Posts Comments

You are here: Home / Virus Removal / Antimalware Defender

Virus RemovalIf You Need Expert Help we recommend you hire a Ninja! Ninja's are well trained in the art of virus removal and can remove all threats from your computer right now. See this Computer Repair site or check out www.pcninja.com for live help.

Antimalware Defender

February 8, 2010 By Leave a Comment

Description: Antimalware Defender is a fake anti-spyware related to the well-known rogue software, Virus Doctor. It uses scare tactics to try and convince the user to buy a license for the software. It gets downloaded via Trojan viruses that enter the user’s computer and then display authentic-looking Windows alerts asking the user to agree to an update of the Windows malware database. If the user agrees to this, Antimalware Defender gets installed. Once established on the system, this rogue software will proceed to perform fake system scans every so often and return results stating that the computer is under threats from malware. It will also install a browser helper object which will redirect the user’s web browser to websites that promote similar rogue software programs. Furthermore, Antimalware Defender will display fake pop-ups from the Windows taskbar stating that the computer is under threat from various viruses. It will then claim that the currently installed ‘trial’ version of the software is not adequate to remove the detected false ‘threats’ and advise the user to purchase a license for the ‘full’ version of Antimalware Defender. However, as Antimalware Defender is a fake program, none of its versions can scan or clean your computer.

Antimalware Defender

Antimalware Defender

» Download Antimalware Defender Removal Software

As soon as you find a copy of Antimalware Defender on your system, you should take steps to remove it. This involves unregistering its DLL files, removing its files and folders and deleting its registry entries.

File Removal Procedures

The first step needed to remove Antimalware Defender is to unregister the following DLL file: Because the below file name is random you will need to run a virus scan to nail down the exact file name. However it will be close or similar in nature to the below files. ( Learn how to terminate a running process )

  • ca467c83-a655-2231-562f-n56361e56f43c_3.avi (random named AVI file in C:WINDOWSsystem32 )

The next step is to remove the following files and folders:

  • c:Documents and SettingsAll UsersApplication Datarandom named AVI
  • c:Documents and SettingsAll UsersApplication Datarandom named AVI
  •  c:Documents and SettingsAll UsersApplication Datarandom named .mkv
  •  c:Documents and SettingsAll UsersStart MenuProgramsAntimalware Defender
  • c:Documents and SettingsAll UsersStart MenuProgramsAntimalware DefenderAntimalware Defender.lnk
  • c:Documents and SettingsAll UsersStart MenuProgramsStartupca84c702-c758-4421-974e-b02662e76d7c_6.lnk c:Program FilesAntimalware Defender
  • c:Program FilesAntimalware DefenderAntimalware Defender.dll
  • c:WINDOWSsystem32random named AVI
  • c:WINDOWSsystem32random named .ico
  • %UserProfile%Local SettingsApplication Datarandom named AVI
  • %UserProfile%Application Datarandom named AVI
  •  %UserProfile%Application Datarandom named AVI
  • %UserProfile%Application Datarandom named AVI
  • %UserProfile%Application Datarandom named .mkv
  • %UserProfile%Application DataMicrosoftInternet ExplorerQuick LaunchAntimalware Defender.lnk
  • %UserProfile%DesktopAntimalware Defender.lnk
  • %UserProfile%Local SettingsApplication Datarandom named AVI
  • %UserProfile%Local SettingsApplication Datarandom named ico
  • %UserProfile%Local SettingsApplication Datarandom named .mkv
  • %UserProfile%Start MenuProgramsAntimalware Defender
  • %UserProfile%Start MenuProgramsAntimalware DefenderAntimalware Defender.lnk
  • %UserProfile%Start MenuProgramsStartuprandom named .lnk

Once these steps have been completed, your hard disk no longer contains any instances of Antimalware Defender. However, in order to ensure the fact that no further malicious files are left behind on the system it is recommended to scan the entire computer using Spyware Doctor with Antivirus.

Claim Your Free Scan of Spyware Doctor with Antivirus

Registry Removal Procedures

After file removal has been completed, the following keys and settings should be removed from the Windows Registry in order to ensure that you completely remove Antimalware Defender: (How to Edit Registry Here)

  • HKEY_CLASSES_ROOTCLSID{random named}
  • HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{random named}
  • HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun "random named"

Once these steps have all been completed, your computer is safe from Antimalware Defender.

Conclusion

Inexperienced users are advised against attempting to remove Antimalware Defender manually as any wrong move on your part could cause damage to your system. Rogue programs such as Antimalware Defender are built to repair themselves, so nothing short of complete removal will get rid of this fake anti-spyware. The best route for inexperienced users to take is to use a web-based repair service such as www.pcninja.com.

Other Software clients that Removevirus.org likes to use

  • Spyware Doctor with Antivirus
  • Norton
  • Trend Micro
  • Kaspersky
  • AVG
  • MalwareBytes

As always please post updates to the file traces. If yours are different then other users will find it helpful.

VN:F [1.9.10_1130]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.10_1130]
Rating: 0 (from 0 votes)
Filed Under: Virus Removal Tagged With: , , , , , ,
RemoveVirus.org cannot be held liable for any damages that may occur from using our community virus removal guides. Viruses cause damage and unless you know what you are doing you may loose your data. We strongly suggest you backup your data before you attempt to remove any virus. Each product or service is a trademark of their respective company. We do make a commission off of each product we recommend. This is how removevirus.org is able to keep writing our virus removal guides. All Free based antivirus scanners recommended on this site are limited. This means they may not be fully functional and limited in use. A free trial scan allows you to see if that security client can pick up the virus you are infected with.