You can download a copy of MalwareBytes from here!
Look Familiar?
This nice looking program has a clean and professional look to it but trust me it's a devious little program. I have had alot of calls and complaints about this, so I have decided to post the instructions on how to remove this program form your machine. The eaasiest way to remove this is to download MalwareBytes from above, if you are unable to download MalwareBytes from another computer, try the steps below.
Malware Defender 2009 manual removal:
Following the directions below have worked for me as of 5-4-2010, I will update this guide if the steps to remove malware defender 2009 change. I suspect this to change or a new program will be made to replace this and at that point I will update this guide to reflect the changes. Best of luck removing this and if you have trouble following this guide feel free to email me or post here.
Kill processes:
- malwaredef.exe
- uninstall.exe
- reged.exe
- spoolsystem.exe
- syscert.exe
- wcenter.exe
- svchos.exe
- install.exe
Delete registry values:
- HKEY_CLASSES_ROOT\CLSID\{3F0691F1-70E6-44A9-938A-1DC356674878}
- HKEY_CLASSES_ROOT\CLSID\{8B2C743A-D44A-4A93-8233-ABEE8BF8ED62}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malware Defender 2009
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "updater"
- HKEY_LOCAL_MACHINE\SOFTWARE\Malware Defender 2009
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "malwaredef"
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad "DriversLoad"
Unregister DLLs:
- hdddriver.dll
- vifwnhzqoe.dll
Delete directories:
- c:\Program Files\Malware Defender 2009
- c:\Documents and Settings\All Users\Application Data\Microsoft\Media Index\Drivers
This is where it gets fun, First thing I want you to know is you may or may not have all the files, registry entries or dll files. This would be ok as it seems to act different based on your setup. So remove delete what you can find. Also the name of the program masy be a little different, like Total PC Defender 2010...ect
So try booting into safe mode with networking first, if you are still unable to remove or stop the malware, try and download malwareBytes while you are still in safemode. If you can download this while in safemode lets now create a new user (just make sure the user is an admin). Once we have created the new user restart your computer and log into the new user we created and try and run MalwareBytes, make sure you select quick scan. If after all this you still have problems post your comments below.
Best of Luck.
