender 2013 Image 6 XP Defender 2013 Image 7

Registry Details

XP Defender 2013 creates the following registry entry or registry entries:
RegistryKey
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon\ %1
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\Content Type application/x-msdownload
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command\ "%1" %*
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\shell\open
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\shell\runas
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\shell\open\command\ "[RANDOM CHARACTERS_1].exe" -a "%1" %*
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\.exe\ [RANDOM CHARACTERS_0]
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command\IsolatedCommand "%1" %*
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\ Application
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\DefaultIcon\ %1
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\shell
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\shell\runas\command\IsolatedCommand "%1" %*
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\.exe\Content Type application/x-msdownload
HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command\ "[RANDOM CHARACTERS_1].exe" -a "%1" %*
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command\IsolatedCommand "%1" %*
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\shell\runas\command\ "%1" %*
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\shell\open\command
HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS_0]\shell\open\command\IsolatedCommand "%1" %*

More Details on XP Defender 2013

The following messages associated with XP Defender 2013 were found:
Attention: Danger!
Alert! System scan for spyware, adware, Trojans and viruses is complete. Win 7 Defender 2013 detected 31 critical system objects. These security breaches may be exploited and lead to the following:
Your system becomes a target for spam and bulky, intruding ads
Browser crashes frequently and web access speed decreases
Your personal files, photos, document and passwords get stolen
Your computer is used for criminal activity behind your back
Bank details and credit card information gets disclosed
Computer security is at risk! Your PC is still under malware attack. Dangerous programs were found to be running in the background. System crash and identity theft are likely. Remove malware now and get real time intrusion protection?
Privacy threat!
Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card
details and passwords. Click here to perform a security repair

Click Register to register your copy of XP Defender 2013 and perform threat removal on your system. The list of infections and vulnerabilities detected will become available after registration
Security breach!
Beware! Spyware infection was found. Your system security is at risk. Private information may get stolen, and your PC activity may get monitored. Click for an anti-spyware scan
System hijack!
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan
Virus infection!
System security was found to be compromised. Your computer is now infected. Attention, irreversible system changes may occur. Private data may get stolen. Click here now for an instant anti-virus scan
XP Defender 2013 ALERT
System integrity threat!
Warning! Sensitive data may be sent over your Internet connection right now!

Related Posts

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.


HTML is not allowed.