How to Remove DefendAPC | DefendAPC Removal Guide



DefendAPC is the latest variation on the Wini family of rogue antivirus. It is typically promoted via the use of trojans, malware and aggressive advertising. Once installed on the system it will run supposed scans of the system claiming that you have viruses on your system and that you have multiple security vulnerabilities on your system. Both of these claims are typically inaccurate and have been invented. Many times the rogue itself will create files that it then detects during the supposed scans. As you can imagine, this doesn’t do much for it’s credibility…. Read on for how to remove DefendAPC.


In addition to the usual problems you may also see the following messages from this rogue:

German Alert:
Spzprogramm Warnzeichen!
Ihr Computer ist mit Spionprogramm infektioniert. Das kann Ihren Dateien und die im Internet zugänglich machen. Klicken bitte hier, um Ihre Kopie von DefendAPc zu registrieren und Ihr PC von Spyprogramm frei zu machen.

English Alert:
Spyware Alert!
Your computer is infected with spyware. It could damage your critical files or expose your private data on the Internet. Click here to register your copy of BlockProtector and remove spyware threats from your PC.

French Alert:
Spyware Alerte!
Votre ordinateur est infecté de spyware. Il pourrait endommager vos fichiers critiques ou exposer vos données prives sur ‘Internet. Cliquez ici pour enregistrer votre copie de DefendAPc et enléver des menaces spyware de votre OP.

Italian Alert:
Spyware miniaccia!
Il suo computer è infetto di spyware. Puo dannegiare i suoi files criticali rivelare i suoi dati personali nell’Internet. Clicca qui per registrare la sua coppia di DefendAPc e rimouvere le minacce di spyware dal suo computer.

First you should really try to visit the control panel and the add/remove programs area to see if it’s possible to uninstall defendapc. With many rogues this may not be possible, but it is worth trying as your first line of defense against software that you do not want on your system. If it works, I would still follow up with a scan using a trusted malware removal tool such as malwarebytes antimalware or superantispyware and then continue to scan with an antivirus application that is also reputable. (AVG/mcafee/norton/etc.)

This particular rogue may also include a rootkit named TDL3 in it’s install on your system. This will make cleanup a bit more challenging. The people over at bleeping computer have a forum post with more details on advanced removals. In fact, they have a very helpful forum for most any malware removal. I highly recommend it if you get stuck.

You may download malwarebytes from a link on the virus removal toolkit page. While there you may also wish to download process explorer. After it is downloaded go ahead and try to install malwarebytes on your system.

If you are unable to install malwarebytes antimalware you may try the following: 1) rename the installer from mbam-setup.exe to something like iexplore.exe and retry launching it. 2) reboot into safe mode with networking and retry the install. 3) follow the next step which involves killing off the running processes associated with defendapc and then retry the install.

The following processes are associated with defendapc and should be killed off using the task manager. If task manager will not launch you may try the following: 1) copy and paste the task manager executable (taskmgr.exe) to the desktop and then rename it to something like firefox.exe 2) reboot into safe mode with networking and see if the listed applications are running (if not continue with your removal in safe mode.) 3) use process explorer instead of task manager to kill off the following:

DefendAPC.exe
Uninstall.exe
RANDOM.exe

The above filenames include files that are created with a random name. Please use the information and locations listed below plus what you see on your system to help you decide which processes need to be terminated. The filenames below also include randomly created filenames.

The following files should be deleted to manually remove defendapc from your computer:

%docs%All UsersDesktopDefendAPc.lnk
%docs%All UsersStart MenuProgramsDefendAPc
%docs%All UsersStart MenuProgramsDefendAPc1 DefendAPc.lnk
%docs%All UsersStart MenuProgramsDefendAPc2 Homepage.lnk
%docs%All UsersStart MenuProgramsDefendAPc3 Uninstall.lnk
%progfiles%DefendAPc Software
%progfiles%DefendAPc SoftwareDefendAPc
%progfiles%DefendAPc SoftwareDefendAPcDefendAPc.exe
%progfiles%DefendAPc SoftwareDefendAPcmain_config.xml
%progfiles%DefendAPc SoftwareDefendAPcuninstall.exe
%tmp%RANDOM.exe
%win%1037s5zal9614.cpl
%win%10z2backdo9591.ocx
%win%10z795roj498.bin
%win%system3260c09ackzoor5949.bin
%win%system32610559rmz3.cpl
%win%system32RANDOM.exe

After you have completed a manual removal of defendapc you should follow up with a malware removal tool such as superantispyware or malwarebytes antimalware. Then use a trusted, reputable antivirus application (or online scanner) to make one more pass over the computer to make certain that it’s clean.

Related Posts

Blog Traffic Exchange Related Posts
  • How to Remove TrustFighter | Trust Fighter Removal Guide TrustFighter sports a very familiar face, but a different name. Trustfighter is a rogue security application that is in the long line of similar applications such as TrustSoldier (TrustSoldier removal guide) and the following others... SafeFighter (Safefighter Removal), TrustCop (TrustCop Removal Guide), SecureWarrior (SecureWarrior Removal), SecurityFighter (SecurityFighter Removal), SecuritySoldier (SecuritySoldier......
  • How to Remove GreatDefender | GreatDefender Removal Guide GreatDefender is a rogue antivirus application from the winisoft family. It is installed onto a system through the use of trojans and other malware which should give you an indication that it is not something that you want on your system. (It's usually a bad sign when you don't know......
  • How to Remove ShieldSafeness | ShieldSafeness Removal Guide The Wini family of rogue antivirus software has given us yet another version in the last couple days... ShieldSafeness. This is quick on the heels of SoftStronghold (softstronghold removal guide) and succeeds the following variants in this prolific family.... Softveteran (see the softveteran removal guide) but.... SoftCop (see the SoftCop......
Blog Traffic Exchange Related Websites
  • Combating Computer Espionage Combating Computer EspionageCombating Computer Espionage In some cases, spies as well as covert operations are found in war grounds or politically tense regions. Now in spite of everything, you can find spies in addition to covert operations running undetected within your personal computer system as you use your computer along......
  • How to File Your Taxes for a Recent Graduate This post is part of a three post series which walks a recent graduate through filling out their W-4 and filing their taxes. After these three posts, recent grads should be squared away with Uncle Sam come April. Post 1: How To Fill Out A W-4 For A Recent Graduate......
  • How to Remove Antivirus 2009, Spyware Guard 2008 and Other Malware My wife, kids, and I spent this past Christmas at my parents' house. It wasn't long after we arrived before I gravitated to their computer to check my email, read the news, check the stock market, etc. Much to my dismay, I found a barrage of malware, spyware, and......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site