Sysdefence is another rogue antivirus application from the wini family. This family of rogues has been quite prolific lately and typically is pushed on computer users through aggressive trojans that will appear on web pages masquerading as an update for flash player or a video codec for a video that may be well sought after. Once the user consents to installing this “update” or “codec” the trojan will then continue on to install sysdefence and complain about security alerts on the computer. It will complain about virus infected files and other security problems (all bogus claims) and will further say that it cannot repair these problems unless you purchase their software. Read on for how to remove SysDefence.
First you should go to the control panel and use the add/remove programs feature to attempt to uninstall sysdefence. If it works, that is great and this will be easier. Follow up now with a full scan of your computer with a malware removal tool such as superantispyware or malwarebytes antimwalware. Then do a full scan with a reputable antivirus such as trendmicro’s online housecall scan or avg/avira/fprot, etc.
You can find a download link for malwarebytes antimalware on my virus removal toolkit page. While you are there you may also wish to download process explorer as it is a useful tool and you may need it further in this removal process.
If you are unable to install malwarebytes or your chosen malware removal tool you may try the following tricks to get it installed on your system. 1) rename the installer file from mbam-setup.exe to something like firefox.exe, then retry installing, update and scan. 2) reboot into safe mode (with networking) and retry the install (possibly using trick 1 as well. 3) kill off the processes associated with the sysdefence rogue which is the next step of a manual removal and then retry the install of your malware removal tool, update and scan.
The following processes are associated with this rogue and should be killed off using the task manager. If you cannot launch the task manager you may try the following tricks. 1) copy the task manager executable (taskmgr.exe) to the desktop and then try to rename it to something like iexplore.exe and then retry launching it. 2) reboot into safe mode and see if the files listed are running (if not go ahead and try to install in safe mode (you’ll need safe mode with networking for an update of your antimalware software.)). 3) Use process explorer instead of task manager to kill off the following applications:
Some of the above and below listed files are created using a RANDOM name when this rogue installs itself on your system. Please use the locations below and the patterns on your system to determine which files to delete or kill off using process explorer or task manager.
The following files should be deleted for a manual removal of sysdefence:
%docs%All UsersStart MenuProgramsSysDefence
%docs%All UsersStart MenuProgramsSysDefence1 SysDefence.lnk
%docs%All UsersStart MenuProgramsSysDefence2 Homepage.lnk
%docs%All UsersStart MenuProgramsSysDefence3 Uninstall.lnk
After you have removed the above files you will have completed most of a manual removal of sysdefence and should follow up with scans using malware removal tools such as superantispyware or malwarebytes antimalware. Follow that up with a full scan with a reputable antivirus such as norton, trendmicro, avg, avira or other well known, reputable programs.
Related PostsRelated Posts
- How to Remove Desktop Defender 2010 | Removal Guide Desktop Defender 2010 is a rogue antivirus program. It will prompt you with popups complaining about various problems that it claim your system has as well as scanning your computer and consistently finding some files to complain about. It also claims that it cannot fix the problems with your system......
- How to Remove Internet Security 2010 | Internet Security 2010 Removal Guide Internet Security 2010 is the name of a rogue antivirus application that is one of the more recent to be making the rounds. It will typically install itself on your system through the use of other malware. These rogue antivirus applications typically will pop up warnings and alerts about the......
- How to Remove AntiAid | AntiAid Removal Guide AntiAid is a rogue antivirus/security program that is from the Wini family of Rogues. This is a bit of a departure from much of the long recent history of these rogues due to a new user interface. This rogue (and it's family) is usually advertised (pushed would be a better......
- Google software bug shared private online documents Google has confirmed that a software bug exposed documents thought to be privately stored in the Internet giant's online Docs application service. The problem was fixed by the weekend and is believed to have affected only .05 percent of the digital documents at a Google Docs service that provides text-handling......
- Must Have Blogging Tools Blogging has developed a serious place for itself in the internet community for many different purposes including personal use and business uses. As a result, it has evolved into becoming a truly essential tool for people who want to build communications, deliver up to date news and information and otherwise......
- Spyware Elimination - How To Get Best Software To Remove Worst Spyware As soon as you go home you find a flyer on the porch. The exact set of shoes in the store was seen on the flyer. So the question here unanswered is how did they come to know? Is it a matter of coincidence? No, this is because of software......
- How to Remove Malware Professional 2010 | Malware Professional 2010 Removal Guide
- How to Remove IGuardPC | IGuardPC Removal Guide
- How to Remove AntiTroy | AntiTroy Removal Guide
- How to Remove GreatDefender | GreatDefender Removal Guide
- How to Remove APCProtect | APCProtect Removal Guide