Posts Comments

Unlimited Defender

By admin on August 1, 2011 Leave a Comment

What is Unlimited Defender?

Unlimited Defender is fake antivirus software that is usually found on PCs which are also infected with other forms of malicious software. Unlimited Defender is designed as a scam application as its only purpose is to steal money from unsuspecting users that choose to purchase its license.

How Did I get infected with Unlimited Defender?

In a similar fashion as most fake antivirus clients that are on the Internet today, Unlimited Defender is installed on vulnerable PCs with the help of Trojans and web based exploit packs. In most cases, users find themselves stuck with a copy of Unlimited Defender on their machines after visiting infected websites or as a result of downloading infected applications that are bundled with a copy of this rogue security client. Once detected it is recommended to conduct all necessary steps for complete Unlimited Defender removal.

What is Unlimited Defender Doing to My Computer Right Now?

Once installed, Unlimited Defender will conduct several operating system level modifications in order to secure its presence on the infected PC. For this reason, several registry keys will be modified while few others will be created so that Unlimited Defender will run automatically at each startup. As it has managed to secure its presence, Unlimited Defender will start the fake antivirus scanning procedures in order to make users believe that it is legitimate software.

Several different error messages will be displayed while various security notifications will be present on the screen, all with the purpose of convincing the user to purchase the application’s fake license key. It is important to delete Unlimited Defender as soon as possible in order to limit its impact on the operating system.

Unlimited Defender

System Smart Security

» Download Unlimited Defender Removal Software

What Do I Do To Remove Unlimited Defender?

Your first step is to follow the removal procedures included in the manual Unlimited Defender removal section in this article. Proceed by stopping its running process and then by deleting its files and registry keys in order to limit the impact that this software has on the operating system.

Automatic Unlimited Defender Removal

Online Unlimited Defender Removal Service

computer repair

Remove Proxy Setting so You Can Connect to the Internet Again. Some need this some do not.

Proxy Settings

Unlimited Defender Manual Removal Procedures

The first step you must take in order to remove Unlimited Defender is to stop its main running process:

  • [random].exe

Unlimited Defender uses a random name generator to rename its main executable file at each unique installation differently. In this way it is not possible for us to indicate with accuracy the process name that you will need to stop.
Known File Path Locations
XP:

  • C:\Documents and Settings\%User Name%\Local Settings\Application Data\[random].exe
  • C:\Documents and Settings\All Users\Application Data\[random].exe

Vista / Windows 7:

  • C:\Users\%User Name%\AppData\Local\[random].exe
  • C:\ProgramData\[random].exe

To stop this process you can start the Task Manager and try to identify it based on the fact that it is mostly composed of a few randomly generated alpha-numeric characters. However, for inexperienced users, it is mostly recommended to use legitimate antivirus software and scan the files and folders present in the known locations of this virus in order to find the infected files.

Alternatively, rebooting into Safe Mode with Networking and identifying the correct executable file name in one of the known file path locations indicated above in this article can be a perfect solution. This can be done by sorting the contents of the analyzed folders by “last modified first” since in most cases the fake antivirus client’s executable will be one of the most recently modified files in these locations.

KNOWN LOCATIONS OF THIS VIRUS

Windows XP:

  • C:\Documents and Settings\%User Name%\Local Settings\Application Data\
  • C:\Documents and Settings\All Users\Application Data\

Windows Vista / Windows 7:

  • C:\Users\%User Name%\AppData\Local\
  • C:\ProgramData\

Once you have deleted the above executable, it is recommended to conduct a full system scan using professional antivirus software. We recommend Spyware Doctor with Antivirus as it is capable to detect most malicious software that is usually involved in PC infections related to Unlimited Defender.

If you find this threat too hard to remove we recommend contacting a remote computer repair service for professional support on how to delete Unlimited Defender.

Unlimited Defender Registry Removal Procedures

PLEASE NOTE: Editing the registry can cause serious operating system problems. PC Health Advisor is a registry editor that we recommend you to use in order to avoid the manual repairs that the registry may require in order to completely delete Unlimited Defender.
Here are the registry traces for your reference only:

  • HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\BrowserEmulation “TLDUpdates” = "1"
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = ”C:\Documents and Settings\%User Name%\Local Settings\Application Data\[random].exe”
  • HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command “(Default)” = ”C:\Documents and Settings\%User Name%\Local Settings\Application Data\[random].exe”
  • HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = ”C:\Documents and Settings\%User Name%\Local Settings\Application Data\[random].exe”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = ”C:\Documents and Settings\%User Name%\Local Settings\Application Data\[random].exe” -a “C:\Program Files\Mozilla Firefox\firefox.exe”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = ”C:\Documents and Settings\%User Name%\Local Settings\Application Data\[random].exe” -a “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode
  • HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = ”C:\Documents and Settings\%User Name%\Local Settings\Application Data\[random].exe” -a “C:\Program Files\Internet Explorer\iexplore.exe”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = "1"
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirewallOverride” = "1"

Unlimited Defender Directories:

XP

  • C:\Documents and Settings\%User Name%\Local Settings\Application Data\
  • C:\Documents and Settings\All Users\Application Data\

Windows 7 / Windows Vista

  • C:\Users\%User Name%\AppData\Local\
  • C:\ProgramData\

Conclusion

The removal of Unlimited Defender can be a difficult process for inexperienced users, however, once you find it uncomfortable to carry out any of the manual procedures described in this article it is always possible to use an automatic Unlimited Defender removal software such as Spyware Doctor with Antivirus. Once a full system scan has been carried out, chances are that other forms of malware will be identified as well, reason why this step is quite necessary in all cases. Additionally, asking for professional support from a remote PC technician can solve a lot of problems. We recommend this online computer repair site for remote computer repair tasks.

Filed Under: Virus Removal Tagged With: , , ,

Speak Your Mind

*

RemoveVirus.org cannot be held liable for any damages that may occur from using our community virus removal guides. Viruses cause damage and unless you know what you are doing you may loose your data. We strongly suggest you backup your data before you attempt to remove any virus. Each product or service is a trademark of their respective company. We do make a commission off of each product we recommend. This is how removevirus.org is able to keep writing our virus removal guides. All Free based antivirus scanners recommended on this site are limited. This means they may not be fully functional and limited in use. A free trial scan allows you to see if that security client can pick up the virus you are infected with.