What is Ultimate Defender?
- Type: Spyware
- Category: Rogue Programs
- Discovered: 6 July 2007
- Removal tools: Malwarebytes' Anti-Malware, Spyware Doctor
1. Introduction
Ultimate Defender - useless fake anti-spyware application which is ascribable to spyware. Ultimate Defender generates undue or even non-existent computer security warnings, which can be removed only if the licensed program version is purchased. The alerts are shown every time "Windows" are started in the taskbar area. The main intention of Ultimate Defender is to mislead user and persuade him to pay for assumed infections removal.
2. Ultimate Defender removal tools:
- Malwarebytes' Anti-Malware (for the installation guide click here)
- Spyware Doctor (for the installation guide click here)
3. Screenshot:
4. Ultimate Defender files:
ddesupport.dll, msdde.dll, msole.dllavp.exe, mgrs.exe, UltimateDefender.exe
5. Hijackthis entries:
O2 Entries:
O2 - BHO: MSVPS System - {100B21CD-3B97-44FB-B1C0-EA6249E482E8} - C:\WINDOWS\ddesupport.dll
O4 Entries:
O4 - HKLM\..\Run: [avp] C:\WINDOWS\avp.exe
O4 - HKLM\..\Run: [smgr] mgrs.exe
O4 - HKLM\..\Run: [Ultimate Defender] "C:\Program Files\Ultimate Defender\UltimateDefender.exe" hide
O21 Entries:
O21 - SSODL: msdde - {7725C992-B6C9-42AC-ACF9-A00D6AA45166} - C:\WINDOWS\msdde.dll
O21 - SSODL: msole - {80047F31-5F13-47A4-ACFB-CC64BCCDDE75} - C:\WINDOWS\msole.dll
O2 - BHO: MSVPS System - {100B21CD-3B97-44FB-B1C0-EA6249E482E8} - C:\WINDOWS\ddesupport.dll
O4 Entries:
O4 - HKLM\..\Run: [avp] C:\WINDOWS\avp.exe
O4 - HKLM\..\Run: [smgr] mgrs.exe
O4 - HKLM\..\Run: [Ultimate Defender] "C:\Program Files\Ultimate Defender\UltimateDefender.exe" hide
O21 Entries:
O21 - SSODL: msdde - {7725C992-B6C9-42AC-ACF9-A00D6AA45166} - C:\WINDOWS\msdde.dll
O21 - SSODL: msole - {80047F31-5F13-47A4-ACFB-CC64BCCDDE75} - C:\WINDOWS\msole.dll