BitDefender 2011
Please do not confuse the fake security program BitDefender 2011 with any of the real software published by BitDefender. BitDefender 2011 is not a BitDefender product. If that sounds confusing, that's because the crooks behind the BitDefender 2011 scam want it to be. They have a history of naming their phony anti-virus software after real, legitimate products, in order to get unsuspecting PC users to pay the money that the malware demands. Nonetheless, it is possible to tell the real BitDefender products from the bogus BitDefender 2011.
The one characteristic of BitDefender 2011 that gives BitDefender 2011 away as a fake security application, more than anything else, is BitDefender 2011's attempt to lock down your computer and make it unusable. It starts with the fake scanner interface that will load as soon as Windows starts, where BitDefender 2011 will run a fake scan of your computer, and then report that BitDefender 2011 has found a large number of threats. Then, BitDefender 2011 will offer you the opportunity to remove these so-called threats, but if you try to do that, BitDefender 2011 will tell you that you must first convert to a "full license." The idea is to get you to believe that you are using a trial version, and that if you just paid for a license, BitDefender 2011 could make your PC safe and clean again. The problem is, BitDefender 2011 can't detect threats, so the list of malware and viruses BitDefender 2011 listed are fake; in fact, BitDefender 2011 even includes harmless files that Windows may need in order to function properly. Also, even if you were to pay the license fee, BitDefender 2011 would not gain the capability to remove threats from your PC.
The scanner interface will eventually clear, so that you can see the desktop and taskbar. Unfortunately, that means relatively little, because BitDefender 2011 will severely disable your computer. For one thing, BitDefender 2011 will continue to try to get you to believe that your computer is under attack, by generating frequent security alerts. These alerts will warn that your PC is being attacked by a computer at some remote address, or that the system is infected with a virus. Some of the virus information that BitDefender 2011 gives in these alerts is accurate, but most of it is complete nonsense, written specifically to sound frightening. BitDefender 2011's alerts will all prompt you to run a scan, or to upgrade the fake security software. No matter what the alerts say about your computer, it is false; and no matter what option they offer you so that you can increase your system's security, it ultimately leads to a payment website for the BitDefender 2011 scam.
While BitDefender 2011 is present on your PC, BitDefender 2011 will prevent you from running some or all of your other programs, while claiming that those programs can't be run because they are somehow dangerous. BitDefender 2011 specifically disables any software that could remove BitDefender 2011, such as real anti-virus software. BitDefender 2011 will also interfere with Task Manager and your web browser. Task Manager will be given an extra column of infection status information, and you will be told that your only means of accessing the Internet is through an emergency-mode Internet Explorer. The "emergency mode" is complete bunk – it's just an excuse for BitDefender 2011 to control which websites you are able to view, making sure that you visit the BitDefender 2011 site and that you can't view any websites that might give you information on removing the fake security program.
Strictly speaking, BitDefender 2011 is not a virus. BitDefender 2011 relies on a Trojan in order to infect computers, and that Trojan is usually hidden in another file that you download, or it is pushed to your computer by a drive-by download when you visit a malicious website. BitDefender 2011 is commonly supported by malicious websites and pop-up advertisements that will claim that your computer is infected and then offer a free anti-virus software download. However, these sites and advertisements don't actually scan your computer, and they report the same results for literally everyone that visits the site or views the ad. They are made to look just real enough to convince you to download the Trojan that BitDefender 2011 uses, which will drop the files for BitDefender 2011 and make some changes to the Registry once it is on your PC. The first time you start Windows after the Trojan has installed BitDefender 2011, the malware will be active.
BitDefender 2011 is not the first of its kind. BitDefender 2011 is not the first fake security program, and BitDefender 2011 is not the first to use the name of a legitimate application in order to gain users' trust. In fact, BitDefender 2011 comes from a line of related malware, which is all developed and spread by the same people, and which makes up a huge Russian-run Internet scam. Other malware that is closely related to BitDefender 2011 includes E-Set Antivirus 2011, AVG Anti-Virus, and Antivir 2010, all of which use names taken from companies that produce legitimate security applications. BitDefender 2011's family also includes the rogue anti-virus programs Antivirus 8, Antivirus 7, and Antivirus GT.
Generally, you can tell the difference between the names of the fake security applications from this scam and the names of the real products they imitate, because something is always a bit off about the fake name. In this case, BitDefender's products always have a word in between "BitDefender" and the year, as in the name of one of BitDefender's actual products, "BitDefender Internet Security 2011." A little bit of attention to details can help you to avoid a malicious security application, and to know which programs to trust.
Table of Contents
File System Details
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | C:\WINDOWS\system32\iesafemode.exe | |
| 2. | c:\Program Files\BitDefender 2011\bitdefender.exe | |
| 3. | %UserProfile%\Desktop\BitDefender 2011.lnk | |
| 4. |
C:\Documents and Settings\ |
|
| 5. |
C:\Documents and Settings\ |
|
| 6. | C:\WINDOWS\Prefetch\MSCONFIG.EXE-1EF1EA0F.pf | |
| 7. | %Temp%\srvED4.tmp | |
| 8. | c:\Program Files\BitDefender 2011\ | |
| 9. |
C:\Documents and Settings\ |
|
| 10. | C:\WINDOWS\Prefetch\BITDEFENDER.EXE-0571D06A.pf | |
| 11. | %Temp%\srvED4.ini | |
| 12. | %AllUsersProfile%\Start Menu\BitDefender 2011\Uninstall.lnk | |
| 13. |
C:\Documents and Settings\ |
|
| 14. | C:\WINDOWS\Prefetch\BITDEFENDER.EXE-06B296CB.pf |
Registry Details
URLs
BitDefender 2011 may call the following URLs:
| secure.ordersunsprotection.com |
| secure.supersoftstore.com |
| windows-networks.com |
Messages
The following messages associated with BitDefender 2011 were found:
|
About Internet Explorer Emergency Mode
Your PC is infected with malicious software and browse couldn't be launched You may use Internet Explorer in Emergency mode - internal service browser of Microsoft Windows system with limited usability. Notice: Some sites refuse connection with Internet Explorer in Emergency Mode. In such case system warning page will be showed to you. |
|
Warning!
Virtumonde is an adware program that tends to monitor your Internet browsing habits and may display targeted advertisements onto your computer screen. Virtumonde may also create a malicious DLL file in order to log your keystrokes and send the recorded information to a third party website. Virtumonde is an unwanted application and recommended to be removed. |
|
Warning! Active Virus Detected!
Threat Detected: Backdoor.Poison.BQA Infected file: [random file name] Action taken: Application Blocked Description: This backdoor arrives as attachment to email messages spammed by another malware or malicious user. This is a backdoor component of the Darkmoon RAT (Remote Administration Tool), via this backdoor hackers attempt to control your PC. |
|
Warning! Identity theft attempt detected!
Attacker IP: [random IP address] Attack Target: Microsoft Corp. Keys Description: Remote host tries to get access to your personal information. |
|
Warning! New virus detected!
Threat Detected: Keylogger.iSnake.Pro Infected File: C:\WINDOWS\system32\asr_ldm.exe |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.