Security Defense
Posted: September 15, 2011
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 8/10 |
|---|---|
| Infected PCs: | 7 |
| First Seen: | September 15, 2011 |
|---|---|
| Last Seen: | July 21, 2021 |
| OS(es) Affected: | Windows |
Security Defense is a clone of other rogue security programs from a small but growing family of scamware named . This subgroup of rogue security products uses several different types of false positives to trick you into spending money on a Security Defense activation scam, when the only infection on your PC is actually Security Defense itself. SpywareRemove.com malware experts have also noted software-blocking behavior from Security Defense and Security Defense's relatives, which have been advertised on social networking sites via fraudulent advertisement. Since an imperfect removal of Security Defense will allow Security Defense to reinstall itself, it's suggested that you use an anti-malware application that you trust, to delete all Security Defense components.
Security Defense – a Misleading Name in Every Possible Way
Security Defense has been found to market itself in Facebook advertisements, particularly with the usage of fake system scans. You shouldn't trust these simulated scans, since they will always appear to find infections and always recommend that you install Security Defense or one of Security Defense's relatives. This behavior is a forewarning to Security Defense's own attacks, since SpywareRemove.com malware experts have found many fake error messages in common with Security Defense's presence on a PC.
In addition to filling Security Defense's scanner results with fake infection detections, Security Defense will create inaccurate warnings at random intervals, such as these examples:
Security Warning
Malicious program has been detected. Click here to protect your computer.
Attention! We strongly recommend that you activate [Rogue security program] for the safety and faster running of your PC.
[Rogue security program] has found [random number] useless and UNWANTED files on your computer!
These errors will include a variety of infections and supposedly critical-level threats to your PC, but SpywareRemove.com malware researchers haven't found any indication that Security Defense is capable of detecting or removing real Trojans, viruses or other infections from your computer.
How to Exchange Your Fake Security Defense for Real Security
A typical Security Defense infection will also attempt to block various programs from running, including baseline Windows tools (Task Manager, Notepad, etc) and security products such as anti-virus scanners. SpywareRemove.com malware research team has found that the following fake alert often appears after you try to access a program that Security Defense has blocked:
taskmgr.exe can not start
File taskmgr.exe is infected by W32/Blaster.worm. Please activate Security Protection to protect your computer.
However, using Safe Mode will allow you to access all of the programs that Security Defense is trying to stop you from using. Wiping Security Defense off of your hard drive at that point, only requires a good anti-malware program that can detect Security Defense and affiliated infections, including dropper Trojans and rootkits.
You should also be on guard against similar rogue security programs that may be installed in the same way as Security Defense, such as Security Defense's close relatives,
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%Documents and Settings%\[UserName]\Local Settings\Application Data\defender.exe
File name: %Documents and Settings%\[UserName]\Local Settings\Application Data\defender.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
Registry Modifications
HKEY..\..\..\..{Subkeys}HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Security Defense
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.