Advanced Defender is a rogue antispyware program. It is a clone of Personal Protector, which is also a rogue antispyware application. Advanced Defender usually installs itself onto your computer through the use of trojans that come from various misleading websites.
When Advanced Defender is started, it will configure itself to run automatically and create several files, which are actually harmless but will be later, during the scan, “detected” by the fake antispyware as worms, spyware and malware. However, this is a scam, because Advanced Defender is unable to detect or remove any infections. So you can safely ignore the false scan results.
Advanced Defender may block the ability to run any programs. The following warning will be shown when you try to run a program:
Advanced Defender Warning
[program] is infected with worm
Lsas.Blaster.Keylogger. This worm is trying to send your credit
card details using [program] to
connect to remote post.
What is more, while Advanced Defender is running you will be shown a lot of popups, nag screens and fake security alerts from Windows task. Of course, all of these warnings are fake and like false scan results supposed to scare you into purchasing so-called full version of the program. So you can safely ignore all that Advanced Defender gives you.
As you can see, Advanced Defender is scam and designed only for one – to trick you into buying the software. Most importantly, do not purchase it! Instead of doing so, use the removal guide below to remove Advanced Defender from your computer for free.
Symptoms in a HijackThis Log
O4 – HKLM\..\Run: [advanceddefender] C:\Program Files\Advanced Defender\advanceddefender.exe
Use the following instructions to remove Advanced Defender (Uninstall instructions)
Read the article: How to reboot computer in Safe mode and reboot your computer in the Safe mode with networking.
Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.
Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded you will see window similar to the one below.
Malwarebytes Anti-Malware Window
Select Perform Quick Scan, then click Scan, it will start scanning your computer for Advanced Defender infection. This procedure can take some time, so please be patient.
When the scan is complete, click OK, then Show Results to view the results. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.
Malwarebytes Anti-malware, list of infected items
Make sure that everything is checked, and click Remove Selected for start Advanced Defender removal process. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.
Advanced Defender creates the following files and folders
C:\Program Files\Advanced Defender
C:\Program Files\Advanced Defender\advanceddefender.exe
C:\Program Files\Advanced Defender\base.wdb
C:\Program Files\Advanced Defender\baseadd.wdb
C:\Program Files\Advanced Defender\conf.wcf
C:\Program Files\Advanced Defender\quarant.wdb
C:\Program Files\Advanced Defender\q
C:\Documents and Settings\All Users\Microsoft PData
C:\Documents and Settings\All Users\Microsoft PData\track.wid
%UserProfile%\Start Menu\Programs\Advanced Defender
%UserProfile%\Start Menu\Programs\Advanced Defender\Advanced Defender.lnk
Advanced Defender creates the following registry keys and values
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr = “1”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | advanceddefender