How to Remove DefendAPC | DefendAPC Removal Guide

DefendAPC is the latest variation on the Wini family of rogue antivirus. It is typically promoted via the use of trojans, malware and aggressive advertising. Once installed on the system it will run supposed scans of the system claiming that you have viruses on your system and that you have multiple security vulnerabilities on your system. Both of these claims are typically inaccurate and have been invented. Many times the rogue itself will create files that it then detects during the supposed scans. As you can imagine, this doesn’t do much for it’s credibility…. Read on for how to remove DefendAPC.

In addition to the usual problems you may also see the following messages from this rogue:

German Alert:
Spzprogramm Warnzeichen!
Ihr Computer ist mit Spionprogramm infektioniert. Das kann Ihren Dateien und die im Internet zugänglich machen. Klicken bitte hier, um Ihre Kopie von DefendAPc zu registrieren und Ihr PC von Spyprogramm frei zu machen.

English Alert:
Spyware Alert!
Your computer is infected with spyware. It could damage your critical files or expose your private data on the Internet. Click here to register your copy of BlockProtector and remove spyware threats from your PC.

French Alert:
Spyware Alerte!
Votre ordinateur est infecté de spyware. Il pourrait endommager vos fichiers critiques ou exposer vos données prives sur ‘Internet. Cliquez ici pour enregistrer votre copie de DefendAPc et enléver des menaces spyware de votre OP.

Italian Alert:
Spyware miniaccia!
Il suo computer è infetto di spyware. Puo dannegiare i suoi files criticali rivelare i suoi dati personali nell’Internet. Clicca qui per registrare la sua coppia di DefendAPc e rimouvere le minacce di spyware dal suo computer.

First you should really try to visit the control panel and the add/remove programs area to see if it’s possible to uninstall defendapc. With many rogues this may not be possible, but it is worth trying as your first line of defense against software that you do not want on your system. If it works, I would still follow up with a scan using a trusted malware removal tool such as malwarebytes antimalware or superantispyware and then continue to scan with an antivirus application that is also reputable. (AVG/mcafee/norton/etc.)

This particular rogue may also include a rootkit named TDL3 in it’s install on your system. This will make cleanup a bit more challenging. The people over at bleeping computer have a forum post with more details on advanced removals. In fact, they have a very helpful forum for most any malware removal. I highly recommend it if you get stuck.

You may download malwarebytes from a link on the virus removal toolkit page. While there you may also wish to download process explorer. After it is downloaded go ahead and try to install malwarebytes on your system.

If you are unable to install malwarebytes antimalware you may try the following: 1) rename the installer from mbam-setup.exe to something like iexplore.exe and retry launching it. 2) reboot into safe mode with networking and retry the install. 3) follow the next step which involves killing off the running processes associated with defendapc and then retry the install.

The following processes are associated with defendapc and should be killed off using the task manager. If task manager will not launch you may try the following: 1) copy and paste the task manager executable (taskmgr.exe) to the desktop and then rename it to something like firefox.exe 2) reboot into safe mode with networking and see if the listed applications are running (if not continue with your removal in safe mode.) 3) use process explorer instead of task manager to kill off the following:


The above filenames include files that are created with a random name. Please use the information and locations listed below plus what you see on your system to help you decide which processes need to be terminated. The filenames below also include randomly created filenames.

The following files should be deleted to manually remove defendapc from your computer:

%docs%All UsersDesktopDefendAPc.lnk
%docs%All UsersStart MenuProgramsDefendAPc
%docs%All UsersStart MenuProgramsDefendAPc1 DefendAPc.lnk
%docs%All UsersStart MenuProgramsDefendAPc2 Homepage.lnk
%docs%All UsersStart MenuProgramsDefendAPc3 Uninstall.lnk
%progfiles%DefendAPc Software
%progfiles%DefendAPc SoftwareDefendAPc
%progfiles%DefendAPc SoftwareDefendAPcDefendAPc.exe
%progfiles%DefendAPc SoftwareDefendAPcmain_config.xml
%progfiles%DefendAPc SoftwareDefendAPcuninstall.exe

After you have completed a manual removal of defendapc you should follow up with a malware removal tool such as superantispyware or malwarebytes antimalware. Then use a trusted, reputable antivirus application (or online scanner) to make one more pass over the computer to make certain that it’s clean.

Related Posts

Blog Traffic Exchange Related Posts
  • How to Remove ShieldSafeness | ShieldSafeness Removal Guide The Wini family of rogue antivirus software has given us yet another version in the last couple days... ShieldSafeness. This is quick on the heels of SoftStronghold (softstronghold removal guide) and succeeds the following variants in this prolific family.... Softveteran (see the softveteran removal guide) but.... SoftCop (see the SoftCop......
  • How to Remove TrustFighter | Trust Fighter Removal Guide TrustFighter sports a very familiar face, but a different name. Trustfighter is a rogue security application that is in the long line of similar applications such as TrustSoldier (TrustSoldier removal guide) and the following others... SafeFighter (Safefighter Removal), TrustCop (TrustCop Removal Guide), SecureWarrior (SecureWarrior Removal), SecurityFighter (SecurityFighter Removal), SecuritySoldier (SecuritySoldier......
  • How to Remove AntiAid | AntiAid Removal Guide AntiAid is a rogue antivirus/security program that is from the Wini family of Rogues. This is a bit of a departure from much of the long recent history of these rogues due to a new user interface. This rogue (and it's family) is usually advertised (pushed would be a better......
Blog Traffic Exchange Related Websites
  • Why We Have To Switch To Cloud Web Host: Why we must switch to Cloud Web host: Cloud hosting as explained in Wikipedia is a service that does not need knowledge among the consumers, we might not really know it, but we are actually enjoying the benefits of cloud hosting as Google searches are running within a cloud of......
  • Door Installation Instructions for Knocked-Down Pre-Hung Doors Doors are something in our homes that we often take for granted. On the surface they are fairly simple, but as with most things in the home they’re a lot more difficult to deal with when you’re doing it yourself. Below you’ll find some door installation instructions to help you......
  • How to File Your Taxes for a Recent Graduate This post is part of a three post series which walks a recent graduate through filling out their W-4 and filing their taxes. After these three posts, recent grads should be squared away with Uncle Sam come April. Post 1: How To Fill Out A W-4 For A Recent Graduate......    Send article as PDF   

Similar Posts

See what happened this day in history from either BBC Wikipedia
Amazon Logo

Comments are closed.

Switch to our mobile site