Home Malware Programs Rogue Anti-Spyware Programs Unlimited Defender

Unlimited Defender

Posted: July 22, 2011

ScreenshotUnlimited Defender is a newborn addition to a fresh cartel of rogue anti-virus programs. Unlimited Defender's website and its own interface try to convince you that Unlimited Defender is capable of finding and removing spyware and other malware infections, but Unlimited Defender, like all rogue products, is only faking these features. The presence of Unlimited Defender has been linked with fake infection warnings, repetitive requests for money and fraudulent credit card charges. SpywaRemove.com researchers recommend that you use a good anti-malware product to clean Unlimited Defender from your PC, since Unlimited Defender may work in collusion with trojans and will make advanced changes to your system that should be reverted with care.

The Serious Security Limitations of the Supposedly Unlimited Defender

Unlimited Defender can be caught using a number of different aliases; our research team has found Unlimited Defender using such names as Unlimited Defender 2011 and Defender Unlimited. Judging Unlimited Defender by its origins, looks and functions, however, the line of Unlimited Defender clones stretches much further than that - 'separate' rogue security programs that have been found to be clone from Unlimited Defender include Ultimate Scan, Ultimate Guard, Personal Shield Pro Version 2.20, XP Security 2011, Windows 7 Fix, XP Internet Security 2012, Vista Home Security 2012, and Clean Security.

Unlimited Defender follows the same stratagem that other rogue products in its family use by creating fake infection pop-ups and other alerts as an excuse to request for money. Buying Unlimited Defender is just as ineffectual as it would be with any other type of rogue security software, since SpywaRemove.com researchers haven't found Unlimited Defender to have any capability to delete or remove spyware or other PC threats.

Rogue software infections such as Unlimited Defender can also be responsible for:

  • Browser-redirecting attacks that force your web browser to visit a malicious website (such as Unlimited Defender's homepage) or prevent you from accessing PC security websites.
  • An inability to use security programs, including Task Manager, anti-virus products and the Registry Editor.

Our malware experts have confirmed that Unlimited Defender will launch itself automatically, which easily allows Unlimited Defender to engage in these attacks unless you shut it down or prevent Unlimited Defender from launching in the first place.

A Worrying Sidenote to the Fake Protection That Unlimited Defender Provides

As a fairly recent rogue security program as of July 2011, Unlimited Defender may be able to evade deletion by an outdated anti-virus program. Make sure your chosen security program is up to date for recent threats before you try to scan your computer for Unlimited Defender, a process which should, ideally, take place in Safe Mode.

One variant of Unlimited Defender is sold at unlimdefender.com, a website that our research team has confirmed to be malicious. Other websites that are affiliated with Unlimited Defender and its clones include unlimguard.com, ultimate-scan.com, clean-security.com and ultimate-guard.com.

When accidentally visiting the above websites, a primary danger is the possibility of suffering from a drive-by-download attack. These may use trojans such as Zlob or Fake Microsoft Security Essentials Alert to install Unlimited Defender onto your PC, which is why using security software to remove Unlimited Defender is a wise idea.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %Documents and Settings%\[UserName]\Local Settings\Application Data\[RANDOM CHARACTERS]
    2 %Documents and Settings%\[UserName]\Local Settings\Application Data\[RANDOM CHARACTERS].exe
    3 %Documents and Settings%\[UserName]\Local Settings\Temp\[RANDOM CHARACTERS]
    4 %Documents and Settings%\All Users\Application Data\[RANDOM CHARACTERS]

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = '"%Documents and Settings%\[UserName]\Local Settings\Application Data\[RANDOM CHARACTERS].exe" -a "%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" = '"%Documents and Settings%\[UserName]\Local Settings\Application Data\[RANDOM CHARACTERS].exe" -a "%1" %*'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%Documents and Settings%\[UserName]\Local Settings\Application Data\[RANDOM CHARACTERS].exe" -a "%Program Files%\Mozilla Firefox\firefox.exe"'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%Documents and Settings%\[UserName]\Local Settings\Application Data\[RANDOM CHARACTERS].exe" -a "%Program Files%\Mozilla Firefox\firefox.exe" -safe-mode'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%Documents and Settings%\[UserName]\Local Settings\Application Data\[RANDOM CHARACTERS].exee" -a "%Program Files%\Internet Explorer\iexplore.exe"'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = '1'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = '1'HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\BrowserEmulation "TLDUpdates" = '1'HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = '"%Documents and Settings%\[UserName]\Local Settings\Application Data\[RANDOM CHARACTERS].exe" -a "%1" %*'

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Unlimited Defender may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Related Posts

One Comment

  • jack says:

    ican not clean my computer ibought prodepender pro clean up f trot com pa ny steel blocking my computer