What is Ultimate Defender?
Ultimate Defender - useless fake anti-spyware application which is ascribable to spyware. Ultimate Defender generates undue or even non-existent computer security warnings, which can be removed only if the licensed program version is purchased. The alerts are shown every time "Windows" are started in the taskbar area. The main intention of Ultimate Defender is to mislead user and persuade him to pay for assumed infections removal.
Ultimate Defender removal tool:
- Spyware Doctor (see here for the installation guide)
Screenshot:
Ultimate Defender Entries:
The following dll files are created: ddesupport.dll, msdde.dll, msole.dll
The following files are created:
avp.exe, mgrs.exe, UltimateDefender.exe
Hijackthis Entries:
O2 Entries:
O2 - BHO: MSVPS System - {100B21CD-3B97-44FB-B1C0-EA6249E482E8} - C:\WINDOWS\ddesupport.dll
O4 Entries:
O4 - HKLM\..\Run: [avp] C:\WINDOWS\avp.exe
O4 - HKLM\..\Run: [smgr] mgrs.exe
O4 - HKLM\..\Run: [Ultimate Defender] "C:\Program Files\Ultimate Defender\UltimateDefender.exe" hide
O21 Entries:
O21 - SSODL: msdde - {7725C992-B6C9-42AC-ACF9-A00D6AA45166} - C:\WINDOWS\msdde.dll
O21 - SSODL: msole - {80047F31-5F13-47A4-ACFB-CC64BCCDDE75} - C:\WINDOWS\msole.dll
O2 - BHO: MSVPS System - {100B21CD-3B97-44FB-B1C0-EA6249E482E8} - C:\WINDOWS\ddesupport.dll
O4 Entries:
O4 - HKLM\..\Run: [avp] C:\WINDOWS\avp.exe
O4 - HKLM\..\Run: [smgr] mgrs.exe
O4 - HKLM\..\Run: [Ultimate Defender] "C:\Program Files\Ultimate Defender\UltimateDefender.exe" hide
O21 Entries:
O21 - SSODL: msdde - {7725C992-B6C9-42AC-ACF9-A00D6AA45166} - C:\WINDOWS\msdde.dll
O21 - SSODL: msole - {80047F31-5F13-47A4-ACFB-CC64BCCDDE75} - C:\WINDOWS\msole.dll