Registry Defender
Registry Defender purports to scan and detect malware or other problems on the computer, but which attempts to dupe or badger users into purchasing the program by presenting the user with intrusive, deceptive warnings and/or false, misleading scan
results.
General information:
| Malware Name: |
Registry Defender |
| Malware Type: |
Rogue Security Program |
| Company Name: |
Registry Defender |
| Company URL: |
http://www.registrydefender.com/
|
| Threat Level: |
Moderate Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation |
Company Description:
Registry Defender provides us the rogue security program that has a Backup and Restore feature that takes a complete backup of the registry before cleaning and fixing any registry errors, thereby giving us easy access to restore the original entries
safely and securely if needed. It uses advanced techniques for repairing the registry. It a safe bet to optimize our systems performance like no other program.
Spyware Description:
Registry Defender purports to scan and detect malware or other problems on the computer, but which attempts to dupe or badger users into purchasing the program by presenting the user with intrusive, deceptive warnings and/or false, misleading scan
results.
Characteristics/Symptoms:
-> False positives work as good to purchase -> False scan results -> Uses inadequate scan/detection scheme0
Additional information might be found here:
Processes Running:
RegistryDefender.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Program Files\Registry Defender\RegistryDefender.exe |
679936 |
Application |
| C:\Program Files\Registry Defender\install.sss |
644 |
SSS File |
| C:\Program Files\Registry Defender\mscomctl.ocx |
1077336 |
ActiveX Control |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\Registry Defender |
| C:\Program Files\Registry Defender\backup |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_CURRENT_USER |
SoftwareVB and VBA Program SettingsRegistry Defenderinfo |
reg_6 |
| HKEY_LOCAL_MACHINE |
SOFTWAREMicrosoftWindowsCurrentVersionUninstall{0D987FB6-2CB1-4189-B6A1-5E8185E9A899} |
SilentSettings |
| HKEY_LOCAL_MACHINE |
SOFTWAREMicrosoftWindowsCurrentVersionUninstall{0D987FB6-2CB1-4189-B6A1-5E8185E9A899} |
UninstallString |
