Secure Defense
Secure Defense or SecureDefense is a rogue anti-spyware application that typically spreads via malicious Trojans. On infiltrating a system, Secure Defense will display fake system scan reports, security alerts and pop-up warnings all claiming that the system is infected with harmful malware. The victim will be informed that the only way to remove the detected threats is to purchases the "full version" of Secure Defense. Purchasing the "full version" of Secure Defense would be a waste of money because it is a non-existent application.
File System Details
Secure Defense may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | c:\WINDOWS\system32\[random].exe | |
| 2. |
C:\Documents and Settings\ |
|
| 3. | c:\WINDOWS\[random].bin | |
| 4. | c:\WINDOWS\system32\[random].bin | |
| 5. |
C:\Documents and Settings\ |
|
| 6. | c:\WINDOWS\system32\[random].cpl | |
| 7. |
C:\Documents and Settings\ |
|
| 8. | c:\WINDOWS\[random].cpl |
Registry Details
Secure Defense may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\SecureDefense
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SecureDefense
HKEY_CURRENT_USER\Software\SecureDefense
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random].exe"
