Security Defense

Security Defense is a security application that, in all aspect is not capable of protecting the computer against viruses. Therefore, it is rogue software. Security Defense is so aggressive that it can break into someone’s PC in a variety of ways. To fulfill its very own objective of ruling the system, it pushes infection into Windows registry and adds some changes. Technically, this process makes things uncomplicated for the rogue program to control the operation of your machine as system runs. It will be impossible to track virus’ moves specifically if antivirus is disabled.  Many other malicious files are set to be fetch from different servers that will help expand the damages Security Defense can cause.

All of the mentioned anomalies may occur when visiting infected web sites. Downloading files from file-sharing networks is a contributing factor to the spread of Security Defense. Unconsciously, opening emails and links from instant messages programs can also lead to virus infection.

If Security Defense has succeeded in getting inside the computer, you’ll begin to realize of its destructive force when all programs are kept unusable. Certainly, Security Defense will not admit its offense. Instead it will disguise as legitimate anti-virus program and start to notify you that all programs are infected with virus. The fake AV suddenly suggests doing a complete clean-up by using the registered version of Security Defense. As you can notice, what it does was to intelligently promote a useless product. Don’t buy Security Defense and save your money for an effective security product that you may need to protect your PC against incoming attack.

Beware of this and other bogus software from the same group like Security Protection and Malware Protection.

Screen Shot Image:

Damage Level: Medium

Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7

Security Defense Removal Procedures

SECURITY DEFENSE REMOVAL TOOL:
Scanning with removal tool is the easiest way to remove Security Defense virus. Instead of going through the complicated process of finding files and registry entries, you can start diagnostic by downloading the removal tool.

As expected, some virus will prevent you to download this program by blocking access to Internet or website. If you encounter this, use another machine to obtain the file. Do not forget to rename it before installing.

MANUAL REMOVAL PROCEDURE:
1. Press Ctrl+Alt+Del on keyboard to stop process associated to “Security Defense”. When Windows Task Manager opens, go to Processes Tab and find and end the following process:
defender.exe.exe

2. You need to update your installed antivirus application to have the latest database.

3. Thoroughly scan the system and any detected threats must be removed. If removal is prohibited, it is best to quarantine the infected item. Manually locating and deleting of malicious files should also be performed. Please see files below that are related to Security Defense Virus.

4. Registry entries created by Security Defense must also be removed from the Windows system. Please refer below for entries associated to the rogue program.
- For Windows 2000/XP: Go to Start > Run, type “regedit” on dialog box then press Enter on keyboard.
- For Windows Vista/7: Go to Start > Search Program and Files, type “regedit” and press Enter.

5. Exit registry editor.

6. Get rid of Security Defense start-up entry by going to Start > Run, type msconfig on the “Open” dialog box. A windows containing System Configuration Utility will be launched. Go to Startup tab and uncheck the following Start-up item(s):
defender.exe.exe

7. Click Apply and restart Windows.

Technical Details and Additional Information:

Malicious Files Added by Security Defense
%AppData%\defender.exe
%UserProfile%\Start Menu\Security Defense.lnk

File Location for Windows Versions:

  • %UserProfile% for Vista/7 user is C:\Users\<Current User> for Windows Vista/7, for Windows XP/2000 this is C:\Documents and Settings\<Current User>.
  • %AppData% for Vista/7 refers to C:\Users\<Current User>\AppData\Roaming, while for Windows XP/2000 user it is C:\Documents and Settings\<Current User>\Application Data.

Security Defense Registry Entries:
HKEY_CURRENT_USER\Software\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Security Defense”

Alternative Removal Method for Security Defense

Option 1 : Use Windows System Restore to return Windows to previous state

If Security Defense enters the computer, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. The method also replaces compromised files with a clean version. If you have a saved restore point before Security Defense infiltrates the PC, we highly encourage you to execute this procedure if none of the above works. You may proceed with Windows System Restore, click here to see the full procedure.