RECOMMENDATION!
ANTI-MALWARE TESTED
LATEST VICTORIES:
February 2012:
1. place for Emsisoft Internet Security
500 samples by virusovnet!
comss.ru
November 2011:
1. place for Emsisoft Anti-Malware
MRG Flash-Tests in 2011!
malwareresearchgroup.com
April 2010:
Best reactive scan - 60 products
98.72% in VB100 april test!
Virus Bulletin VB100
April 2010:
1. place for Emsisoft Anti-Malware
99.8% in MRG scanner test #23!
malwareresearchgroup.com
September 2009:
Best detection in all categories!
COM! Magazine test (German)
August 2009:
1. place: Emsisoft Anti-Malware
99.9% in static detection test of
PC Security Labs
REVIEWS/AWARDS
100% Wildlist detection
and 0 false alerts!
Best in test of comss.ru (Russian)
Emsisoft Anti-Malware was
awarded for its outstanding
total performance.
MRG: Best result in test!
Best static detection!
PC Magazine:
"Near-Perfect Protection:
It blocked every single one of the
samples the moment each one tried
to execute, scoring a perfect
10 of 10 points."
Best Free Trojan Scanner!
"Our favorite malware-masher:
Emsisoft Anti-Malware!"
SecuritySoftwareZone best rating
Tucows 5 cows!
"In terms of worms and spyware,
but also trojans, Emsisoft Anti-Malware can hardly be beaten."
ZDNet best rating
Emsisoft Anti-Malware with
best rating at Softpedia.com
MajorGeeks.com
Editor's Pick
Softpedia.com
Reviewer's pick
SoftWorld.com
Editor's Pick
FreeSharewareDepot.com
Editor's Pick
Recommended by:
Free Programs
EMSISOFT PRODUCTS
Freeware:
Emsisoft Malware-Info
Name: Adware.Win32.WindowsSystemDefender
Risklevel: Low Risk
Description:
Windows System Defender is a rogue security program.
Removal instructions for Adware WindowsSystemDefender:
To delete this malware infection, buy Emsisoft Anti-Malware.
Guaranteed removal of Adware WindowsSystemDefender.
Run a full scan on all drives and move all detected items to the quarantine.
More details about this danger:
Characteristics:
- Show fake warning messages.
- Shows misleading scan results.
- Modify Windows hosts file.
Installation: Installed through EXE
Process: WSba6.exe
Screenshots:
Used folders:
- C:\WINDOWS\system32\CatRoot2\
- C:\WINDOWS\system32\drivers\etc\
- C:\WINDOWS\system32\WBEM\Logs\
- C:\Documents and Settings\All Users\Application Data\b0cf5\
- C:\Documents and Settings\All Users\Application Data\WSDDSys\
- C:\Documents and Settings\[USER]\Application Data\Microsoft\CryptnetUrlCache\Content\
- C:\Documents and Settings\[USER]\Application Data\Microsoft\CryptnetUrlCache\MetaData\
- C:\Documents and Settings\[USER]\Application Data\Microsoft\Internet Explorer\Quick Launch\
- C:\Documents and Settings\[USER]\Application Data\Windows System Defender\
- C:\Documents and Settings\[USER]\Cookies\
Used files:
- C:\Documents and Settings\[USER]\Recent\ppal.tmp
[6 Bytes] TMP File - C:\Documents and Settings\[USER]\Recent\runddlkey.exe
[7 Bytes] EXE File - C:\Documents and Settings\[USER]\Recent\runddlkey.tmp
[7 Bytes] TMP File - C:\Documents and Settings\[USER]\Recent\SICKBOY.exe
[72 Bytes] EXE File - C:\Documents and Settings\[USER]\Recent\SICKBOY.tmp
[36 Bytes] TMP File - C:\Documents and Settings\[USER]\Recent\sld.exe
[65 Bytes] EXE File - C:\Documents and Settings\[USER]\Recent\SM.exe
[11 Bytes] EXE File - C:\Documents and Settings\[USER]\Recent\std.drv
[22 Bytes] DRV File - C:\Documents and Settings\[USER]\Start Menu\Windows System Defender.lnk
[1308 Bytes] LNK File - C:\Documents and Settings\[USER]\Start Menu\Programs\Windows System Defender.lnk
[1314 Bytes] LNK File - C:\WINDOWS\system32\CatRoot2\dberr.txt
[4743 Bytes] TXT File - C:\WINDOWS\system32\drivers\etc\hosts
[734 Bytes] File - C:\WINDOWS\system32\WBEM\Logs\mofcomp.log
[10908 Bytes] LOG File - C:\WINDOWS\system32\WBEM\Logs\wbemprox.log
[457 Bytes] LOG File - C:\Documents and Settings\All Users\Application Data\b0cf5\WSba6.exe
[2192896 Bytes] EXE File - C:\Documents and Settings\All Users\Application Data\WSDDSys\wsd.cfg
[17342 Bytes] CFG File - C:\Documents and Settings\[USER]\Application Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004
[18 Bytes] File - C:\Documents and Settings\[USER]\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
[29735 Bytes] File - C:\Documents and Settings\[USER]\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004
[216 Bytes] File - C:\Documents and Settings\[USER]\Application Data\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
[216 Bytes] File - C:\Documents and Settings\[USER]\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows System Defender.lnk
[1326 Bytes] LNK File - C:\Documents and Settings\[USER]\Application Data\Windows System Defender\Instructions.ini
