What is System Defender?
System Defender is a misleading anti-spyware application that reports false or exaggerated system security threats, displays fake security alerts and uses browser/desktop hijacking techniques to make you think your computer is infected with a whole variety of malicious software. Once installed, the rogue program will prompt you to pay for a full version of the program in order to remove the threats which actually don't even exist. System Defender is just another scam, so be careful about it. Most importantly, do not purchase this program. Then, uninstall System Defender from your PC as soon as possible. Removal delay will only worsen the situation.
System Defender is a new version of the rogue application called Windows System Defender. This program uses Windows OS style and Microsoft's graphics, visual elements to make it look more reliable or to make people think that this is actually a part of Windows operating system. That's obviously not truth.
How can System Defender infect my computer?
System Defender is usually promoted through the use of fake online scanners, misleading advertisements or websites. The scammers also use social engineering techniques to distribute the rogue application. Systemmdefender.com [Figure 2] is the home page of this malware. It is a clone of windowssystemdefemder.com. Both website are potentially harmful so do not visit them.
When running, the program will creates certain registry entry so that it executes whenever Windows starts. Then System Defender will create several harmless files on your computer which later will be detected as serious security threats or infections. Those files are used very often by other rogue applications: ANTIGEN.dll, ANTIGEN.sys, ANTIGEN.tmp, cid.dll, CLSV.dll, ddv.tmp, PE.dll, PE.drv, PE.sys, ppal.exe, runddlkey.drv, std.sys, tempdoc.dll, tjd.exe, tjd.sys.
Next, SystemDefender will imitate system scans and report numerous infections that can't be removed unless you first purchase the program. Please note that the program uses real names of existing infections. The scammers steal those names from reputable anti-virus/security websites. Some of the reported infections you may see:
Last but not least, System Defender will display fake security alerts stating that your computer is infected or under attack. It will impersonate Windows Security Center too. The fake one is called Windows Advanced Security Center. No doubt, this misleading application must be removed as soon as possible. Please use the removal guide below to remove System Defender from the infected computer manually for free. If you have already purchased the rogue program, you should contact your credit card company and dispute the charges. Finally, scan your PC with a legitimate anti-spyware application like STOPzilla and remove the remains of this program or additionally downloaded malware.
UPDATE! There is a new version of System Defender, which was released in the end of October, 2014, spreading around. It is used for promoting Spyware Defender, Antivirus Defender 2015 and other dangerous programs. Its alerts are designed to make people think that their PCs are dangerously infected with a whole bunch of cyber threats. After convincing its victims that their machines are infected, System Defender offers them to purchase a licensed version of Spyware Defender, Antivirus WIN 2014 Ultimate, Antivirus MAC 2014 or Antivirus Defender 2015. Please, do NOT purchase these programs because they won't fix your computer in any way! Even more, these programs may be used for causing redirects to unsafe websites, recording your browsing habits and stealing your personal information in this way.
HOW TO REMOVE SYSTEM DEFENDER VIRUS?
If you are experiencing fake System Defender alerts, act now and remove these rogues. For this, we strongly recommend relying on AUTOMATIC REMOVAL OPTION and avoiding manual removal. When relying on this option, you should just download a reputable anti-spyware, update it and run a full system scan. If you need a detailed guide explaining how to do that, read this guide.
When trying to remove System Defender, our recommended programs are Reimage and Malwarebytes MalwarebytesCombo Cleaner because they can easily detect every hidden component that belongs to this and other cyber threats.
ATTENTION! As we have already mentioned previously, System Defender may try to block installation and activity of legitimate security programs, including SpyHunter and StopZilla. If you can't download or launch any them, try these options:
1. USING SYSTEM RESTORE TO DISABLE VIRUS:
- Go to the Windows 8 Start Screen and type restore point in the Search section.
- Now click on Settings -> Create a restore point.
- When in System Protection tab, select System Restore.
- Click Next button to see your restore points and left click on the entry you need.
- Now select Scan for affected programs -> Close -> Next -> Finish.
- Once your PC reboots, download Reimage and run a full system scan after updating it.
2. REBOOTING TO SAFE MODE WITH NETWORKING:
- Click on Windows key and go to the bottom-right corner.
- Select Settings -> Change PC Settings -> General.
- Click theRestart Now buttonunder Advanced Startup.
- Now selectTroubleshoot -> Advanced Options -> Startup Settings.
- Now choose Restart and press F5.
- Launch IE or other browser and enter this link to your address bar: https://www.2-spyware.com/download/hunter.exe
- Download a program on your desktop and launch it to remove malicious files.
3. USING ANOTHER PC FOR DOWNLOADING ANTI-SPYWARE:
- Take another computer that is not infected by this virus and download Reimage or Malwarebytes MalwarebytesCombo Cleaner on it.
- After completing the procedure, transfer this anti-malware to the CD/DVD, external drive, or USB flash drive.
- In the meanwhile, kill malicious processes on your infected computer. For that you can use this tutorial.
- Stick the device you used for transferring anti-spyware program to your infected PC and launch it.