Registry Defender Platimum
Registry Defender Platinum is a fake Windows registry tool that typically spreads via Trojan infection. It manages to sneak into target computer with Trojan’s sophisticated functionalities. Its stealth intrusion makes surprising attack leaving victims unguarded.
Once Registry Defender Platinum is installed, it pop-ups several warnings and state that issues where found on the registry that when not fix, will cause system crashes. It immediately advises user to purchase the registered version and repair an unlimited number of errors.
Remember that all reports provided by rogue applications are untrue. They do not really occur on the system. By fabricating fake findings, attackers behind Registry Defender Platinum hope to mislead user and force them to pay for this useless registry-cleaning program.
Screen Shot Image:
Technical Details and Additional Information:
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Vista
Characteristics (Analysis)
Malware Behavior
This rogue security application will produce non-existent system errors and prompts user to obtain the full version in order to fix the issues:
Registry Defender Platinum
Warning: More extensive errors were found on this computer than this evaluation.
Please note: This version of Registry Defender is limited to fixing 20 errors. Because there are 141 errors detected on this computer, we strongly recommend that you upgrade to the registered version and fix all of these errors. T upgrade now, click on the “upgrade now” button below.
Some registry errors can cause erratic operation, full system crashes, freezes, or other undesirable results if left alone. Registry Defender will fix these errors.
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\Registry Defender
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0D987FB6-2CB1-4189-B6A1-5E8185E9A899}
Associated Files and Folders:%UserProfile%\Start Menu\Programs\Startup\RegistryDefender.lnk %UserProfile%\Desktop\Registry Defender.lnk %UserProfile%\Start Menu\Programs\Registry Defender Platinum\Registry Defender.lnk %UserProfile%\Start Menu\Programs\Registry Defender Platinum\User Guide.lnk %UserProfile%\Start Menu\Programs\Registry Defender Platinum\Customer Support.lnk %ProgramFiles%\Registry Defender Platinum\Customer Support.url %ProgramFiles%\Registry Defender Platinum\INSTALL.LOG %ProgramFiles%\Registry Defender Platinum\install.sss %ProgramFiles%\Registry Defender Platinum\mscomctl.ocx %ProgramFiles%\Registry Defender Platinum\RegistryDefender.exe %ProgramFiles%\Registry Defender Platinum\RegistryDefender.exe.manifest %ProgramFiles%\Registry Defender Platinum\report.csv %ProgramFiles%\Registry Defender Platinum\stdole2.tlb %ProgramFiles%\Registry Defender Platinum\Uninstall.exe %ProgramFiles%\Registry Defender Platinum\User Guide.url %ProgramFiles%\Registry Defender Platinum\repair-bar\scanner-repair-1.jpg
webmaster
Jul 08, 2008 @ 13:20:50
1. Temporarily Disable System Restore (Windows Me/XP/Vista/7) . [how to]
2. Update the virus definitions.
3. Reboot Windows in Safe Mode. [how to]
4. Run a full system scan and clean/delete all infected file(s)
5. Delete/Modify any values added to the registry. [how to edit registry]
Navigate to and delete the following registry entry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
\{0D987FB6-2CB1-4189-B6A1-5E8185E9A899}\”SilentSettings” = “%ProgramFiles%\Registry Defender Platinum\install.sss”
Navigate to and delete the following registry subkey:
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\Registry Defender
6. Exit registry editor and restart Windows.
7. In order to make sure that threat is completely eliminated, carry out a full scan of your system using AntiVirus and Antispyware Software. Another way to delete the virus using various Antivirus Program without the need to install can be done with Online Virus Scanner.