Malware Defense is a rogue antispyware program from the same family as Anti Malware. The rogue is usually distributed through the use of trojans. Once the trojan is running, it will download and install Malware Defense onto your computer.
When installed, Malware Defense will configure itself to run automatically each time when you login to Windows. Once running, the rogue will simulate a system scan and lists numerous infections to make you think that your computer in danger, is infected with a lot of worms, trojans, spyware and other malware. It uses the real names of infection to make the scam look more realistic. However, Malware Defense won’t remove those infections unless you purchase so-called “full” version of the program. Most importantly, do not purchase it! All of these threats are fake. So you can safely ignore the scan results!
What is more, while running, the rogue will flood your computer with warnings, fake security alerts and notifications from Windows task bar. Of course, all of these warnings and alerts nothing more but a scam and like false scan results should be ignored!
As you can see, this program is a scam and should be removed from the system upon detection. Please follow the guidelines below to remove Malware Defense and any associated malware from your computer for free.
Symptoms in a HijackThis Log
O4 – HKCU\..\Run: [Malware Defense] “C:\Program Files\Malware Defense\mdefense.exe” -noscan
Use the following instructions to remove Malware Defense (Uninstall instructions)
Step 1. Remove H8SRT trojan (Rootkit TDSS)
Some variants of Malware Defense installed with a H8SRT trojan-rootkit that blocks the ability to run a lot of antivirus and antispyware programs, including Malwarebytes Anti-Malware.
Download TDSSKiller from here and unzip to your desktop.
Open TDSSKiller folder.
Double click the TDSSKiller icon and follow the prompts.
Step 2. Remove Malware Defense and any any associated malware.
Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.
Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded you will see window similar to the one below.
Malwarebytes Anti-Malware Window
Select Perform Quick Scan, then click Scan, it will start scanning your computer for Malware Defense infection. This procedure can take some time, so please be patient.
When the scan is complete, click OK, then Show Results to view the results. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.
Malwarebytes Anti-malware, list of infected items
Make sure that everything is checked, and click Remove Selected for start Malware Defense removal process. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.
Malware Defense creates the following files and folders
C:\Program Files\Malware Defense\mdefense.exe
C:\Program Files\malware Defense\help.ico
C:\Program Files\malware Defense\md.db
C:\Program Files\malware Defense\mdext.dll
C:\Documents and Settings\comp\Start Menu\Programs\malware Defense\Malware Defense Support.lnk
C:\Documents and Settings\comp\Start Menu\Programs\malware Defense\Malware Defense.lnk
C:\Documents and Settings\comp\Start Menu\Programs\malware Defense\Uninstall Malware Defense.lnk
C:\Documents and Settings\comp\Desktop\Malware Defense.lnk
C:\Documents and Settings\comp\Desktop\Malware Defense Support.lnk
C:\Documents and Settings\comp\Desktop\Malware Defense ReadMe.txt
C:\Documents and Settings\comp\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Defense.lnk
Malware Defense creates the following registry keys and values
HKEY_LOCAL_MACHINE\SOFTWARE\Malware Defense
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malware Defense
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\malware defense
THANK YOU! THANK YOU! THANK YOU!
Where’s your PayPal button? 🙂
So I ran the TDSS Killer program, which succeeded, and then I installed malwarebytes. I was able to remove the infected objects and yes it succeeded in stopping the malware defense and i THINK it removed the malware defense + fake windows security alerts. HOWEVER- for some reason as a result, my network connections folder is all empty (so I cannot get online- I’m using someone else’s computer right now), I can’t establish a new network connection, and my HP wireless assistant has disappeared as well. I tried uninstalling and re-installing the network adaptors- nothing works!
Thank you. Worked perfectly!
Paul, glad to help you and other peoples here 🙂
I don`t have a paypal acc 🙂
Viv, open Device Manager, look for network card and remove it. Then reboot your computer to reinstall network card device drivers.
PLEASE HELP!
When I run TDSSkiller the command prompt says:
“driver load error!
press any key to continue…”
what is wrong here???
Thanks a million! This guide saved my pc! 😀
Joe, if you using Vista or Windows 7, try run it as administrator.
Hello, to the people who put this up…just wanted to say THANK YOU from the bottom of my heart. I dont know what was happening, the errors and this Malware crap that kept popping up…THANK YOU it worked for me
thank you so much – the tdss killer was not loading in safe mode with networking but once I did it in normal mode, it worked fine for me. Malwarebytes also seems like a good antivirus software.