[1243 Bytes] INI File - C:\Documents and Settings\[USER]\Cookies\index.dat
[32768 Bytes] DAT File - C:\Documents and Settings\[USER]\Cookies\virus demo@seaharbor[2].txt
[194 Bytes] TXT File - C:\Documents and Settings\[USER]\Cookies\virus demo@secure.seaharbor[1].txt
[135 Bytes] TXT File - C:\Documents and Settings\[USER]\Desktop\378.mof
[344 Bytes] MOF File - C:\Documents and Settings\[USER]\Desktop\Windows System Defender.lnk
[1290 Bytes] LNK File - C:\Documents and Settings\[USER]\Desktop\WSD.ico
[4286 Bytes] ICO File - C:\Documents and Settings\[USER]\Desktop\BackUp\HyperSnap-DX.lnk
[650 Bytes] LNK File - C:\Documents and Settings\[USER]\Desktop\WSDDSys\vd952342.bd
[11382 Bytes] BD File - C:\Documents and Settings\[USER]\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT
[16384 Bytes] DAT File - C:\Documents and Settings\[USER]\Local Settings\History\History.IE5\index.dat
[32768 Bytes] DAT File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\index.dat
[81920 Bytes] DAT File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\0H2HIRKN\button[1].gif
[3964 Bytes] GIF File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\0H2HIRKN\cards[1].gif
[3800 Bytes] GIF File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\0H2HIRKN\corners_top_l[1].gif
[101 Bytes] GIF File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\0H2HIRKN\payform[1].css
[2422 Bytes] CSS File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\0H2HIRKN\style[1].css
[5938 Bytes] CSS File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\6XSRQLQP\bg[1].gif
[43 Bytes] GIF File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\6XSRQLQP\bg_line_small[1].gif
[653 Bytes] GIF File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\6XSRQLQP\ma_t_block_close[1].gif
[53 Bytes] GIF File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\6XSRQLQP\sm_ok[1].gif
[542 Bytes] GIF File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\6XSRQLQP\SoftServiceReport[1].htm
[2 Bytes] HTM File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\SRIDQBO7\30day[1].gif
[5059 Bytes] GIF File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\SRIDQBO7\corners_bot_l[1].gif
[101 Bytes] GIF File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\SRIDQBO7\get_product_domains[1].htm
[35 Bytes] HTM File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\SRIDQBO7\line_blue_bg[1].gif
[158 Bytes] GIF File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\SRIDQBO7\sm_er[1].gif
[578 Bytes] GIF File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\YNQ1M5MT\box[1].gif
[10958 Bytes] GIF File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\YNQ1M5MT\corners_bot_r[1].gif
[101 Bytes] GIF File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\YNQ1M5MT\corners_top_r[1].gif
[101 Bytes] GIF File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\YNQ1M5MT\install-report[1].htm
[2 Bytes] HTM File - C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\YNQ1M5MT\local[1].htm
[0 Bytes] HTM File - C:\Documents and Settings\[USER]\Recent\ANTIGEN.exe
[15 Bytes] EXE File - C:\Documents and Settings\[USER]\Recent\ANTIGEN.sys
[12 Bytes] SYS File - C:\Documents and Settings\[USER]\Recent\ddv.sys
[77 Bytes] SYS File - C:\Documents and Settings\[USER]\Recent\ddv.tmp
[49 Bytes] TMP File - C:\Documents and Settings\[USER]\Recent\eb.dll
[67 Bytes] DLL File - C:\Documents and Settings\[USER]\Recent\energy.tmp
[13 Bytes] TMP File - C:\Documents and Settings\[USER]\Recent\PE.exe
[46 Bytes] EXE File
Additional information might be found here:
Search
at Google for
Adware WindowsSystemDefender
Search at Bing for
Adware WindowsSystemDefender
Search
at Yahoo for
Adware WindowsSystemDefender
How can I protect myself from Adware WindowsSystemDefender?
Important!
You essentially need an antivirus product, that is not only able to clean infections, but also protect your PC permanently from new dangers.
This is the only way to prevent data loss and unnecessary hassle and costs of new installations of your operating system.
Take your chance and buy the multiple awarded protection software Emsisoft Anti-Malware today!
Only $40 for the security of your computer.
Buy Emsisoft Anti-Malware online:
Trust only on the best protection software!
Spring Offer!
Don't miss this: To your bought 1-year license of Emsisoft Anti-Malware or Emsisoft Internet Security Pack or higher you can now get
a free license of the CyberGhost Anonymizer for free.
Your advantage: Surf anonymously and visit websites that are restricted in your country.
Only a few days left! Order here
