Advanced Defender Removal
Having Trouble removing this virus? Try Spyware Doctor With Antivirus from PCTools. » Download
For around 89 bucks www.OnlineComputerRepair.org can remove this threat for you right now.
February 22, 2010 by virus removal man
Filed under virus
A clone of the well-known fake anti-spyware programs Personal Guard 2009 and Personal Detector, Advanced Defender uses scare tactics to try and lure the user in to paying for a license to the software. Advanced Defender reaches the user’s system via Trojans and other malicious software. Once established on the system, it starts performing endless fake virus scans, returning results that try to convince the user that their system is hopelessly infected. Advanced Defender also effectively blocks any antivirus software that the user may have installed. It also blocks some other useful executables. Advanced Defender repeatedly requests the user to purchase a license to the ‘full’ version of the software, claiming that the currently installed ‘trial’ version cannot clean the detected ‘threats’ properly. However, Advanced Defender is a fake program and cannot scan or clean your computer in any way.
As soon as you find a copy of this rogue software on your computer, you should take steps to remove it. The tasks dealing with how to remove Advanced Defender are listed below.
File Removal Procedures
The first step in Advanced Defender removal is to stop the following processes:
- advanceddefender.exe
- certofsystem.exe
- explorers.exe
- regp.exe
- spoos.exe
- winscent.exe
The next step in Advanced Defender file removal is to unregister the following DLL file:
- microsoftdefend.dll
Finally, delete Advanced Defender by removing the following files and folders:
- c:\Program Files\Advanced Defender
- c:\Program Files\Advanced Defender\advanceddefender.exe
- c:\Program Files\Advanced Defender\base.wdb
- c:\Program Files\Advanced Defender\baseadd.wdb
- c:\Program Files\Advanced Defender\conf.wcf
- c:\Program Files\Advanced Defender\quarant.wdb
- c:\Program Files\Advanced Defender\q
- c:\WINDOWS\certofsystem.exe
- c:\WINDOWS\explorers.exe
- c:\WINDOWS\microsoftdefend.dll
- c:\WINDOWS\regp.exe
- c:\WINDOWS\secureit.com
- c:\WINDOWS\spoos.exe
- c:\WINDOWS\system32\winscent.exe
- c:\Documents and Settings\All Users\Microsoft PData
- c:\Documents and Settings\All Users\Microsoft PData\track.wid
- %UserProfile%\Desktop\Advanced Defender.lnk
- %UserProfile%\Start Menu\Programs\Advanced Defender
- %UserProfile%\Start Menu\Programs\Advanced Defender\Advanced Defender.lnk
Once these steps have been completed, Advanced Defender no longer resides on your file system. However, since in most cases this application is installed by additional malware it is recommended to scan the entire file system using a genuine antivirus such as Spyware Doctor with Antivirus.
Registry Removal Procedures
Although by now you have removed the files and folders related to Advanced Defender, there is another step left in Advanced Defender removal. You must remove the following keys and settings from the registry as well:
- HKEY_LOCAL_MACHINE\SOFTWARE\Advanced Defender
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Advanced Defender
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = “1″
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “advanceddefender”
Once the registry has been cleaned, your computer is safe from Advanced Defender.
Conclusion
Manual Advanced Defender removal is not recommended for inexperienced users, as any mistake made due to inexperience could damage the integrity of the system. Inexperienced users are advised to use an online repair service such as www.onlinecomputerrepair.org for proper Advanced Defender removal.
