WinDefender 2008
WinDefender 2008 is a useless computer protection program. WinDefender 2008 endorses self as a useful anti-virus application that can find and remove threats when installed on the computer. This potentially harmful product may look like a decent security device but what lies behind its nice-looking graphical user interface (GUI) are misleading tactics that aims to persuade users into purchasing the paid version of WinDefender 2008.
Using phony security information, WinDefender 2008 attempts to convince victims that system is under virus attack. In fact, it will detect a number of threats namely Win32.Mytob.M, Win32/Netsky.X, Win32/Sality.NAJ, Win32/Mytob.FM, Win32/Mytob.CY and Win32/Mytob.K.
After posting the false security threats, WinDefender 2008 then advise computer user to pay for the full version of the program to be able to clean the system. If user fails to comply, the rogue program will bombard the desktop with annoying pop-up alerts, browser redirects and other irregularities.
This kind of program must be eliminated as soon as possible. Remove WinDefender 2008 using only legitimate security product to ensure that safety of the PC is in top priority.
Screen Shot Image:
Technical Details and Additional Information:
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Vista
Show More DetailsMalware Behavior
When WinDefender 2008 is running on the computer, it commences a virus scan on its own. The scan will identify hundreds of threats that do not really exist. Additionally, this rogue application also displays fake warning such as the following:
Warning!!!
Current threats detected by WinDefender 2008 today.
This information is provided based on current threats level and Internet user’s database. WinDefender is trying to detect and remove all items.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"WinDefender 2008" = "C:\Program Files\WinDefender 2008\WDefDemo.exe" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\delwdef2008.bat" = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\delwdef2008.bat"Associated Files and Folders:
C:\Documents and Settings\All Users\Start Menu\WinDefender 2008 Unregistered\Launch WinDefender 2008.lnk C:\Documents and Settings\All Users\Start Menu\WinDefender 2008 Unregistered\On the web.lnk C:\Documents and Settings\All Users\Start Menu\WinDefender 2008 Unregistered\Support.lnk C:\Documents and Settings\All Users\Start Menu\WinDefender 2008 Unregistered\Uninstall WinDefender 2008.lnk %UserProfile%\Desktop\Launch WinDefender 2008.lnk %UserProfile%\Local Settings\Temp\delwdef2008.bat %UserProfile%\Local Settings\Temp\Temporary Directory 1 for temp.zip\blockSite %UserProfile%\Local Settings\Temp\(random).tmp %ProgramFiles%\WinDefender 2008\data.dat %ProgramFiles%\WinDefender 2008\FwHookDrv.sys %ProgramFiles%\WinDefender 2008\HOSTS.hst %ProgramFiles%\WinDefender 2008\reserve.dat %ProgramFiles%\WinDefender 2008\siren.wav %ProgramFiles%\WinDefender 2008\svo.scf %ProgramFiles%\WinDefender 2008\Uninstall.exe %ProgramFiles%\WinDefender 2008\Uninstall_st_st_.exe %ProgramFiles%\WinDefender 2008\WDefDemo.exe
webmaster
Jul 08, 2008 @ 13:22:41
1. Temporarily Disable System Restore (Windows Me/XP/Vista/7) . [how to]
2. Update the virus definitions.
3. Reboot Windows in Safe Mode. [how to]
4. Run a full system scan and clean/delete all infected file(s)
5. Delete/Modify any values added to the registry. [how to edit registry]
Navigate to and delete the following registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\”WinDefender 2008″ = “C:\Program Files\WinDefender 2008\WDefDemo.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\”C:\DOCUME~1
\ADMINI~1\LOCALS~1\Temp\delwdef2008.bat” = “C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\delwdef2008.bat”
Navigate to and delete the following registry subkeys:
HKEY_CURRENT_USER\Software\WinDefender 2008
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinDefender 2008
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FwHookDrv
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FwHookDrv
6. Exit registry editor and restart Windows.
7. In order to make sure that threat is completely eliminated, carry out a full scan of your system using AntiVirus and Antispyware Software. Another way to delete the virus using various Antivirus Program without the need to install can be done with Online Virus Scanner.
paula
Jul 31, 2008 @ 15:53:44
I need to know if I can be contacted by a rep. I had ordered this program on line and canceled it and the money was taken out of my account when it should not have. plus I received $99.00 over draft fees on top of the 104.85. I really need to speak with someone regarding this matter. I can be reached at 401-766-0579 or 401-822-3030 ext# 170
precisesecurity
Sep 21, 2008 @ 01:43:13
1. Download Malwarebytes’ Anti-Malware (mbam-setup.exe) and save it on your Desktop.
2. After downloading, double-click on mbam-setup.exe to install the application.
3. Follow the prompts and install as “default” only
4. Before the installation completes, check on the following prompts:
– Update Malwarebytes’ Anti-Malware
– Launch Malwarebytes’ Anti-Malware
5. Click “Finish.” Program will run automatically and you will be prompt to update the program before doing a scan. Please update.
6. Scan your computer thoroughly.
7. When scanning is finished, click on the “Show Results”
8. Make sure that all detected threats are marked, click on Remove Selected.
9. Restart Windows.
Ben & Jerry's Mom
Sep 23, 2008 @ 15:08:43
While running McAfee Security Two days ago I got an error message which came up in red stating I had no anti virus on my computer. I also got the message my computer was at risk. At that time WinDefender name showed. Being taken aback that no anti virus was on the computer and knowing I had Comcast and McAfee installed I wondered if something had happened that the programs didn’t run. As it looked like WinDefender came from the same program as McAfee I decided to make the purchase after WinDefender since it was popping up continuously and not allowing me to surf the Internet. After purchasing an error message appeared saying IE did not allow it to install. After that I found I could not connect to the Internet using IE. I tried using Firefox but wasn’t able to connect using that eithere. Today I ran Spyware Doctor and found, after installing WinDefender that I had 9 threats, four of which were high and included Trojans and worms. I had 73 infections as well on my PC, none of which had previously been there! This software, WINDEFENDER is nothing more than bundled threats and infections! DO NOT PURCHASE THIS PROGRAM!