Advanced Defender Removal Guide

Threat Level:
Rate this Article:
Comments (0)
Article Views: 4653
Category: Fake Antispyware

With all the many threats facing healthy PCs out there today, it has become nigh to impossible to protect your PC against harmful threats such as Advanced Defender without some help. This is because Advanced Defender is even more seditious than easily identifiable threats, because it tries to come across as a legitimate application. The truth is that Advanced Defender derives from the same family of the hotly despised Personal Protector rogue application, and is equally as harmful and dangerous.

This rogue enters the system without the user’s permission or consent, and roots itself subversively and securely before starting its attack. Only once Advanced Defender is ready it will initiate its attack against the system which will be heralded with a fake security scan. This bogus security scan is not authentic, and it will inform the user that his system is under attack. When all is said and done users should never believe any correspondence received from Advanced Defender.

Following the fake scan various annoying popup messages will crop up around the system. These fake alerts will also inform the PC owner that his system is being attacked, and that he should purchase Advanced Defender in order to secure the system. One of the most notorious fake alerts read as follows:

Attention! System detected a potential hazard on your computer that may infect executable files. Your private information and PC safety is at risk.
To get rid of unwanted spyware and keep your computer safe you need to update your Current security software
Click Yes to download official intrusion detection system (IDS software)

Other symptoms associate with the Advanced Defender infection includes the rogue preventing the user from running any type of application on the infected system. This is done in an effort to protect itself, and to bar the user from running any application which may be able to detect and remove Advanced Defender from the system. Each time the user attempts to execute an application, he will be presented with the following fake alert barring him from doing so:

Cmd.exe is infected with worm Lsas.Blaster.Keyloger. This worm is trying to send your credit card details using to connect to remote host.

It has also been reported that Advanced Defender blocks the user’s access to the Internet, for the same reason. Other symptoms associated with the Advanced Defender infection includes poor system performance and increased erratic system behavior.

Restore your PC’s security and erase Advanced Defender from the system. Do this securely and permanently by investing in a powerful security application which will offer adequate protection against similar threats in future.

Download Remover for Advanced Defender *
*SpyHunter scanner, published on this site, is intended to be used only as a detection tool. To use the removal functionality, you will need to purchase the full version of SpyHunter.

Advanced Defender Screenshots:

Advanced Defender
Advanced Defender
Advanced Defender

Advanced Defender technical info for manual removal:

Files Modified/Created on the system:

# File Name File Size (Bytes) File Hash
1explorers.exe33149 bytesMD5: c9a582438d3851a6572cfa75a567e7c8
2microsoftdefend.dll18941 bytesMD5: a8d2dde23081e085216413450ce9ecea
3AXPDefender.exe1523712 bytesMD5: ff1fdbe80c51343abd566c4743e5ed0d
4advanceddefender.exe1232896 bytesMD5: 68dad6c35a9421cd73db5b45e011cf8a
5AXPDefenderSkin.dll6479872 bytesMD5: 185c99a05e145b80f2305e46a4a47ac7
6certofsystem.exe47872 bytesMD5: 8738bab505367e09789e91a02337986b
7regp.exe38352 bytesMD5: 405e6e5c06c3e0be8be6aaab679521ef
8spoos.exe51197 bytesMD5: ebb8481b89265cb919f382583fd42992
9%ProgramFiles%\Advanced Defender
10install.exe2072634 bytesMD5: 450702427976581c71b2f8fe47a848a4
11%UserProfile%\Start Menu\Programs\Advanced Defender
12Advanced Defender.lnk

Files in the following directories were modified:

  • %ProgramFiles%
  • %UserProfile%\Start Menu\Programs

Memory Processes Created:

# Process Name Process Filename Main module size
1explorers.exeexplorers.exe33149 bytes
2AXPDefender.exeAXPDefender.exe1523712 bytes
3advanceddefender.exeadvanceddefender.exe1232896 bytes
4certofsystem.execertofsystem.exe47872 bytes
5regp.exeregp.exe38352 bytes
6spoos.exespoos.exe51197 bytes
7install.exeinstall.exe2072634 bytes

Registry Modifications:

The following Registry Keys were created:

  • advanceddefender
  • Advanced Defender


Your email address will not be published.


Enter the numbers in the box to the right *