Malware Defense is a rogue antispyware program from the same family as Anti Malware. The rogue is usually distributed through the use of trojans. Once the trojan is running, it will download and install Malware Defense onto your computer.
When installed, Malware Defense will configure itself to run automatically each time when you login to Windows. Once running, the rogue will simulate a system scan and lists numerous infections to make you think that your computer in danger, is infected with a lot of worms, trojans, spyware and other malware. It uses the real names of infection to make the scam look more realistic. However, Malware Defense won’t remove those infections unless you purchase so-called “full” version of the program. Most importantly, do not purchase it! All of these threats are fake. So you can safely ignore the scan results!
What is more, while running, the rogue will flood your computer with warnings, fake security alerts and notifications from Windows task bar. Of course, all of these warnings and alerts nothing more but a scam and like false scan results should be ignored!
As you can see, this program is a scam and should be removed from the system upon detection. Please follow the guidelines below to remove Malware Defense and any associated malware from your computer for free.
Symptoms in a HijackThis Log
O4 – HKCU\..\Run: [Malware Defense] “C:\Program Files\Malware Defense\mdefense.exe” -noscan
Use the following instructions to remove Malware Defense (Uninstall instructions)
Step 1. Remove H8SRT trojan (Rootkit TDSS)
Some variants of Malware Defense installed with a H8SRT trojan-rootkit that blocks the ability to run a lot of antivirus and antispyware programs, including Malwarebytes Anti-Malware.
Download TDSSKiller from here and unzip to your desktop.
Open TDSSKiller folder.
Double click the TDSSKiller icon and follow the prompts.
Step 2. Remove Malware Defense and any any associated malware.
Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.
Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded you will see window similar to the one below.
Malwarebytes Anti-Malware Window
Select Perform Quick Scan, then click Scan, it will start scanning your computer for Malware Defense infection. This procedure can take some time, so please be patient.
When the scan is complete, click OK, then Show Results to view the results. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.
Malwarebytes Anti-malware, list of infected items
Make sure that everything is checked, and click Remove Selected for start Malware Defense removal process. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.
Malware Defense creates the following files and folders
C:\Program Files\Malware Defense\mdefense.exe
C:\Program Files\malware Defense\help.ico
C:\Program Files\malware Defense\md.db
C:\Program Files\malware Defense\mdext.dll
C:\Documents and Settings\comp\Start Menu\Programs\malware Defense\Malware Defense Support.lnk
C:\Documents and Settings\comp\Start Menu\Programs\malware Defense\Malware Defense.lnk
C:\Documents and Settings\comp\Start Menu\Programs\malware Defense\Uninstall Malware Defense.lnk
C:\Documents and Settings\comp\Desktop\Malware Defense.lnk
C:\Documents and Settings\comp\Desktop\Malware Defense Support.lnk
C:\Documents and Settings\comp\Desktop\Malware Defense ReadMe.txt
C:\Documents and Settings\comp\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Defense.lnk
Malware Defense creates the following registry keys and values
HKEY_LOCAL_MACHINE\SOFTWARE\Malware Defense
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malware Defense
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\malware defense
That seems to have done the job.
Thank you very much.
About 25 files had to be deleted. From other sites I had a list of 14. So I was not going to be successful in deleting the registry files myself. It’s good to know that there are some white hats patrolling.
Thanks again!!
Belynda, try reinstall Malwarebytes Anti-malware.
it is installed and working just fine,is the “one library files needed to run this application cannot be found”i can only get acess to internet when i press f8 and run it in safe mode
Thanks a million! it was very helpfull!
i followed the instructions and the virus stopped creating pop-ups, but malware defense is still installed in my computer and there are now a few porn icons on my desktop…what do i do?
j. wood, if you still having a few icons of malware defense on your desktop, then you can remove them manually.
It didnt work!!!
Alex, then ask for help in our Spyware removal forum.
Thanks!!!!
Works perfect!!!!
Worked perfectly! Thank you so much!
You guys are doing a great job! Many thanks for cleaning up our computers, this is much appreciated!
why can’t i download the mbam-setup.exe? please help me
pls help me.
glenne, you need use TDSSKiller before Malwarebytes.
whoever you are you’re my new hero
Thanks so much you are a champ
Thanks.
Thank you. I followed your instruction and removed the trash Malware Defense. I wonder whether people can sue the company who produce Malware Defense.
Thank you, thank you, thank you. This worked!
THANKS DUDE!!!!!!!!!!!!!!!!!!!!!!!
aloha 🙂
I can’t thank you enough for this page!!
Finally, put an end to this foul scourge.
Indeed, stay away from isohunt.com without adequate virus protection. Just a visit to the site seemed to bring on the Malware nonsense…
oh and thanks very much, it worked…
I am getting this as well when I run TDSS Killer program- I can’t find the “new Spyware removal forum” that Patrik you asked Richard to start.
UnHookRegistry: Cannot get access to KLMD, error 2
For the results, it has “0″ next to every entry, including “infected objects in memory,” “cured objects in memory,” “infected objects on disk,” etc
Chris, our Spyware removal forum is located here.
Thank you
”
I had tried and failed previously; using the “TDSS rootkit removing tool” made the difference.
”
The main process then took over an hour on my old Pentium 2GHz, so be patient!
”
I already had partial installations of Kaspersky and Avira, but these didn’t really cause hiccups.
Works like a charm, I have Windows Vista. Scan took like 5 minutes so be pacient, algo got it looking for PSP ISO, the websited named above might be the one. Thanks a lot!
is there a dumb version to these instructions ?
Oh my god has this been a nightmare! Thank you, thank you, thank you. Now I’m wondering how I got this in the first place? Over the 10 hours researching, one post suggested a fake Java update. That’s the only thing I allowed to be downloaded in the last week. Any body else have any ideas on how this “Malware Defense” came into your machine?
Thank you so much! I had tried many methods of getting rid of this virus, and this was both understandable and very effective. The TDSS Killer was the key!
Thanks so much for all your help you are the zeal of awesomeness!!! I hope everyone who comes across this nastiness finds your wonderful help!