Security Defender

Security Defender Description

Security Defender Image 1Security Defender is a rogue anti-virus application and a scam. What's particularly nasty about this one is that it impersonates Microsoft's Windows Defender, which is legitimate anti-virus software.

Security Defender's Scare Tactics

Leaving the infection process aside for the moment, because it can vary, there is a standard set of symptoms that you will see on a computer infected with Security Defender. First of all, it will alter the registry so that it runs every time Windows starts. Security Defender will pop-up with its bogus user interface, which is a complete ripoff of Windows Defender and uses the Windows Defender logo (which looks like a rampart, or a part of a castle wall), as well as the Windows logo, and Windows styling with fonts and icons. All of this is without permission, of course, because the people who created Security Defender are criminals. This screen will always show that threats have been detected on the system, along with a reminder to “activate” your copy of the Security Defender software. If you look at the list of threats which Security Defender claims to have detected, they are either harmless ordinary files or made-up names; but Security Defender will tell you that you have to activate it in order to be able to remove them.

Also, completely typical for a rogue anti-virus application, Security Defender will cause frequent pop-up alerts, which warn you of impending danger to your computer, which can only be averted by paying for your copy of Security Defender and somehow giving it its full functionality. The common error messages you'll see with an infection of Security Defender will warn that there is a firewall alert and that the registry has been altered, or that some kind of unidentified malware has been found on the computer. Sometimes, Security Defender will claim that Internet Explorer is infected with a Trojan, which doesn't even make sense. Of course, as always, these alerts will prompt you to pay for Security Defender in order to secure your PC. If you follow the prompts that Security Defender gives you, you will be led to a website where you can pay money for the malware, but absolutely nothing will change. Security Defender can't gain functionality that doesn't exist.

There have been reports of Security Defender preventing some programs from running. In particular, Security Defender may disable legitimate anti-virus applications. It is also possible that Security Defender may cause your web browser to redirect you to hazardous websites when you try to surf the web. There are claims that the security code D13F-3B7D-B3C5-BD84 can be entered into Security Defender, which will cause it to leave you alone for a while; but please note that this is not going to solve the problem; it can only temporarily disable Security Defender so that you can remove the malware.

How Security Defender Spreads on the Web and a PC

Security Defender seems to spread in two different ways. It is promoted by malicious websites that claim to offer free virus scans, and which actually cause Security Defender to download to your computer. Security Defender may also spread by way of a Trojan, which infects your system without your knowledge, and which typically is hidden in a downloaded file. This Trojan is reputedly capable of creating alerts which look as if they are reminders for software updates –- and if you follow the prompts in its alerts in order to download these "updates," you download Security Defender.

Security Defender's Additional Particularities

The scam that Security Defender is a part of is not anything new. It's just a new, renamed version of Antimalware Defender, and, like its predecessor, it comes from Russia. The difference is, Security Defender is a name that showed up after about the first week of February 2011.

Aliases: BackDoor.Lat [DrWeb], High Risk Fraudulent Security Program [Prevx], TR/Workir.agk [AntiVir], Trojan.Agent/Gen-CDesc[Wrk] [SUPERAntiSpyware], Trojan.Agent/Gen-NumTemp [SUPERAntiSpyware], Trojan.Win32.Scar.g.1 (v) [Sunbelt], Trojan.Win32.Workir [Ikarus], Trojan.Win32.Workir!IK [Emsisoft] and W32/Workir.E [Norman].

Do You Suspect Your PC May Be Infected with Security Defender & Other Threats? Scan Your PC with SpyHunter

SpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like Security Defender as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Note: SpyHunter's scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. Free Remover allows you to run a one-off scan and receive, subject to a 48-hour waiting period, one remediation and removal. Free Remover subject to promotional details and Special Promotion Terms. To understand our policies, please also review our EULA, Privacy Policy and Threat Assessment Criteria. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?

Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.
If you still can't install SpyHunter? View other possible causes of installation issues.

Technical Information

Screenshots & Other Imagery

Tip: Turn your sound ON and watch the video in Full Screen mode to fully experience how Security Defender infects a computer.

How Security Defender Infects Your Computer

Security Defender Image 1 Security Defender Image 2 Security Defender Image 3 Security Defender Image 4 Security Defender Image 5

File System Details

Security Defender creates the following file(s):
# File Name Size MD5 Detection Count
1 %APPDATA%03e5c2ca-9a05-418d-b277-d7db924dcb95_46.avi 43,741 50451521c2528c39278d3a85250c1200 188
2 %ALLUSERSPROFILE%13cbb1a7-243b-4c2d-a4f0-957e7ace64dd_34.avi 1,830,400 601ddf36f1f78f6835c5179101d0b778 152
3 %ALLUSERSPROFILE%b31a8294-09b7-4487-974a-deb2578a502e_34.avi 1,784,832 558cdbe9ac8039dfbc29ec2181b99e2d 112
4 %APPDATA%2283880F-EF87-4aac-8EBD-C9BCC8494AF5_47.avi 80,610 370aa0648b6deff8a7a499843d6f0307 71
5 %ProgramFiles%\Security Defender\Security Defender.dll 1,090,048 1c75d2463adfdd2d1a462a096dec92fe 0
6 %ALLUSERSPROFILE%\Application Data\d09cfb1c-9bb8-4ad1-a467-d105a674c81a_.mkv 868 92c4bc9e861f77ac4d5975a6dbb332aa 0
7 %ALLUSERSPROFILE%\Application Data\pcdfdata\[RANDOM CHARACTERS].exe N/A
11 %ProgramFiles%\Security Defender N/A
12 %UserProfile%\Local Settings\Application Data\App\[RANDOM CHARACTERS].dll N/A
More files

More Details on Security Defender

The following messages associated with Security Defender were found:
Security Defender Firewall Alert
Iexplore.exe is infected with Private data can be stolen by third parties, including credit card details and passwords.
Windows recommends activate Security Defender
System Security Alert!
Unknown program is scanning your system registry right now! Identify the theft detected!
System Security Alert!
Vulnerabilities found
Background scan for security breaches has been finished. Serious problems have been detected. Safeguard your system against exploits, malware and viruses right now by activating Proactive Defence.

Related Posts

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their PC with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your PC. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

One Comment

  • christine auman:

    says a problem has occurred in bitdefender threat scanner and I don't know where to go to get it off my screen which is really annoying can you help me with that thank you

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.