Sysdefence is another rogue antivirus application from the wini family. This family of rogues has been quite prolific lately and typically is pushed on computer users through aggressive trojans that will appear on web pages masquerading as an update for flash player or a video codec for a video that may be well sought after. Once the user consents to installing this “update” or “codec” the trojan will then continue on to install sysdefence and complain about security alerts on the computer. It will complain about virus infected files and other security problems (all bogus claims) and will further say that it cannot repair these problems unless you purchase their software. Read on for how to remove SysDefence.
First you should go to the control panel and use the add/remove programs feature to attempt to uninstall sysdefence. If it works, that is great and this will be easier. Follow up now with a full scan of your computer with a malware removal tool such as superantispyware or malwarebytes antimwalware. Then do a full scan with a reputable antivirus such as trendmicro’s online housecall scan or avg/avira/fprot, etc.
You can find a download link for malwarebytes antimalware on my virus removal toolkit page. While you are there you may also wish to download process explorer as it is a useful tool and you may need it further in this removal process.
If you are unable to install malwarebytes or your chosen malware removal tool you may try the following tricks to get it installed on your system. 1) rename the installer file from mbam-setup.exe to something like firefox.exe, then retry installing, update and scan. 2) reboot into safe mode (with networking) and retry the install (possibly using trick 1 as well. 3) kill off the processes associated with the sysdefence rogue which is the next step of a manual removal and then retry the install of your malware removal tool, update and scan.
The following processes are associated with this rogue and should be killed off using the task manager. If you cannot launch the task manager you may try the following tricks. 1) copy the task manager executable (taskmgr.exe) to the desktop and then try to rename it to something like iexplore.exe and then retry launching it. 2) reboot into safe mode and see if the files listed are running (if not go ahead and try to install in safe mode (you’ll need safe mode with networking for an update of your antimalware software.)). 3) Use process explorer instead of task manager to kill off the following applications:
Some of the above and below listed files are created using a RANDOM name when this rogue installs itself on your system. Please use the locations below and the patterns on your system to determine which files to delete or kill off using process explorer or task manager.
The following files should be deleted for a manual removal of sysdefence:
%docs%All UsersStart MenuProgramsSysDefence
%docs%All UsersStart MenuProgramsSysDefence1 SysDefence.lnk
%docs%All UsersStart MenuProgramsSysDefence2 Homepage.lnk
%docs%All UsersStart MenuProgramsSysDefence3 Uninstall.lnk
After you have removed the above files you will have completed most of a manual removal of sysdefence and should follow up with scans using malware removal tools such as superantispyware or malwarebytes antimalware. Follow that up with a full scan with a reputable antivirus such as norton, trendmicro, avg, avira or other well known, reputable programs.
Related PostsRelated Posts
- How to Remove AntiAid | AntiAid Removal Guide AntiAid is a rogue antivirus/security program that is from the Wini family of Rogues. This is a bit of a departure from much of the long recent history of these rogues due to a new user interface. This rogue (and it's family) is usually advertised (pushed would be a better......
- How to Remove DefendAPC | DefendAPC Removal Guide DefendAPC is the latest variation on the Wini family of rogue antivirus. It is typically promoted via the use of trojans, malware and aggressive advertising. Once installed on the system it will run supposed scans of the system claiming that you have viruses on your system and that you have......
- How to Remove SiteVillain | SiteVillain Removal Guide SiteVillain is another new rogue security or rogue antivirus program from the Wini family. Like a couple other of the recent rogue applications from the wini group, this one sports their new user interface. Among it's claims of infected files and that the only way to fix them are to......
- Free Success Ebook: “The Law of Success – Lesson Fifteen: Tolerance” by Napoleon Hill "It is, of course, obvious that anything which impedes the progress of civilization stands, also, as a barrier to each individual; and, stating it conversely, anything that beclouds the mind of the individual and retards his mental, moral and spiritual development, retards, also, the progress of civilization . .......
- Remove Spyware: Make your Pc Clean and Safe To find out how effectively you can remove Spyware from your system read it. Spyware are some malicious programs that get installed in your computer through Internet with the help of free offered utility software. These Spyware or the Adware as usually known, install with or without users consent and......
- How to wreck your business credibility and how to avoid it When running a small business your credibility is vital. You spend a lot of time and money building your credibility, reputation and integrity within your chosen market. So if I told you all that hard work could be completely destroyed, just by you failing to do something simple, would......
- How to Remove Malware Professional 2010 | Malware Professional 2010 Removal Guide
- How to Remove IGuardPC | IGuardPC Removal Guide
- How to Remove AntiTroy | AntiTroy Removal Guide
- How to Remove GreatDefender | GreatDefender Removal Guide
- How to Remove APCProtect | APCProtect Removal Guide