How to remove PC Defender (Uninstall instructions)

PC Defender is a new rogue antispyware program that distributed through the use of trojans, which usually pretend to be a program required to watch a video online. When the trojan is started, it will install the fake security application onto your computer without your permission. The same trojan will also configure PC Defender to run automatically when Windows loads.

When the fake security program is running, it it will imitate a scan of your PC and label legitimate Windows files as trojans, backdoors and malware that will not be fixed unless you first purchase the program. Important to know, all of these reported infections are fake, so you can safely ignore the scan results that PC Defender gives you.

Last but not least, while the rogue is running, it will display numerous fake security warnings. Of course, these warnings – a fake and like false scan results should be ignored!

As you can see, PC Defender is a scam and should be removed from your computer upon detection. Do not be fooled into buying the program! Instead of doing so, follow the removal guidelines below in order to remove PC Defender and any associated malware from your computer for free.

More screen shoots of PC Defender

Symptoms in a HijackThis Log

F2 – REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,”C:\Program Files\Def Group\PC Defender\Antispyware.exe”

Use the following instructions to remove PC Defender (Uninstall instructions)

Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.

Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded you will see window similar to the one below.

Malwarebytes Anti-Malware Window

Select Perform Quick Scan, then click Scan, it will start scanning your computer for PC Defender infection. This procedure can take some time, so please be patient.

When the scan is complete, click OK, then Show Results to view the results. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.

Malwarebytes Anti-malware, list of infected items

Make sure that everything is checked, and click Remove Selected for start PC Defender removal process. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.

Note 2: if you need help with the instructions, then post your questions in our Spyware Removal forum.

Note 3: your current antispyware and antivirus software let the infection through ? Then you may want to consider purchasing the FULL version of MalwareBytes Anti-malware to protect your computer in the future.

PC Defender creates the following files and folders

C:\Program Files\Def Group\PC Defender
C:\Documents and Settings\All Users\Start Menu\Programs\PC Defender
C:\WINDOWS\Installer\{FC2ABC8E-3715-4A32-B8B5-559380F45282}
C:\Program Files\Def Group\PC Defender\proccheck.exe
C:\Program Files\Def Group\PC Defender\Antispyware.exe
C:\Program Files\Def Group\PC Defender\hook.dll
C:\Documents and Settings\All Users\Start Menu\Programs\PC Defender\PC Defender.lnk
C:\WINDOWS\Installer\{FC2ABC8E-3715-4A32-B8B5-559380F45282}\_BF2DDB0AC7FD40D5AAEDAF.exe
C:\WINDOWS\Installer\{FC2ABC8E-3715-4A32-B8B5-559380F45282}\_C507892FD1860AF6477A61.exe
C:\Documents and Settings\All Users\Desktop\PC Defender.lnk

PC Defender creates/changes the following registry keys and values

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FC2ABC8E-3715-4A32-B8B5-559380F45282}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon | Userinit = “C:\WINDOWS\system32\userinit.exe, “C:\Program Files\Def Group\PC Defender\Antispyware.exe””