Thank you so so so much! You really saved me! I thought I would lose all my data because of this **** malware (why?!). so again: thanks 😀
thank you so much. if you have this problem, you can trust these guys.
System restore also deletes it. Just turn off your computer, then when you restart it press F8 repeatedly. Then Repair Computer. Then choose System Restore. You can restore it to an earlier date. Then when you log onto your account Malaware Defense is gone!
Another success – followed the instructions including installing and running TDSSkiller – sorted in a few minutes. Thank you!
This works great..!!!! Thank you very much. I’ll recommend it to every body.
The most frustrating thing about this is that “Malware Defense” wanted me to uninstall my anti-virus software, and it tried to do it automatically… several times.
When my anti-virus software finally finished running it did get rid of the trojan, but I needed MBAM to get rid of the malware. Thank you for this.
It took my friend a day to remove the malware defense and I actually need to pay him something. I just got an invoice from Malware Defense. How are you coming to deal with the invoice ?
Thank you SOSO much! I was freaking out so much about why that stupid program was forcing itself onto my computer aughhh This has been very helpful!
Thank you. Worked like a charm.
Ran the TDSSKiller, then MBAM, but it didn’t solve the problem. Had to do a system restore, but now all is good.
Grazie per la guida ottima!!
This Malware Defense was on my PC from a popup ad that asked questions while it was secretly loading some of the symptoms I had were takeover of mouse and keyboard, asking for a google.dll file and playing a commercial jingle for about 10 seconds..(God knows where those came from!) I have run your fix and so far everything seems to have been dealt with! Thanks guys keep up the fight, you guys are definitely needed in this world.
First of all, thanks so much for this helpful post.
I haven’t tried TDSSKiller (because I didn’t know it). Yesterday I managed to get rid of that Malware Defence only with Malwarebytes (had to change the name to run it though). Everything seemed to be fine and the antivirus started to run again and I’m able to go in the net as usual.
However, as I tried to create a restore point of the system, I couldn’t (very strange, has never happened before). I read somewhere that this could be due to the Rootkit still hidden somewhere in my system. I run Malwarebytes again, and it found an entry in the register (Rootkit.tdss). Malwarebytes deletes it, but any time I reboot the PC it is again there.
Has anybody had the same problem? I’ll try to kill definitely with TDSSKiller later at home, but I’d be very grateful if somebody with the same problem can give me a hint. Thank you!
A thousand thank yous for coming up with this fix. That was a pesky little bugger and I was happy to see it gone. The TDSSKiller worked like a charm and it allowed me to run MBAM, which took the removal the rest of the way. Lesson learned: never, EVER, go to Isohunt to look for ANYTHING!!!
Thank you for the easy and straightforward fix! It all took less than 10 minutes for me. This worked magnificently.
Hi,
in case it helps somebody: when scanning with Malwarebytes, disconnect the LAN cable first. Once Malwarebytes has found the whole evil files and register entries, it is not enough to delete them from that first report list, you have to go to the “quarantine” tab and then delete them again. Reboot and plug in the LAN cable. Everything should be fine.
Thanks,
This nasty bugger hit me on a busy Friday afternoon. Thanks to you, I can still make it home Friday evening.
Thank you, so so much. This was my work laptop that I just fixed! Took me about 6 hours of struggling until i finally learned about the TDSSkiller, which allowed me to finally run malwarebytes and update it, which finally allowed me to destroy that damn malware defense virus!!!!!
HOOORAY!!! Thank you soooooooo much! I’ll share my experience here in case it benefits others:
I got hit with “malware defense” virus today while surfing @ isohunt.com. It scared the crap out of me because of how violent it was and debilitating to the computer; i immediately started manually deleting the registry keys that belonged to the virus; i even got malwarebytes to run in safe mode; but to my surprise, as soon as i got back into normal windows mode, it reinstalled itself!!!! AHHH! So, after hours of battling back and forth and trying to get malwarebytes to work (mind you, its an excellent program, there’s nothing wrong with it!), i stumble across this TDSSKiller program; ran it in normal windows mode, then restarted. Started up malwarebytes quickly and then updated it quickly (THAT WAS THE KEY, need the LATEST UPDATE!); ran a quick scan and found so much more than before, and restarted. Now, everything is in order and I’m going to let the program do a full system scan… I hope this helps someone in the future, because this virus was truly dangerous, especially for my work computer. I can’t say thank you enough! 😀
followed the instructions & good by malware defence.thanx guys!!!
Thank you so much for solving this problem for all of us. You guys are heroes!