Home Malware Programs Rogue Anti-Spyware Programs AXPDefender

AXPDefender

Posted: May 20, 2008

AXPDefender, also known as AdvancedXPDefender, is a rogue anti-spyware program designed to scare you into purchasing AXPDefender's full version. Once installed, AXPDefender will run a scan of your computer and generate exaggerated spyware threats which are usually false positives.

When the scan is complete, the 'scan results' window appears which shows how many spyware threats your computer allegedly has. This tactic is an attempt to trick you into purchasing AXPDefender's commercial version. In addition, AXPDefender may generate annoying popup advertisements that may cause unstable system performance.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %common_desktopdirectory%\axpdefender.lnk
    2 %common_programs%\advanced xp defender.lnk
    3 %common_programs%\advanced xp defender\advanced xp defender.lnk
    4 %common_programs%\advanced xp defender\how to register.lnk
    5 %common_programs%\advanced xp defender\license agreement.lnk
    6 %common_programs%\advanced xp defender\register.lnk
    7 %common_programs%\advanced xp defender\uninstall.lnk
    8 %program_files%\axpdefender\axpdefender.exe
    9 %program_files%\axpdefender\axpdefender.exe.local
    10 %program_files%\axpdefender\axpdefenderskin.dll
    11 %program_files%\axpdefender\database.dat
    12 %program_files%\axpdefender\license.txt
    13 %program_files%\axpdefender\mfc71.dll
    14 %program_files%\axpdefender\mfc71enu.dll
    15 %program_files%\axpdefender\msvcr71.dll
    16 %program_files%\axpdefender\uninstall.exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\software\axpdefenderHKEY_LOCAL_MACHINE\software\axpdefender mguidHKEY_LOCAL_MACHINE\software\axpdefender\axpdefenderHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender advidHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender automaticallyupdatesHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender backgroundscanHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender backgroundscantimeoutHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender databaseversionHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender daysintervalHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender domainHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender engineversionHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender guiversionHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender installationidHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender installdirHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender lasttimestampHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender minimizeonstartHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender programversionHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender proxynameHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender proxyportHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender registrationdiscurlHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender registrationurlHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender scandepthHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender scanpriorityHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender scansystemonstartupHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender softidHKEY_LOCAL_MACHINE\software\axpdefender\axpdefender\settingsHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run axpdefenderHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}axpdefenderaxpdefender displaynameaxpdefender uninstallstring
Loading...