Antimalware Defender
Antimalware Defender is another potentially unwanted program that can invade a computer by means of a Trojan. Upon infection, Antimalware Defender virus will modify Internet browser and redirect it to a fake security web site. Visiting the site will run a script that downloads and executes a copy of Antimalware Defender on user’s computer. After successful installation, Antimalware Defender will immediately exhibit a virus scan and display false alerts that aim to mislead users into having the paid version of this useless program.
An excessive task bar and pop-up alerts will also be displayed on compromised computer stating that computer is severely infected. It also posts a notice regarding dozens of threats residing on the computer. This trick may provoke users to click the “Remove” button, which will redirect them to a fraudulent payment-processing website. Just as other rogue programs, acquiring the registered version of Antimalware Defender will not resolve computer issues; it is just a complete waste of money. In addition, the counterfeit web site can steal your credit card information and illegally charge for other hidden charges.
Screen Shot Image:
Technical Details and Additional Information:
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7
Characteristics (Analysis)
Antimalware Defender is a misleading security application. This virus can be installed manually if user considers it as beneficial. Through various deceptive actions, Antimalware Defender can trick users with no trouble. Most of the time, this potentially unwanted application is secretly installed on target computer through Trojan infection or fake online virus scanner. Files dropped inside the system are specifically essential of its fraud operation and not contagious at all. However, the Trojan connected to it may cause harm as other known viruses. Antimalware Defender associated Trojan can communicate to a remote server to download more threats.
HKEY_CLASSES_ROOT\CLSID\{ca84c702-c758-4421-974e-b02662e76d7c}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bv97r087-t764-4432-783f-h8978w56d8x}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "bv97r087-t764-4432-783f-h8978w56d8x_5"
Associated Files and Folders:C:\Documents and Settings\All Users\Application Data\bv97r087-t764-4432-783f-h8978w56d8x_5.avi C:\Documents and Settings\All Users\Application Data\bv97r087-t764-4432-783f-h8978w56d8x_5.ico C:\Documents and Settings\All Users\Application Data\bv97r087-t764-4432-783f-h8978w56d8x_5.mkv C:\Documents and Settings\All Users\Start Menu\Programs\Antimalware Defender C:\Documents and Settings\All Users\Start Menu\Programs\Antimalware Defender\Antimalware Defender.lnk C:\Documents and Settings\All Users\Start Menu\Programs\Startup\bv97r087-t764-4432-783f-h8978w56d8x_5.lnk C:\Program Files\Antimalware Defender C:\Program Files\Antimalware Defender\Antimalware Defender.dll C:\WINDOWS\system32\bv97r087-t764-4432-783f-h8978w56d8x_5.avi C:\WINDOWS\system32\bv97r087-t764-4432-783f-h8978w56d8x_5.ico %UserProfile%\Application Data\bv97r087-t764-4432-783f-h8978w56d8x_5.avi %UserProfile%\Application Data\bv97r087-t764-4432-783f-h8978w56d8x_5.ico %UserProfile%\Application Data\bv97r087-t764-4432-783f-h8978w56d8x_5.mkv %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Antimalware Defender.lnk %UserProfile%\Desktop\Antimalware Defender.lnk %UserProfile%\Local Settings\Application Data\bv97r087-t764-4432-783f-h8978w56d8x_5.avi %UserProfile%\Local Settings\Application Data\bv97r087-t764-4432-783f-h8978w56d8x_5.ico %UserProfile%\Local Settings\Application Data\bv97r087-t764-4432-783f-h8978w56d8x_5.mkv %UserProfile%\Start Menu\Programs\Antimalware Defender %UserProfile%\Start Menu\Programs\Antimalware Defender\Antimalware Defender.lnk %UserProfile%\Start Menu\Programs\Startup\bv97r087-t764-4432-783f-h8978w56d8x_5.lnk
How to Remove Antimalware Defender
1. Temporarily Disable System Restore (Windows Me/XP). [how to]
2. Open your antivirus application and update the virus definition file. This method ensures that your antivirus program can detect even newer variants of Antimalware Defender
3. Start Windows in Safe Mode with Networking.
- From a power-off state, turn on the computer and press F8 on your keyboard repeatedly.
- Your computer will display Windows Advanced Boot Options menu. Please select Safe Mode with Networking.
- The system will now boot Windows and loads only necessary drivers and files.
4. Open your antivirus program and run a full system scan. After the scan, delete all infected items. If unable, better place them in quarantine. Once the scan is complete, please proceed with the next step.
Online Virus Scanner:
Another way to remove Antimalware Defender without the need to install additional antivirus application is to perform a thorough scan with free online virus scanner that can be found on websites of legitimate anti-virus and security provider.
5. Go to Online Virus Scanner list and run a virus scan. This may require plug-ins, add-on or Activex object, please install if you want to proceed with scan.
6. After completing the necessary download, your system is now ready for online virus scanning.
7. Select an option in which you can thoroughly scan the computer to make sure that it will find and delete entirely all infections not detected on previous scan.
8. Remove or delete all detected items.
9. When scanning is finished, you may now restart the computer in normal mode.