Armor Defender
Armor Defender (or ArmorDefender) is a rogue Anti-Spyware program which masquerades as Flash updates for online videos. ArmorDefender will try to deceive users into downloading a copy of the corrupt program. ArmorDefender will run a virus scan after creating files on the computer that are detected as infections. This trickery is used to scare computer users into purchasing a registered version of ArmorDefender. While Armor Defender is active, it will display annoying alert messages which states that computer is at risk. Do not be another hapless victim of cybercrime and have ArmorDefender removed using a reliable anti-spyware product.
File System Modifications
- The following files were created in the system:
# File Name 1 %UserProfile%\Desktop\ArmorDefender.lnk 2 %UserProfile%\Start Menu\Programs\ArmorDefender.lnk 3 c:\Program Files\ArmorDefender Software 4 c:\Program Files\ArmorDefender Software\ArmorDefender 5 c:\Program Files\ArmorDefender Software\ArmorDefender\ArmorDefender.exe 6 c:\Program Files\ArmorDefender Software\ArmorDefender\Uninstall.exe 7 c:\WINDOWS\1244bzckd187465.bin 8 c:\WINDOWS\1247z5py369.exe 9 c:\WINDOWS\124s7not-a-virus569.exe 10 c:\WINDOWS\1254zspa9bot612.cpl 11 c:\WINDOWS\system32\391dsz95are9458.exe 12 c:\WINDOWS\system32\3922tzr5at36552.ocx
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\ArmorDefenderHKEY_LOCAL_MACHINE\SOFTWARE\ArmorDefenderHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run "ArmorDefender"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Uninstall\ArmorDefender
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.