Security Defender Removal Process (remove SecurityDefender)

December 14, 2011

Not all software that claims to be anti-spyware programs marketed on the Internet is genuine and can be trusted. That is the main thrust of PCHubs malware researchers in researching every new program marketed on the Internet. Since it has been noted that cybercriminals are already taking advantage of the demand for anti-spyware programs, PCHubs malware researchers do constant research on which programs computer users must steer away from in order to protect the public. There are already several rogueware posing as legitimate security applications in order to steal computer users' money, so it is important for every computer user to be informed so that they won't get scammed online. PCHubs malware researchers have discovered another rogue anti-spyware program called Security Defender.

How to Detect Security Defender Infection on Your PC

Security Defender first appeared online around February 2010. PCHubs malware researchers have confirmed Security Defender to be a scam. Security Defender is known to be a variant of a previously discovered rogueware named Security Defender 2009 and is similar to other rogueware such as WinSecurity Defender and Windows Police PRO. Security Defender used to spread when computer users voluntarily downloaded the program believing that it is a legitimate anti-spyware program. However, Security Defender has been spreading through a Trojan from malicious sites and unsafe downloads, which causes the installation of Security Defender on your PC without your knowledge or permission. From then on, Security Defender would frequently run on your computer's background every time the PC boots up.

Security Defender would then make you believe that your computer is infected with several malware by displaying its annoying interface with bogus system scans showing fabricated results. Numerous pop-up alerts, warning messages, and other security notifications are also rampant, which are all aiming to convince the computer user into purchasing the full version of Security Defender in order to remove the detected infections. However, be aware that Security Defender is nothing but a scam and all the detected infections were actually created by the Security Defender application itself. Security Defender is the real main cause of your PC's problems, so it is strongly suggested removing it from your PC as soon as possible in order to restore your computer’s full security settings.

How to Clean Your Computer from Security Defender Infection

If it seems that Security Defender has indeed infected your computer, the first thing you need to do is to ignore all the annoying messages from Security Defender. You would then need to reboot your computer in Safe Mode, so that Security Defender can be safely removed. In order to ensure that all traces of Security Defender are thoroughly removed, the latest version of a legitimate anti-spyware application must be installed on your computer.

Perform a thorough scan using the legitimate anti-spyware application while your computer is in Safe Mode and then remove all the detected infections. Make sure that your anti-spyware is updated with the latest signature database in order to ensure that your computer is thoroughly clean.

Are you getting popups from Security Defender? Have you identified that you have Security Defender installed on your computer? Do you wish to remove Security Defender completely from your computer?

Why should you remove Security Defender?

If Security Defender resides on your computer, it can potentially damage your personal files or you may end up losing data stored on your system. Research has shown that Security Defender may have the ability to make your computer vulnerable to remote attacks which could result, initially, in loss of money, possibly identity theft, and, eventually, a painstaking Security Defender removal process.

How can you manually remove Security Defender

Manual removal of Security Defender may not be for everyone. Each manual Security Defender removal step must be followed delicately to completely remove all related files and registry entries from your computer. If you are unsure or have doubts about editing your system registry, then we recommend that you use the automatic Security Defender removal process.

Security Defender can be removed manually by following the steps below.

  1. With all programs closed, click the Start Menu and go to the Control Panel.
  2. Locate the Add/Remove Programs icon and double click it.
  3. Locate Security Defender in the list of programs. If you find it, select it and remove it. If you cannot find Security Defender, you can continue to step 5.
  4. Restart your computer.
  5. Close all open programs and windows on your desktop.
  6. Open your registry editor (regedit) program by going to Start Menu, type in regedit, and click OK.
  7. Find all of the following registry entries and delete them. If you do not know how to do this, then you can read how to edit the registry in Windows.

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "56a10a26-dc02-40f3-a4da-8fa92d06b357_33"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56a10a26-dc02-40f1-a4da-8fa92d06b357}
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "56a10a26-dc02-40f3-a4da-8fa92d06b357_33"
  8. You may need to return to this removal process for removing Security Defender. You can do this easily by bookmarking or adding a favorite to this page by clicking here. If you are using the FireFox web browser you can press the keys Ctrl and D simultaneously to bookmark this page.

    Image 1. Bookmark PCHubs removal process


  9. Delete all of the following files that are associated with Security Defender from your computer.

    c:\Program Files\Security Defender
    c:\Program Files\Security Defender\Security Defender.dll
    c:\Documents and Settings\All Users\Application Data\56a10a26-dc02-40f3-a4da-8fa92d06b357_33.ico
    c:\Documents and Settings\All Users\Application Data\56a10a26-dc02-40f3-a4da-8fa92d06b357_.mkv
    c:\Documents and Settings\All Users\Application Data\56a10a26-dc02-40f3-a4da-8fa92d06b357_33.avi
    c:\Documents and Settings\All Users\Start Menu\Programs\Startup\56a10a26-dc02-40f3-a4da-8fa92d06b357_33.lnk
    %UserProfile%\Desktop\Security Defender.lnk
    %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Security Defender.lnk
    %UserProfile%\Start Menu\Programs\Startup\56a10a26-dc02-40f3-a4da-8fa92d06b357_33.lnk
    %Temp%\[RANDOM CHARACTERS].dll

    If you need a better understanding on how to search for these files then you can read how to find and search for files and folders here.

    If you have issues deleting any of the previously listed files that are associated with Security Defender, you can try rebooting your computer into safe mode. Booting into safe mode may allow certain malicious files to be deleted. If you are wondering how to boot into safe mode, you can read our process for starting a computer in safe mode here.

    Image 2. Select "Safe Mode with Networking"


  10. After locating and deleting the previous files you must remove all directories associated with Security Defender by going to the C:\ProgramFiles\Security Defender folder, select it, and delete it. In some cases you may not be able to find this directory. You can still continue to the next step.

  11. Restart your computer. You do not need to boot into safe mode at this point. You should have removed Security Defender completely from your computer. If you find that Security Defender is still on your computer, you can repeat the steps again or go to the automatic Security Defender removal process.


Leave a Reply

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as is:
What is 6 + 10 ?