Malware Defense (or malware defence) is a rogue antivirus application that will install itself on your system and then claim that there are many security problems and even viruses on your system. It will claim that it can fix these problems (for a price) and may prevent you from downloading files to your computer from the internet. (It basically sets up web browsing through a proxy so that it can monitor and control all of your internet activity.) You should remove this pest from your computer. Read on for how to remove malware defense.
The best way to remove any pest or annoying software from your computer is to visit the control panel and use the add/remove programs applet and uninstall malware defense from there. Unfortunately this particular piece of malware is a bit more crafty than most others and this method likely will not work. If for some reason it does, count yourself lucky and then follow up with malware removal tools as well as antivirus tools and scans so that you can make certain the system is clean. I would use malwarebytes antimalware and or superantispyware for malware removal and avg/avira/avast or trendmicros housecall for the virus scan, but frankly, just make sure it’s a reputable antivirus product.
You may not be able to download anything to this machine directly if it is infected with this pest. If that’s the case, use another pc to make your downloads of removal tools. Another thing you may wish/need to do on this machine is adjust the internet explorer settings to bypass the proxy that this rogue creates. Go to the internet settings area (tools/internet settings). Then Connections tab, LAN settings and look for the checkbox that says “Use a Proxy server for your LAN”. Uncheck this box to bypass the proxy that this rogue creates.
Also, you may want to proceed and download rkill.com from malwarebytes site as this will kill off the running processes associated with malware defense. Again, this may need to be done using a flash memory stick on another machine.
Rkill is a fairly useful tool, but of course, many rogues will not like to see it running and try to kill it off, or complain that it is an infection of some sort. If you get stuck with one window of rkill, launch it again (and again and again) until there is no malware running. Malwarebytes antimalware will be able to install once these processes are killed off, but you may wish to rename the installer (mbam-setup.exe) to something else such as explorer.exe for instance.
By the way it is very important to NOT reboot after killing off the running processes with rkill. If you do, then the processes will be running when you reboot. INstall, malwarebytes antimalware and update and scan. It is possible that you may get an error when launching it that it is unable to find mbam.exe . *failed code 2*. If this is the case, download the executable from this link. The file name will be randomized. Save it to c:program filesmalwarebytes’ anti-malware and then browse to the folder and run this new randomly named file, then you should be able to update, scan and clean.
If you wish to keep malwarebytes antimalware on your system for future use you may be best off uninstalling and reinstalling after this software is cleaned off.
The following processes are associated with malware defense and should have been killed off by rkill:
The following files and folders are associated with Malware Defense and should be deleted in a full removal of malware defense:
%userprof%DesktopMalware Defense Support.lnk
%userprof%Start MenuProgramsMalware Defense
%userprof%Start MenuProgramsMalware DefenseMalware Defense Support.lnk
%userprof%Start MenuProgramsMalware DefenseMalware Defense.lnk
%userprof%Start MenuProgramsMalware DefenseUninstall Malware Defense.lnk
Due to the nature of this rogue it’s not really practical to do a manual removal of malware defense, but even after you have gone through the automated removal I think you should follow up with other scans until the system is clean. Use malwarebytes antimalware if you like, or superantispyware as another alternative. Also I would follow this with an antivirus scan from a trusted antivirus application such as trendmicros online housecall or avg, avira, avast, mcafee, etc. Scan untill clean.
Related PostsRelated Posts
- How to Remove Additional Guard | Additional Guard Removal Guide Additional Guard is a rogue antivirus application and like many of these it can either be installed with or without the users permission. Even without a person actually wanting it, but simply visiting the wrong web page users may find this program on their system. Once on their system this......
- How to Remove Antivirus PC 2009 | Antivirus PC 2009 Removal Guide Antivirus PC 2009 is a rogue antivirus application that is installed through malware and other nefarious means. Once installed on your system it will complain about security problems on your system. It will scan and claim that there are viruses on your computer. Like most all of these rogue antivirus......
- How to Remove PC Scout | PC Scout Removal Guide PC Scout is another rogue application with a similar look and feel to the Windows Security Center. (It's also apparently a clone of the same family as ActiveSecurity (ActiveSecurity Removal) It likely installs through malware and the use of web popups. Once it's installed on your system it tries to......
- World Wide Web Security Essentials Is Not A Real Spyware Remover. It Resembles The Functions And Looks World wide web Security Essentials is not a real spyware remover. It resembles the functions and looks of genuine spyware removal software but has no capacity to eliminate any virus, trojan or malware. Web Security Essentials is the newest addition to the growing list of rogue Antivirus programs. Internet Security......
- Hunting Decals Hunting decals are one of the little perks of hunting that don't really serve a purpose but can be a great deal of fun. We've all seen trucks going down the road that have more decals on them than paint. While you may not want to go to that extreme,......
- FAQ about computer security Q: The virus blocked the registry access and how to get rid of it?A: You can deal with like this: 1. Click on Start -> Run (or Start Search in Windows Vista). 2. Enter GPEdit.msc and then press Enter. 3. Navigate to the following location: User Configuration -> Administrative Templates......
- How to Remove Antivirus PC 2009 | Antivirus PC 2009 Removal Guide
- How to Remove Win Security 360 | Win Security 360 Removal Guide
- How to Remove Data Doctor 2010 | Data Doctor 2010 Removal Guide
- Remove Personal Guard 2009 | Personal Guard 2009 Removal
- Remove Total Security 2009 | TotalSecurity 2009 Removal