• Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Rogue Anti Spyware
    • Virus
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools

My AntiSpyware

Free antispyware software, Online Scanners, Instructions on how to remove spyware and malware.

Menu
  • Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Rogue Anti Spyware
    • Virus
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools
Home › Rogue Anti Spyware › Tutorials - HowTo › How to remove TheDefend (Uninstall instructions)

How to remove TheDefend (Uninstall instructions)

Myantispyware team December 16, 2009     No Comment    

TheDefendTheDefend is a rogue antispyware program that spreads mostly through the use of trojans which usually pretend to be flash updates, or even video codecs required to watch movies online.

Once installed, the trojan will install TheDefend onto your computer and will configure it to run automatically when Windows loads. The trojan will also create a lot of files with random name in Windows and Windows\System32 folders. All of these files are harmless, but TheDefend during the scan will label them as infections to trick you think that your computer in danger. Of course, the scan results are fake and you should ignore all that the program gives you!

What is more, the trojan that installs TheDefend will also install a variant of trojan FakeAlert. Once running, the trojan will show a screen that looks like Windows Security Center and a lot of fake spyware alerts and nag screens. An example:

Spyware Alert!
Your computer is infected with spyware. It could damage your
critical files or expose your private data on the Internet. Click
here to register your copy of TheDefend and remove spyware
threats from your PC.

Of course, all of these alerts are fake and like false scan results should be ignored! As you can see, TheDefend is a scam and should be removed upon detection. It designed with one purpose, to trick you into purchasing so-called “full” version of the program!

If you find that your computer is infected with the malware, please use the removal guide below to remove TheDefend from your computer for free.

More screen shoots of TheDefend



Symptoms in a HijackThis Log

O4 – HKCU\..\Run: [

Spyware software are surreptitiously installed on user`s computer to collect information about computer’s configuration, user`s private information, user’s activity without his consent. Spyware may also change Windows settings, download and install other malicious programs without the user’s knowledge.

.exe] C:\WINDOWS\system32\

Spyware can do the following:
1. gather information about user habits of use of the Internet, what sites are visited most frequently (known as “tracking software”);
2. record keystrokes (keyloggers) and make a screenshots (screen scraper) and send collected data to the creator of the spyware;
3. remotely control user computer (remote control software) – backdoor, botnets, droneware;
4. download and run on user computer an additional malware;
5. analyze the state of security systems, scan an open ports, and look for vulnerabilities to crack passwords;

.exe
O4 – HKCU\..\Run: [TheDefend.exe] C:\Program Files\TheDefend Software\TheDefend\TheDefend.exe

Use the following instructions to remove TheDefend (Uninstall instructions)

Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.

Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded you will see window similar to the one below.

malwarebytes-antimalware1
Malwarebytes Anti-Malware Window

Select Perform Quick Scan, then click Scan, it will start scanning your computer for TheDefend infection. This procedure can take some time, so please be patient.

When the scan is complete, click OK, then Show Results to view the results. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.

TheDefend_remover
Malwarebytes Anti-malware, list of infected items

Make sure that everything is checked, and click Remove Selected for start TheDefend removal process. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.

TheDefend creates the following files and folders

C:\Documents and Settings\All Users\Start Menu\Programs\TheDefend
C:\Program Files\TheDefend Software
C:\Program Files\TheDefend Software\TheDefend
C:\Program Files\TheDefend Software\TheDefend\TheDefend.exe
C:\WINDOWS\system32\




.exe
C:\Documents and Settings\All Users\Start Menu\Programs\TheDefend\1 TheDefend.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\TheDefend\2 Homepage.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\TheDefend\3 Uninstall.lnk
C:\Program Files\TheDefend Software\TheDefend\uninstall.exe
C:\Documents and Settings\All Users\Desktop\TheDefend.LNK

TheDefend creates the following registry keys and values

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TheDefend
HKEY_LOCAL_MACHINE\SOFTWARE\TheDefend
HKEY_CURRENT_USER\SOFTWARE\TheDefend
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\TheDefend.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\

.exe

Rogue Anti Spyware Tutorials - HowTo

Author: Myantispyware team

Myantispyware is an information security website created in 2004. Our content is written in collaboration with Cyber Security specialists, IT experts, under the direction of Patrik Holder and Valeri Tchmych, founders of Myantispyware.com.

Leave a Reply Cancel reply




New Guides

Webnotificationsgroup.com
How to remove Webnotificationsgroup.com pop-ups (Virus removal guide)
Settings exe file Adware
Settings adware (Virus removal guide)
Atkatj.com
How to remove Atkatj.com pop-ups (Virus removal guide)
unwanted ads
Files Download Now extension (Virus removal guide)
unwanted ads
How to uninstall UnlimitedPixel app/extension from Mac (Virus removal guide)

Follow Us

Search

Useful Guides

remove android virus
How to remove virus from Android phone
Managed by your organization chrome virus
Chrome Managed by your organization malware removal guide
Files encrypted by ransomware become useless
How To Recover Encrypted Files (Ransomware file recovery)
adwcleaner
AdwCleaner – Review, How to use, Comments
Iphone Calendar virus spam
Iphone Calendar Virus/Spam (Removal guide)

Recent Posts

How to remove GuardPcs (Uninstall instructions)
How to remove IGuardPc (Uninstall instructions)
How to remove Internet Security 2010 (Uninstall instructions)
How to remove SiteAdware (Uninstall instructions)
How to remove richtx64.exe trojan (Fake Security Center Alert)

MYANTISPYWARE.COM

  • About Us
  • Contact Us
  • Privacy Policy

NEED A HELP ?

If you're seeing unwanted pop-ups or ads in your web-browser, you might have an adware installed on your computer. Use the following guide to stop pop-up ads and remove malicious software. Or ask for help here.

Links

  • Downloads
  • Instructions
  • Questions and Answers
  • Free Malware Removal Tools
Copyright © 2004 - 2022 Myantispyware.com - Free antispyware programs and Spyware Removal Instructions.