Home » News » Rogue Antispyware » Remove Advanced Defender, Advanced Defender Removal Instructions

Remove Advanced Defender, Advanced Defender Removal Instructions

By Jason on February 9, 2010 | Rogue Antispyware Remove Advanced Defender, Advanced Defender Removal Instructions

Advanced Defender is an application that you should not trust with your system protection. Not only it is not a real security tool, it is also a malicious program seeking to infect your system with even more parasites. Advanced Defender is distributed online at a number of counterfeit websites which either trick the user into downloading Advanced Defender or use trojans to do it without the user's notice.

As Advanced Defender enters your system it launches every time you start your computer using way too much of your system resources and reducing its performance. Advanced Defender also loads a bunch of fabricated security scans plus pop-up alerts warning you about various infections being found. All this is fake, Advanced Defender tries to make the user believe that their system is actually infected with viruses and security threats so that they would purchase the Advanced Defender software which promises to take care of their security issues. Advanced Defender may also be the cause of various computer problems, so it is better to just remove it as soon as you detect it.

New processes created

winscent.exe
spoos.exe
regp.exe
explorers.exe
certofsystem.exe
advanceddefender.exe Learn how to remove malicious processes

New Advanced Defender registry entries created

HKEY_LOCAL_MACHINE\SOFTWARE\Advanced Defender
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Advanced Defender
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "advanceddefender" Download RegistryBooster 2010 to scan your registry errors
Learn how to remove malicious registry entries

New files and directories created

%AllUsersProfile%\Microsoft PData\track.wid
%DesktopDir%\Advanced Defender.lnk
%Programs%\Advanced Defender\Advanced Defender.lnk
%ProgramFiles%\Advanced Defender\advanceddefender.exe
%ProgramFiles%\Advanced Defender\base.wdb
%ProgramFiles%\Advanced Defender\baseadd.wdb
%ProgramFiles%\Advanced Defender\conf.wcf
%ProgramFiles%\Advanced Defender\quarant.wdb
%System%\winscent.exe
%ProgramFiles%\Advanced Defender\queue.wdb
%Windir%\certofsystem.exe
%Windir%\explorers.exe
%Windir%\microsoftdefend.dll
%Windir%\regp.exe
%Windir%\secureit.com
%Windir%\spoos.exe
%Windir%\Temp\scs1.tmp
%Windir%\Temp\scs2.tmp
%Windir%\Temp\scs3.tmp
%Windir%\Temp\scs4.tmp
%Windir%\Temp\scs5.tmp
%Windir%\Temp\scs6.tmp
%Windir%\Temp\scs7.tmp
%Windir%\tempfile2.bat Learn how to unregister malicious DLL files

Symptoms in a Hijackthis log

O4 - HKLM\..\Run: [advanceddefender] C:\Program Files\Advanced Defender\advanceddefender.exe

How to remove Advanced Defender

To remove Advanced Defender manually you must block rogue Advanced Defender related websites, remove malicious processes and registry entries, unregister dlls and delete all malicious Advanced Defender files from your computer.
Please note: cleaning your computer is a difficult and dangerous task, manually editing registry entries and removing processes and files may cause serious damage to your system. We strongly recommend scanning your computer with one of the legitimate antispyware scanners.

Scan your computer

More Rogue Antispyware news

Delete Windows Safety Maintenance fraud

Delete Windows Safety Maintenance fraud

Windows Safety Maintenance is a rogue anti-spyware program which spreads via trojan. Once the trojan is released Windows Safety Maintenance stars fake scans and shows fraudulent results. It puts many efforts in trying to trick user into believing their PC is infected. Read more.


News categories

Latest news