The Emsi Software malware research team has discoverd a new outbreak of the Malware Defense adware. a-squared Anti-Malware detects this malware as Adware.Win32.MalwareDefense.

Malware Defense is a rogue scanner program. Once installed, this application will be immediately perform scan action without prior notice. This fake scanner application tries to trick you by displaying misleading scan results report, which says that your computer is infected with viruses or trojan, but you will not be able to delete them before you buy this fraud application. Be careful with this program, because it not going to protect your computer but will only spend your money.

Create new files:

• %ProgramFiles%\Malware Defense\md.db
• %ProgramFiles%\Malware Defense\mdefense.exe
• %ProgramFiles%\Malware Defense\mdext.dll
• %ProgramFiles%\Malware Defense\uninstall.exe
• %ProgramFiles%\Malware Defense\help.ico
• %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Defense.lnk
• %UserProfile%\Desktop\Malware Defense ReadMe.txt
• %UserProfile%\Desktop\Malware Defense Support.lnk
• %UserProfile%\Desktop\Malware Defense.lnk
• %UserProfile%\Local Settings\Temp\av.dat
• %UserProfile%\Local Settings\Temp\dv.dat
• %UserProfile%\Local Settings\Temp\4otjesjty.mof
• %UserProfile%\Start Menu\Programs\Malware Defense\Malware Defense Support.lnk
• %UserProfile%\Start Menu\Programs\Malware Defense\Uninstall Malware Defense.lnk
• %UserProfile%\Start Menu\Programs\Malware Defense\Malware Defense.lnk

Create new registry entries:

• HKEY_LOCAL_MACHINE\software\Malware Defense
• HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Uninstall\Malware Defense
• HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Run, “Malware Defense”

Screenshots:

How to remove the infection of Malware Defense (Adware.Win32.MalwareDefense)?

To delete this malware infection, please download and install a-squared Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine.

Tags: defense, malware, Rogue

This entry was posted on Monday, December 21st, 2009 at 18:08 and is filed under Malware Alerts, Removal Help. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.