Fake Anti Spyware.Malware Defense - Spyware Detector

Home / Spyware Encyclopedia / Fake Anti Spyware.Malware Defense

Fake Anti Spyware.Malware Defense Technical Details

Category	Fake Anti Spyware
Discovered	12/22/2009 10:17:54 AM
Modified	12/29/2009 1:25:09 PM
Threat Level	High

Category Description

These are programs which look like any legitimate program but usually download without users permission, entice users into buying them by showing fake results to improve users PC performance. They may also download spyware and other unwanted programs.

Description

Malware Defense is Rogue Security Program. Malware Defense usually installed itself onto your PC without your permission, through Vundo Trojan, Virus or fake software. It uses aggressive and deceptive techniques to frighten the user into purchasing the program. It gives exaggerated report and claims of spyware found or false positives but will not remove spyware unless the user purchases the program.

Notice

Summary

The following http urls were started: NA

The hosts file was updated with the following url-to-ip mappings:

127.0.0.1	localhost
127.0.0.1	download.windowsupdate.com
127.0.0.1	http://update.microsoft.com

The following internet connection was established:

91.212.132.8 : 80

95.169.190.223 : 80

78.129.166.143 : 80

Process		malware defense.exe mdefense.exe
Drivers		N/A
Folder Created		%DAS.AU.SM.P%\Malware Defense %PF%\Malware Defense

The following Files were created:

Name	Version	Publisher	Signature (MD5)	File Size (in KB)
..\malware defense\mdefense.exe			3fcd3d6352dc4312ae3ca40b2fcc47f0	1756088
..\installermd.exe			ce3d0f5354a7588ae9aafc946816f095	95744
..\malware defense\mdext.dll				37888

The following Registry Entries were created:

•	..\Software\Microsoft\Windows\CurrentVersion\Run\\"malware defense"\""%pf%\malware defense\mdefense.exe" -noscan"
•	..\Software\Microsoft\Windows\CurrentVersion\Uninstall\malware defense
•	..\Software\malware defense
•	..\Software\Classes\Clsid\{5e2121ee-0300-11d4-8d3b-444553540000}\inprocserver32\"%pf%\malware defense\mdext.dll"

The following images were captured:

Recommendation to remove Fake Anti Spyware.Malware Defense

Spyware Detector can remove Fake Anti Spyware.Malware Defense, and thousands of other Spyware automatically and instantly. Click here to download Spyware Detector and scan for free.

Download Spyware Detector and Scan for FREE

Search Threats