Malware Defense is a rogue antispyware program from the same family as Anti Malware. The rogue is usually distributed through the use of trojans. Once the trojan is running, it will download and install Malware Defense onto your computer.
When installed, Malware Defense will configure itself to run automatically each time when you login to Windows. Once running, the rogue will simulate a system scan and lists numerous infections to make you think that your computer in danger, is infected with a lot of worms, trojans, spyware and other malware. It uses the real names of infection to make the scam look more realistic. However, Malware Defense won’t remove those infections unless you purchase so-called “full” version of the program. Most importantly, do not purchase it! All of these threats are fake. So you can safely ignore the scan results!
What is more, while running, the rogue will flood your computer with warnings, fake security alerts and notifications from Windows task bar. Of course, all of these warnings and alerts nothing more but a scam and like false scan results should be ignored!
As you can see, this program is a scam and should be removed from the system upon detection. Please follow the guidelines below to remove Malware Defense and any associated malware from your computer for free.
Symptoms in a HijackThis Log
O4 – HKCU\..\Run: [Malware Defense] “C:\Program Files\Malware Defense\mdefense.exe” -noscan
Use the following instructions to remove Malware Defense (Uninstall instructions)
Step 1. Remove H8SRT trojan (Rootkit TDSS)
Some variants of Malware Defense installed with a H8SRT trojan-rootkit that blocks the ability to run a lot of antivirus and antispyware programs, including Malwarebytes Anti-Malware.
Download TDSSKiller from here and unzip to your desktop.
Open TDSSKiller folder.
Double click the TDSSKiller icon and follow the prompts.
Step 2. Remove Malware Defense and any any associated malware.
Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.
Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded you will see window similar to the one below.
Malwarebytes Anti-Malware Window
Select Perform Quick Scan, then click Scan, it will start scanning your computer for Malware Defense infection. This procedure can take some time, so please be patient.
When the scan is complete, click OK, then Show Results to view the results. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.
Malwarebytes Anti-malware, list of infected items
Make sure that everything is checked, and click Remove Selected for start Malware Defense removal process. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.
Malware Defense creates the following files and folders
C:\Program Files\Malware Defense\mdefense.exe
C:\Program Files\malware Defense\help.ico
C:\Program Files\malware Defense\md.db
C:\Program Files\malware Defense\mdext.dll
C:\Documents and Settings\comp\Start Menu\Programs\malware Defense\Malware Defense Support.lnk
C:\Documents and Settings\comp\Start Menu\Programs\malware Defense\Malware Defense.lnk
C:\Documents and Settings\comp\Start Menu\Programs\malware Defense\Uninstall Malware Defense.lnk
C:\Documents and Settings\comp\Desktop\Malware Defense.lnk
C:\Documents and Settings\comp\Desktop\Malware Defense Support.lnk
C:\Documents and Settings\comp\Desktop\Malware Defense ReadMe.txt
C:\Documents and Settings\comp\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Defense.lnk
Malware Defense creates the following registry keys and values
HKEY_LOCAL_MACHINE\SOFTWARE\Malware Defense
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malware Defense
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\malware defense
best help ever, tried all night before i found this guide….less than 10min and all were solved!
thatnk you..looks like its gone
Just stopped by to say Thank you : )
Your Tutorial works perfectly !
blessings to you, and curses on those who make these insidious and harmful programs…
these people should be hunted down and have all their fingers broken… at the very least.
who is behind malware defense? I would like to meet them in person, seriously, is there any info on these a**sholes?
it works, you have to follow the instructions, and load the one thing before downloading the actual program, this disables the malware from blocking your loading the other software.
“””
Download TDSSKiller from here and unzip to your desktop.
“”””
I did not do this at first, and was unable to complete loading this software, or any other anti spyware/malware software… once I did that step, I was able to get through the process.
follow the instructions, it works!
I might add that I am on my 11 year old’s computer, and this malware was also loading three links to porn sites, with naked icons… very offensive, I am very upset, and want to find these people…
When I follow the propts for the tdsskiller, it says cured and then my computer kinda freezes. How long should I wait before proceeding to step two? I alredy have Malwarebytes installed but, of course, can’t run it? HELP!
thank you! that piece of shit virus downloaded itself onto my computer and the spam was driving me craazy!
it works. THX. so easy. THX
thank you very much
Worked like a charm.
This trojan injection method is no different than protection rackets in Al Capone’s days.
First break Windows, (pardon the pun) then promise it won’t happen again if you pay me.
thank you so much for your help in removing this problem
What a nasty piece of fake anti-spyware is Malware Defense It seemed to appear earlier today and installed itself. After spending time in safe mode, I realised that it had crippled my version of Malware Bytes.
I tried manually deleting all the files, but it had some strong defences and reappeared every time I booted normally into Windows.
I was able to reinstall after your helpful tip about removing a H8SRT trojan (Rootkit TDSS).
Thanks for your concise guide.
Have Malware defense infection. Tried downloading your Malwarebytes with the anti trojan bit before but I STILL cannot get it to run and scan. Tried to call it something else but that didn’t work either. Can anyone help? Desperate!
Jill, you have used TDSSKiller before Malwarebytes ?
Fixed the nasty rootkit for me…. Thank You!
OMG!! When I reboot Windows XP asks me to activate my copy of the OS!! So I introduce my product key and it doesn´t work!!! (fyi, I have an original copy of Windows XP, with a legitimate key). WHY DID THIS HAPPENED!!?? I can´t enter Windows now!!!
Thank you soooooo much! this is the only site Ive found that really helps! you are a true hero mate.. your efforts are much appreciated (im sure i can speak for everyone here) by us all
Belynda you have tried to run Malwarebytes ?
yea i did run it and and i also get “one library files needed to run this application cannot be found”
oh my gosh, I hated these guys. Put porn on the computer and screwed everything up. thanks so much for the help, trying it now.
I have tried all steps but I still get the “blue screen of death” whenever I try to run in regular mode – safe mode with networking seems fine…any suggestions?
Maybe this will be a bit more helpful..
I have followed all the steps but I still get the blue screen of death whenever I reboot.
When I run TDSKiller, it gives the following screen:
UnHookRegistry: Cannot get access to KLMD, error 2
For the results, it has “0” next to every entry, including “infected objects in memory,” “cured objects in memory,” “infected objects on disk,” etc.
Belynda, try reinstall Malwarebytes Anti-malware.
RIchard, make a new topic in our Spyware removal forum.
Malwarebytes is a godsend. It’s nice to know there is something out there that will help remove these malicious programs and that is actually free with no gimmicks. It has helped me on more than one occasion. My advice is to try the quick scan first as the full scan will often freeze due to the malware popups. once you remove the shown threats with quick scan and reboot you should then be able to run the full scan with no problems. Good Luck
Thankyou so much this help was priceless!!!
Just want to thank you for that easy guide 🙂 It was sent from above 🙂
Great advice!!! I just got my laptop infected today… and in no more than 15 minutes I cleaned it using these guidelines.
Thanks a lot… I almost buy the #$%$ Malware Defense
You saved my life! THANK YOU SO MUCH!
amazing, changing the .exe to .com on malwarebytes was phenomenal, thanks a million, amazing advice