DefendAPC is the latest variation on the Wini family of rogue antivirus. It is typically promoted via the use of trojans, malware and aggressive advertising. Once installed on the system it will run supposed scans of the system claiming that you have viruses on your system and that you have multiple security vulnerabilities on your system. Both of these claims are typically inaccurate and have been invented. Many times the rogue itself will create files that it then detects during the supposed scans. As you can imagine, this doesn’t do much for it’s credibility…. Read on for how to remove DefendAPC.
In addition to the usual problems you may also see the following messages from this rogue:
Ihr Computer ist mit Spionprogramm infektioniert. Das kann Ihren Dateien und die im Internet zugänglich machen. Klicken bitte hier, um Ihre Kopie von DefendAPc zu registrieren und Ihr PC von Spyprogramm frei zu machen.
Your computer is infected with spyware. It could damage your critical files or expose your private data on the Internet. Click here to register your copy of BlockProtector and remove spyware threats from your PC.
Votre ordinateur est infecté de spyware. Il pourrait endommager vos fichiers critiques ou exposer vos données prives sur ‘Internet. Cliquez ici pour enregistrer votre copie de DefendAPc et enléver des menaces spyware de votre OP.
Il suo computer è infetto di spyware. Puo dannegiare i suoi files criticali rivelare i suoi dati personali nell’Internet. Clicca qui per registrare la sua coppia di DefendAPc e rimouvere le minacce di spyware dal suo computer.
First you should really try to visit the control panel and the add/remove programs area to see if it’s possible to uninstall defendapc. With many rogues this may not be possible, but it is worth trying as your first line of defense against software that you do not want on your system. If it works, I would still follow up with a scan using a trusted malware removal tool such as malwarebytes antimalware or superantispyware and then continue to scan with an antivirus application that is also reputable. (AVG/mcafee/norton/etc.)
This particular rogue may also include a rootkit named TDL3 in it’s install on your system. This will make cleanup a bit more challenging. The people over at bleeping computer have a forum post with more details on advanced removals. In fact, they have a very helpful forum for most any malware removal. I highly recommend it if you get stuck.
You may download malwarebytes from a link on the virus removal toolkit page. While there you may also wish to download process explorer. After it is downloaded go ahead and try to install malwarebytes on your system.
If you are unable to install malwarebytes antimalware you may try the following: 1) rename the installer from mbam-setup.exe to something like iexplore.exe and retry launching it. 2) reboot into safe mode with networking and retry the install. 3) follow the next step which involves killing off the running processes associated with defendapc and then retry the install.
The following processes are associated with defendapc and should be killed off using the task manager. If task manager will not launch you may try the following: 1) copy and paste the task manager executable (taskmgr.exe) to the desktop and then rename it to something like firefox.exe 2) reboot into safe mode with networking and see if the listed applications are running (if not continue with your removal in safe mode.) 3) use process explorer instead of task manager to kill off the following:
The above filenames include files that are created with a random name. Please use the information and locations listed below plus what you see on your system to help you decide which processes need to be terminated. The filenames below also include randomly created filenames.
The following files should be deleted to manually remove defendapc from your computer:
%docs%All UsersStart MenuProgramsDefendAPc
%docs%All UsersStart MenuProgramsDefendAPc1 DefendAPc.lnk
%docs%All UsersStart MenuProgramsDefendAPc2 Homepage.lnk
%docs%All UsersStart MenuProgramsDefendAPc3 Uninstall.lnk
After you have completed a manual removal of defendapc you should follow up with a malware removal tool such as superantispyware or malwarebytes antimalware. Then use a trusted, reputable antivirus application (or online scanner) to make one more pass over the computer to make certain that it’s clean.
Related PostsRelated Posts
- How to Remove AntiAid | AntiAid Removal Guide AntiAid is a rogue antivirus/security program that is from the Wini family of Rogues. This is a bit of a departure from much of the long recent history of these rogues due to a new user interface. This rogue (and it's family) is usually advertised (pushed would be a better......
- How to Remove TrustFighter | Trust Fighter Removal Guide TrustFighter sports a very familiar face, but a different name. Trustfighter is a rogue security application that is in the long line of similar applications such as TrustSoldier (TrustSoldier removal guide) and the following others... SafeFighter (Safefighter Removal), TrustCop (TrustCop Removal Guide), SecureWarrior (SecureWarrior Removal), SecurityFighter (SecurityFighter Removal), SecuritySoldier (SecuritySoldier......
- How to Remove AntiAdd | AntiAdd Removal Guide AntiAdd is a rogue antivirus application. It is installed via trojans that claim to be video codec or flash player updates and then once installed on the system it will claim to be scanning your computer and discovering all sorts of viral infected files. In addition to this it may......
- Combating Computer Espionage Combating Computer EspionageCombating Computer Espionage In some cases, spies as well as covert operations are found in war grounds or politically tense regions. Now in spite of everything, you can find spies in addition to covert operations running undetected within your personal computer system as you use your computer along......
- Door Installation Instructions for Knocked-Down Pre-Hung Doors Doors are something in our homes that we often take for granted. On the surface they are fairly simple, but as with most things in the home they’re a lot more difficult to deal with when you’re doing it yourself. Below you’ll find some door installation instructions to help you......
- Low Cost Computing for a Baby Boomer Lifestyle I rely heavily on personal computers for work and home activities. So do you. One of my objectives over the past couple of years has been to reduce the cost of computing in the one area where cost-control is easiest: software. I have found many free software applications that work......
- How to Remove ReAnti | ReAnti Removal Guide
- How to Remove TrustSoldier | Trust Soldier Removal Guide
- How to Remove ShieldSafeness | ShieldSafeness Removal Guide
- How to Remove SecurityFighter | Security Fighter Removal
- How to Remove IGuardPC | IGuardPC Removal Guide