DefendAPC is the latest variation on the Wini family of rogue antivirus. It is typically promoted via the use of trojans, malware and aggressive advertising. Once installed on the system it will run supposed scans of the system claiming that you have viruses on your system and that you have multiple security vulnerabilities on your system. Both of these claims are typically inaccurate and have been invented. Many times the rogue itself will create files that it then detects during the supposed scans. As you can imagine, this doesn’t do much for it’s credibility…. Read on for how to remove DefendAPC.
In addition to the usual problems you may also see the following messages from this rogue:
Ihr Computer ist mit Spionprogramm infektioniert. Das kann Ihren Dateien und die im Internet zugänglich machen. Klicken bitte hier, um Ihre Kopie von DefendAPc zu registrieren und Ihr PC von Spyprogramm frei zu machen.
Your computer is infected with spyware. It could damage your critical files or expose your private data on the Internet. Click here to register your copy of BlockProtector and remove spyware threats from your PC.
Votre ordinateur est infecté de spyware. Il pourrait endommager vos fichiers critiques ou exposer vos données prives sur ‘Internet. Cliquez ici pour enregistrer votre copie de DefendAPc et enléver des menaces spyware de votre OP.
Il suo computer è infetto di spyware. Puo dannegiare i suoi files criticali rivelare i suoi dati personali nell’Internet. Clicca qui per registrare la sua coppia di DefendAPc e rimouvere le minacce di spyware dal suo computer.
First you should really try to visit the control panel and the add/remove programs area to see if it’s possible to uninstall defendapc. With many rogues this may not be possible, but it is worth trying as your first line of defense against software that you do not want on your system. If it works, I would still follow up with a scan using a trusted malware removal tool such as malwarebytes antimalware or superantispyware and then continue to scan with an antivirus application that is also reputable. (AVG/mcafee/norton/etc.)
This particular rogue may also include a rootkit named TDL3 in it’s install on your system. This will make cleanup a bit more challenging. The people over at bleeping computer have a forum post with more details on advanced removals. In fact, they have a very helpful forum for most any malware removal. I highly recommend it if you get stuck.
You may download malwarebytes from a link on the virus removal toolkit page. While there you may also wish to download process explorer. After it is downloaded go ahead and try to install malwarebytes on your system.
If you are unable to install malwarebytes antimalware you may try the following: 1) rename the installer from mbam-setup.exe to something like iexplore.exe and retry launching it. 2) reboot into safe mode with networking and retry the install. 3) follow the next step which involves killing off the running processes associated with defendapc and then retry the install.
The following processes are associated with defendapc and should be killed off using the task manager. If task manager will not launch you may try the following: 1) copy and paste the task manager executable (taskmgr.exe) to the desktop and then rename it to something like firefox.exe 2) reboot into safe mode with networking and see if the listed applications are running (if not continue with your removal in safe mode.) 3) use process explorer instead of task manager to kill off the following:
The above filenames include files that are created with a random name. Please use the information and locations listed below plus what you see on your system to help you decide which processes need to be terminated. The filenames below also include randomly created filenames.
The following files should be deleted to manually remove defendapc from your computer:
%docs%All UsersStart MenuProgramsDefendAPc
%docs%All UsersStart MenuProgramsDefendAPc1 DefendAPc.lnk
%docs%All UsersStart MenuProgramsDefendAPc2 Homepage.lnk
%docs%All UsersStart MenuProgramsDefendAPc3 Uninstall.lnk
After you have completed a manual removal of defendapc you should follow up with a malware removal tool such as superantispyware or malwarebytes antimalware. Then use a trusted, reputable antivirus application (or online scanner) to make one more pass over the computer to make certain that it’s clean.
Related PostsRelated Posts
- How to Remove SysDefence | Sysdefence Removal Guide Sysdefence is another rogue antivirus application from the wini family. This family of rogues has been quite prolific lately and typically is pushed on computer users through aggressive trojans that will appear on web pages masquerading as an update for flash player or a video codec for a video that......
- How to Remove AntiAid | AntiAid Removal Guide AntiAid is a rogue antivirus/security program that is from the Wini family of Rogues. This is a bit of a departure from much of the long recent history of these rogues due to a new user interface. This rogue (and it's family) is usually advertised (pushed would be a better......
- How to Remove TheDefend | TheDefend Removal Guide TheDefend is a rogue antivirus program that is one of the latest incarnations of the wini family of rogues. It will introduce itself onto your system through aggressive advertising claiming to be a video codec update or flash player update that may be required to see a highly sought after......
- Door Installation Instructions for Knocked-Down Pre-Hung Doors Doors are something in our homes that we often take for granted. On the surface they are fairly simple, but as with most things in the home they’re a lot more difficult to deal with when you’re doing it yourself. Below you’ll find some door installation instructions to help you......
- How to Remove Antivirus 2009, Spyware Guard 2008 and Other Malware My wife, kids, and I spent this past Christmas at my parents' house. It wasn't long after we arrived before I gravitated to their computer to check my email, read the news, check the stock market, etc. Much to my dismay, I found a barrage of malware, spyware, and......
- How to Keep Your Job - Rule 1 Edition If what I am reading or hearing is any indication, just about anyone who is receiving a paycheck in this economy is worried about how long that paycheck delivery will last. More to the point, they are concerned that the next knock on the door will be a grim reaper-style......
- How to Remove ReAnti | ReAnti Removal Guide
- How to Remove TrustSoldier | Trust Soldier Removal Guide
- How to Remove ShieldSafeness | ShieldSafeness Removal Guide
- How to Remove SecurityFighter | Security Fighter Removal
- How to Remove IGuardPC | IGuardPC Removal Guide