1 of 5
Danger level 9
Type: Rogue Anti-Spyware
Common infection symptoms:
  • Installs itself without permissions
  • Connects to the internet without permission
  • Slow internet connection
  • System crashes
  • Annoying Pop-up's
  • Slow Computer

BitDefender 2011

Developers of rogue security tools will go to any lengths to fool their victims – even by falsely associating themselves with legitimate security tools as in the base of BitDefender 2011. This insidious rogue antispyware application should not be mistaken for or compared to the genuine BitDefender security suite. This rogue enters the system surreptitiously through a variety of ways, but however it decides to reveal itself it is important to know that it is a worthless and fake security tool.

BitDefender 2011 makes use of various established forms of infiltration, the most popular being using websites which pretend to be online malware scanners. These fake scanners will perform bogus system scans of the targeted PC and inform the user that his system is being crippled by various fake security threats. It will prompt the user to download BitDefender 2011 to get rid of the supposed threats and protect the PC against future similar attacks. Another popular avenue used by BitDefender 2011 to target its prospective victims’ PCs is the use of annoying browser hijackers. These websites forcefully redirect users to its compromised landing pages, where it uses drive-by download tactics to root the BitDefender 2011 infection into the unsuspecting PCs.

Download Spyware Removal Tool to Remove* BitDefender 2011
  • Quick & tested solution for BitDefender 2011 removal.
  • 100% Free Scan for Windows

Once BitDefender 2011 firmly roots itself in the host PC, it is configured to start automatically when Windows boots up. Once the rogue launches it will initiate an unwarranted system scan and report on numerous fake security threats, such as Keylogger.iSnake.Pro and Backdoor.Poison.BQA. It will also state that it is able to remove the reported threats, such as Keylogger.iSnake.Pro and Backdoor.Poison.BQA, but that the user has to purchase it first. Its various features such as “Anti-Virus”, “Anti-Spyware”, and “Resident Shield” are listed on the interface as Trial Mode, with a link to purchase and activate a license for the useless software.

As part of its attack on the system and in an effort to convince its victim that there are real threats on the PC, BitDefender 2011 displays various fake security messages. These falsely generated notifications should be disregarded and never be acted upon. Some of the most popular fake security alerts generated by BitDefender 2011 include the following:

"Warning!
Virtumonde is an adware program that tends to monitor your Internet browsing habits and may display targeted advertisements onto your computer screen. Virtumonde may also create a malicious DLL file in order to log your keystrokes and send the recorded information to a third party website. Virtumonde is an unwanted application and recommended to be removed."

"Warning! Identity theft attempt detected!
Attacker IP:
Attack Target: Microsoft Corp. Keys
Description: Remote host tries to get access to your personal information."

""Warning! New virus detected!
Threat Detected: Keylogger.iSnake.Pro
Infected File: C:\WINDOWS\system32\asr_ldm.exe"

"About Internet Explorer Emergency Mode
Your PC is infected with malicious software and browse couldn't be launched
You may use Internet Explorer in Emergency mode - internal service browser of Microsoft Windows system with limited usability.
Notice: Some sites refuse connection with Internet Explorer in Emergency Mode. In such case system warning page will be showed to you."

"Warning! Active Virus Detected!
Threat Detected: Backdoor.Poison.BQA
Infected file:
Action taken: Application Blocked
Description: This backdoor arrives as attachment to email messages spammed by another malware or malicious user. This is a backdoor component of the Darkmoon RAT (Remote Administration Tool), via this backdoor hackers attempt to control your PC."

If you are looking for a way to 'activate' BitDefender 2011 on your system in order to help with its removal, then simply paste the following activation key into BitDefender 2011:

BKI14-HJP10-IKO78-OBK894-XYL77

Do not think that by merely having entered the above activation key that you have successfully neutralized the threat on the system, as you still need to eradicate BitDefender 2011 in order to restore your PC's safety and security.

When all is said and done you will only be able to regain control of your PC should you immediately get rid of BitDefender 2011. This rogue was not designed to protect your PC against any type of threat or infection, but only to rip you off. Invest in a genuine security tool which will not only destroy BitDefender 2011 but also offer adequate future protection.

Download Spyware Removal Tool to Remove* BitDefender 2011
  • Quick & tested solution for BitDefender 2011 removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove BitDefender 2011

Files associated with BitDefender 2011 infection:

%Temp%\srvED4.tmp
%Temp%\srvED4.ini
%UserProfile%\Desktop\BitDefender 2011.lnk
%AllUsersProfile%\Start Menu\BitDefender 2011\Uninstall.lnk
c:\Documents and Settings\All Users\Start Menu\BitDefender 2011\BitDefender 2011.lnk
c:\Documents and Settings\All Users\Start Menu\BitDefender 2011\
c:\Program Files\BitDefender 2011\bitdefender.exe
c:\Program Files\BitDefender 2011\

BitDefender 2011 processes to kill:

c:\Program Files\BitDefender 2011\bitdefender.exe

Remove BitDefender 2011 registry entries:

HKEY_CURRENT_USER\Software\EVAEC2
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "BitDefender 2011" = 'C:\Program Files\BitDefender 2011\bitdefender.exe'
HKEY_CURRENT_USER\Software\MonEC2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chrome.exe "Debugger" = 'msiexecs.exe -sb'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\firefox.exe "Debugger" = 'msiexecs.exe -sb'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iexplore.exe "Debugger" = 'msiexecs.exe -sb'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\opera.exe "Debugger" = 'msiexecs.exe -sb'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safari.exe "Debugger" = 'msiexecs.exe -sb'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "WinNT-EVI 21.04.2011"
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = '0'
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.