Personal Defender 2009

Personal Defender 2009 is a bogus security program for Windows system. It will attempt to persuade users into obtaining the registered version by providing fake scan results on victim’s computer. This fake anti-virus software comes from a large group of malicious applications that has created various variants of it.

Personal Defender 2009 is just a mimic of the other versions and only obvious change is its name. Graphical user interface and method of propagation remains the same. Usually, users can acquire Personal Defender 2009 from web sites that disguise either online virus scanner or one that offers free videos. As for fake online scanner sites, it will automatically run a scan on visitor’s machine. Several threats will be identified on the said scan and prompt user to download Personal Defender 2009 as a cleaner. While on bogus video sites, user will receive prompt stating that multimedia player is required to view online movies.

Innocent users may think that the endorsed program will help remove a threat that is why so many have fallen into the trick of Personal Defender 2009. Right after it is installed; it will carry another local scan on the computer and detects dozens of threats. An advice to remove these infections follows but can only be performed if the licensed version of Personal Defender 2009 is purchased. Users will be brought to an online payment web site where credit card account is needed to complete the transaction.

Personal Defender 2009

More Rogue Program Details

Notable files associated with Personal Defender 2009:

c:Program FilesPersonal Defender 2009dbbase.div
c:Program FilesPersonal Defender 2009pdefendr.exe
%UserProfile%Desktopsccmsk.dll
%UserProfile%Local SettingsTempikbmqvex.exe
c:Documents and Settings[User]Start MenuPersonal Defender 2009.lnk
c:Documents and Settings[User]Start MenuProgramsPersonal Defender 2009Personal Defender 2009.lnk

Signs and Symptoms of Personal Defender 2009 Infection:

Browser is redirected to Personal Defender 2009 web sites
Rogue program is coupled with web site that promotes the full version of it. Also, the same web sites are used for online payment if user has fallen into the trap of this malware.

Exhibits fake pop-ups and security alert
In order to deceive computer users, Personal Defender 2009 will exhibit a bunch of fake security alerts and warning messages. It also intends to promote the malware as the sole remover for identified threats.

Personal Defender 2009 will detect errors and threats that do not exists
Every rogue programs are made to mislead computer users. Thus, expect that Personal Defender 2009 will show scan result that is full of errors and threats. This result is fictitious and you should not follow its recommendation.

Other Functions of Personal Defender 2009:

  • Personal Defender 2009 may come with another Trojan or virus
  • It can contact a remote server in order to download more malware
  • This threat will drop malicious files and make changes to the system registry
  • Personal Defender 2009 can steal credit card information when you pay for it online
  • The threat can redirect search result link to a malicious web page

How to Remove Personal Defender 2009

1. Download Malwarebytes' Anti-Malware from this link and save it on your Desktop.
2. After downloading, double-click on mbam-setup.exe to install the application.
3. Follow the prompts and install as default only.

4. Before the installation completes, check on the following prompts:
- Update Malwarebytes' Anti-Malware
- Launch Malwarebytes' Anti-Malware

5. Click Finish. Program will run automatically and you will be prompt to update the program before doing a scan. Please update.
6. Scan your computer thoroughly.
7. When scanning is finished click on the Show Results button.
8. Make sure that all detected threats are marked, click on Remove Selected.
9. Restart your computer.

Note: Some malware may prevent mbam-setup.exe from downloading and running. You can download and rename this program from a different computer before running it on infected system.

8 Comments

  1. Jonas

    Thank you, this is just what has happened to me! -This annoying little pop-up warning me for a high-risk trojan which will steel my personal passwords and other stuff.

    I’m a rookie, so I almost believed it and I was just about to download Personal Defender 2009 when I got alittle suspicious. -Lucky me :)

    So, thank you!

  2. jordan

    hey thank you for the fix for this. I new it wasn’t windows when you read that message and they misspelled “your computer” and put “tour computer” i knew windows wouldn’t put out anything that was misspelled. Also it took down my firewall when i first saw the message then windows security (the real one) poped up to tell me that my firewall was turned off. Thanks again for the fix

  3. marge

    i have the trojan but didnt download personal defender 2009. what can i do to remove it?

  4. Pete

    Hey, thanks.

    When i try to set up Malware the installation stop and freeze, so I can not complete the installation, and remove the virus. :(

    Anyone can help?

  5. Tony

    I downloaded it but then uninstalled it, it went away with absolutely no trouble and I see no remnants of it on my computer. But it must have already infected me because AVG is saying I’ve got a high risk keylogger, after scanning, it says there are changing to a bunch of system32 garbage, my malware won’t open, all legit antivirus sites are firewalled automatically for some reason, and I keep getting this “Enable protection” pop up.

    I’ve tried what you suggested but nothing will execute. The program refuses to run, like all my other spyware.

  6. jojo

    I suspect that Malwarebytes’ Anti-Malware (mbam-setup.exe) – may be the REAL FAKE.

    None of these companies can be trusted.

    Also … could you people learn to spell!? What has happend to this country’s very very basic education program!?

  7. jojo

    … sorry .. mis-spelled “happened”!

  8. geekapolluza

    I discovered a new variant tonight on a friend’s machine. Looking in the registry, it referred to an apparently random directory name in the user profile. The EXE also appeared to have a short random alphabetic name. Malwarebytes said it removed it, but it came right back on the next reboot. I dug into the registry and ripped out the keys, and found and deleted the files.

    After removing it and rebooting, the infection appeared to be gone, but IE wouldn’t display any web pages, although the internet would connect and there was data traffic. The reason it wouldn’t display any web pages was that the browser connection settings had been modified to point to a proxy server at 127.0.0.1, which I believe means that a web server had been installed on the computer and was intended to act as a proxy for all web pages, possibly scanning them for important information such as userid’s and passwords and then sending that information to a remote recipient. I don’t know if the web server was installed to a different location from the Personal Defender EXE; it is possible that it was, because I could see traffic even though there were no programs that I knew of that were using the web, even in the background. Possibly the configuration was faulty and the web server didn’t function properly, and this is why I noticed it. I believe that IF it functioned correctly, then I would have believed the infection was gone, while a very insidious part of it remained, silently siphoning off userid’s and passwords for websites.

    After you have cleaned up the infection, be sure to check your browser’s connection settings and verify that it does not point to a proxy server at 127.0.0.1.

    To clear up this part of the infection I used a system restore point to two days prior.

    Good luck with particularly nasty infection.

Comments are closed.