System Defender (Virus Removal Instructions) - updated Jan 2020

What is System Defender?

System Defender is a rogue anti-malware that tries to imitate Microsoft's Windows Defender

System Defender is a fake anti-malware software that engages in malicious background activities

System Defender is a malicious program that specializes in showing users fake notifications about virus infections on their systems. The app represents itself as a tool that can protect from online risks, while in reality is malware^[1] itself, the goal of which is to scare users with false-positives and make them pay for the licensed version. In other words, System Defender is a scam that performs malicious activities behind users' backs, so it should never be trusted.

Those who decide to pay for a full System Defender license might not only damage their computers due to inadequate changes to it but also expose their credit card information to unknown parties, potentially – cybercriminals. As a result, victims might suffer from money loss or even identity fraud/theft. For that reason, System Defender removal should not be delayed, and no payments are made for scammers.

System Defender is a generic application that showed up at the time when the internet was not a safe place at all – users could stumble upon malicious links or JavaScript^[2] on various pages accessed via legitimate search results. For that reason, many wanted to protect themselves from online dangers, and cybercrooks were quick to utilize that fact.

Creating malicious programs that act as malware and presenting them as security software is one of the tactics that threat actors use. In most cases, the installation of System Defender virus is unintentional (via software bundles or scam sites), although some users might download it on websites that promote it as a legitimate tool.

It is worth noticing that System Defender tries to imitate the legitimate Microsoft tool Windows Defender that was integrated into and shipped with Windows 7 and later versions, although Windows XP users could have also downloaded it from the official sources. This mimicking is not coincidental as, by imitating a legitimate and trusted software, System Defender increased the chances of users trusting the app.

System Defender is a malware program that enters users' machines without permissions and starts showing fake virus alerts in order to make users buy a full version of the app

Once installed, System Defender performs a full system scan immediately, although its functionality is utterly bogus – the scan is fake, and so are the results. Users are immediately shown an extensive list of “infections” under names like:

• Win32/Nuqel.E
• Trojan-SMS.J2ME.RedBrowser.a
• Virus.Win32.Faker.a
• Trojan-Spy.Win32.WMPatch
• Trojan-Spy.HTML.Citifraud
• Azero.B
• Trojan-Spy.HTML.Sunfraud.a
• Packed.Win32.PolyCrypt
• Trojan-PSW.Win32.Antigen.a
• BAT.Looper
• Trojan-PSW.Win32.Delf.d, etc.

Additionally, System Defender notifications are riddled with grammar or spelling mistakes:

System scan is complete. Windows has detected 75 critical system objects. This threats may compromise your privacy or damage your computer. Possible consequences of it include:

• Bank details and credit card information can be stolen by trojan programs.
• System executes commands from an attacker. PC will be used for criminal activity.
• Spyware program can tracks your activity and all Web page content.
• Browser add-ons will display pop-up advertisements.
• Spam-bot can use your computer to send spam emails worldwide.

Besides showing fake notifications to users, System Defender malware goes even further and prevents users from installing legitimate anti-malware applications, starting up legitimate programs like Mozilla Firefox, and tampering with their web browsing activities. All in all, you should remove System Defender as soon as possible, as it is high threat to your online safety and computer security. For more details, check our removal section below.

Rogue anti-spyware can find many ways into your computer – avoid it

Fake security programs became a huge business for crooks that employ social engineering^[3] in order to make users believe that their computers are infected and need help. While it is true that security software is an essential component for any operating system, rogue anti-spyware is not something that users should rely on.

Not only it shows fake virus alerts, but it also renders the machine vulnerable to real malware attacks. In other cases, poor quality security software can also provide a false sense of security, providing very little protection from online threats.

System Defender shows notifications that are fake and also interferes with regular computer functions, like shutting down browsers or installing new apps

Thus, it is important to select a reputable anti-malware for your computer and avoid fake security tools completely. To do that, you should be aware of how these malicious programs are propagated:

• Scam websites. Users might stumble upon a scam page at any time, for example, after being redirected from an insecure website. Additionally, those infected with adware ten to see online scams more often than those who are not. In most cases, users are presented with a fake scanner that “detects” malware on a computer and urges them to download software to allegedly eliminate it.
• Software bundles. This is possibly one of the most common methods for unwanted program propagation, as users often skip steps during the installation process. Thus, they should never rush the installation of freeware, pick official sources for downloads, remove ticks from pre-selected boxes, and always opt for Advanced/Custom settings instead of Recommended/Quick ones.
• Malicious websites. Sites that host software cracks and torrents are often infested with malware. Therefore, never download malicious tools like cracks/keygens/loaders and protect your browser with an ad-blocking extension to avoid automatic malware installation.

System Defender virus removal guide

If you are experiencing fake alerts, act now and remove System Defender. For this, we strongly recommend relying on the automatic removal option and avoiding manual removal. When relying on this option, you should just download a reputable anti-spyware, update it, and run a full system scan. If you need a detailed guide explaining how to do that, read this guide.

When trying to remove System Defender, our recommended programs are SpyHunter 5Combo Cleaner and Malwarebytes because they can easily detect every hidden component that belongs to this and other cyber threats. If you experience any system crashes and errors post-termination, scan your machine with FortectIntego.

ATTENTION! As we have already mentioned previously, System Defender may try to block the installation and activity of legitimate security programs. If you can't download or launch any them, try these options:

1. USING SYSTEM RESTORE TO DISABLE VIRUS:

1. Go to the Windows 8 Start Screen and type restore point in the Search section.
2. Now click on Settings -> Create a restore point.
3. When in System Protection tab, select System Restore.
4. Click Next button to see your restore points and left click on the entry you need.
5. Now select Scan for affected programs -> Close -> Next -> Finish.
6. Once your PC reboots, download FortectIntego and run a full system scan after updating it.

2. REBOOTING TO SAFE MODE WITH NETWORKING:

1. Click on Windows key and go to the bottom-right corner.
2. Select Settings -> Change PC Settings -> General.
3. Click the Restart Now button under Advanced Startup.
4. Now select Troubleshoot -> Advanced Options -> Startup Settings.
5. Now choose Restart and press F5.
   
6. Scan your PC with anti-malware for a full System Defender removal.

3. USING ANOTHER PC FOR DOWNLOADING ANTI-SPYWARE:

1. Take another computer that is not infected by this virus and download FortectIntego or SpyHunter 5Combo Cleaner on it.
2. After completing the procedure, transfer this anti-malware to the CD/DVD, external drive, or USB flash drive.
3. In the meanwhile, kill malicious processes on your infected computer. For that you can use this tutorial.
4. Stick the device you used for transferring anti-spyware program to your infected PC and launch it.