How to remove Windows Active Defender virus

Windows Active Defender is a rogue antispyware software. It reports false infections, displays various fake security alerts, hijacks an Internet browser as a method to force you to believe that your computer is infected. Windows Active Defender is designed with one purpose – to scare you into thinking that your computer in danger as method to trick you into purchasing the full version of the program. If your computer is infected with this malware, then most importantly, do not purchase it! Uninstall the rogue from your computer as soon as possible. Use the removal guide below to remove Windows Active Defender from your computer for free.

The bogus program infiltrate computers with the help of trojans or malware without your desire. During installation, Windows Active Defender will tune up your system so it will get launched automatically when you logon into Windows. Immediately after launch, this fake security program will start to scan your computer and reports a lot of various infections that will not be fixed unless you first purchase the software. Important to know, all of these infections are a fake and do not actually exist on your computer. So you can safely ignore the scan results that Windows Active Defender gives you.

Last but not least, while the rogue is running, it will display various security warnings. Some of the warnings are:

Error
Software without a digital signature detected.
Your system files are at risk. We strongly advise you to activate your protection.

Error
Attempt to run a potentially dangerous script detected.
Full system scan is a highly recommended.

Error
Keylogger activity detected. System information security is at risk. It is recommended to activate protection and run a full system scan.

Just like false scan results above, all of these alerts are a fake and supposed to scare you into thinking your computer is in danger. You should ignore all of them!

As you can see, all Windows Active Defender does is fake and you should stay away from the malicious application! If your PC has been infected with the rogue, then ignore all it gives you and follow the removal instructions below in order to remove Windows Active Defender and any associated malware from your computer for free.

Use the following instructions to remove Windows Active Defender (Uninstall instructions)

It is possible that the rogue will not allow you to run a malware removal tools, then you will need to reboot your computer in Safe mode with networking.

Restart your computer. After hearing your computer beep once during startup, start pressing the F8 key on your keyboard. On a computer that is configured for booting to multiple operating systems, you can press the F8 key when the Boot Menu appears.

Instead of Windows loading as normal, Windows Advanced Options menu appears similar to the one below.

Windows Advanced Options menu

When the Windows Advanced Options menu appears, select Safe mode with networking and then press ENTER.

Windows Active Defender virus changes Internet Explorer proxy settings to use a malicious proxy server that will not allow you download or update security software. So, you should complete this step to fix this problem.

Run Internet Explorer, Click Tools -> Internet Options as as shown in the screen below.

Internet Explorer – Tools menu

You will see window similar to the one below.

Internet Explorer – Internet options

Select Connections Tab and click to Lan Settings button. You will see an image similar as shown below.

Internet Explorer – Lan settings

Uncheck “Use a proxy server” box. Click OK to close Lan Settings and Click OK to close Internet Explorer settings.

Now you should download Malwarebytes Anti-malware and remove all Windows Active Defender associated malware.

Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.

Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MalwareBytes Anti-malware onto your computer. Once installation is complete, you will see window similar to the one below.

Malwarebytes Anti-Malware Window

Now click on the Scan button to start scanning your computer for Windows Active Defender associated malware. This procedure can take some time, so please be patient.

When the scan is finished a message box will appear that it has completed scanning successfully. Click OK. Now click “Show Results”. Make sure all entries have a checkmark at their far left and click “Remove Selected”.

Windows Active Defender may change the Windows system HOSTS file so you need reset this file with the default version for your operating system.

Please download OTM by OldTimer from here and save it to desktop. Run OTM, copy, then paste the following text in “Paste Instructions for Items to be Moved” textarea (under the yellow bar):

:Commands
[resethosts]

Click the red Moveit! button. Close OTM.

Your system should now be free of the Windows Active Defender virus. If you need help with the instructions, then post your questions in our Spyware Removal forum.

Windows Active Defender removal notes

Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.

Note 2: your current antispyware and antivirus software let the infection through ? Then you may want to consider purchasing the FULL version of MalwareBytes Anti-malware to protect your computer in the future.