With all the many threats facing healthy PCs out there today, it has become nigh to impossible to protect your PC against harmful threats such as Advanced Defender without some help. This is because Advanced Defender is even more seditious than easily identifiable threats, because it tries to come across as a legitimate application. The truth is that Advanced Defender derives from the same family of the hotly despised Personal Protector rogue application, and is equally as harmful and dangerous.
This rogue enters the system without the user’s permission or consent, and roots itself subversively and securely before starting its attack. Only once Advanced Defender is ready it will initiate its attack against the system which will be heralded with a fake security scan. This bogus security scan is not authentic, and it will inform the user that his system is under attack. When all is said and done users should never believe any correspondence received from Advanced Defender.
Following the fake scan various annoying popup messages will crop up around the system. These fake alerts will also inform the PC owner that his system is being attacked, and that he should purchase Advanced Defender in order to secure the system. One of the most notorious fake alerts read as follows:
Attention! System detected a potential hazard on your computer that may infect executable files. Your private information and PC safety is at risk.
To get rid of unwanted spyware and keep your computer safe you need to update your Current security software
Click Yes to download official intrusion detection system (IDS software)
Other symptoms associate with the Advanced Defender infection includes the rogue preventing the user from running any type of application on the infected system. This is done in an effort to protect itself, and to bar the user from running any application which may be able to detect and remove Advanced Defender from the system. Each time the user attempts to execute an application, he will be presented with the following fake alert barring him from doing so:
Cmd.exe is infected with worm Lsas.Blaster.Keyloger. This worm is trying to send your credit card details using to connect to remote host.
It has also been reported that Advanced Defender blocks the user’s access to the Internet, for the same reason. Other symptoms associated with the Advanced Defender infection includes poor system performance and increased erratic system behavior.
Restore your PC’s security and erase Advanced Defender from the system. Do this securely and permanently by investing in a powerful security application which will offer adequate protection against similar threats in future.
|#||File Name||File Size (Bytes)||File Hash|
|1||%UserProfile%\Start Menu\Programs\Advanced Defender|
|2||spoos.exe||51197 bytes||MD5: ebb8481b89265cb919f382583fd42992|
|3||advanceddefender.exe||1232896 bytes||MD5: 68dad6c35a9421cd73db5b45e011cf8a|
|4||AXPDefenderSkin.dll||6479872 bytes||MD5: 185c99a05e145b80f2305e46a4a47ac7|
|5||microsoftdefend.dll||18941 bytes||MD5: a8d2dde23081e085216413450ce9ecea|
|6||regp.exe||38352 bytes||MD5: 405e6e5c06c3e0be8be6aaab679521ef|
|7||explorers.exe||33149 bytes||MD5: c9a582438d3851a6572cfa75a567e7c8|
|10||certofsystem.exe||47872 bytes||MD5: 8738bab505367e09789e91a02337986b|
|11||AXPDefender.exe||1523712 bytes||MD5: ff1fdbe80c51343abd566c4743e5ed0d|
|12||install.exe||2072634 bytes||MD5: 450702427976581c71b2f8fe47a848a4|
|#||Process Name||Process Filename||Main module size|