How to Remove Malware Defense | Malware Defense Removal Guide



Malware Defense (or malware defence) is a rogue antivirus application that will install itself on your system and then claim that there are many security problems and even viruses on your system. It will claim that it can fix these problems (for a price) and may prevent you from downloading files to your computer from the internet. (It basically sets up web browsing through a proxy so that it can monitor and control all of your internet activity.) You should remove this pest from your computer. Read on for how to remove malware defense.


The best way to remove any pest or annoying software from your computer is to visit the control panel and use the add/remove programs applet and uninstall malware defense from there. Unfortunately this particular piece of malware is a bit more crafty than most others and this method likely will not work. If for some reason it does, count yourself lucky and then follow up with malware removal tools as well as antivirus tools and scans so that you can make certain the system is clean. I would use malwarebytes antimalware and or superantispyware for malware removal and avg/avira/avast or trendmicros housecall for the virus scan, but frankly, just make sure it’s a reputable antivirus product.

You may not be able to download anything to this machine directly if it is infected with this pest. If that’s the case, use another pc to make your downloads of removal tools. Another thing you may wish/need to do on this machine is adjust the internet explorer settings to bypass the proxy that this rogue creates. Go to the internet settings area (tools/internet settings). Then Connections tab, LAN settings and look for the checkbox that says “Use a Proxy server for your LAN”. Uncheck this box to bypass the proxy that this rogue creates.

Also, you may want to proceed and download rkill.com from malwarebytes site as this will kill off the running processes associated with malware defense. Again, this may need to be done using a flash memory stick on another machine.

Rkill is a fairly useful tool, but of course, many rogues will not like to see it running and try to kill it off, or complain that it is an infection of some sort. If you get stuck with one window of rkill, launch it again (and again and again) until there is no malware running. Malwarebytes antimalware will be able to install once these processes are killed off, but you may wish to rename the installer (mbam-setup.exe) to something else such as explorer.exe for instance.

By the way it is very important to NOT reboot after killing off the running processes with rkill. If you do, then the processes will be running when you reboot. INstall, malwarebytes antimalware and update and scan. It is possible that you may get an error when launching it that it is unable to find mbam.exe . *failed code 2*. If this is the case, download the executable from this link. The file name will be randomized. Save it to c:\program files\malwarebytes’ anti-malware and then browse to the folder and run this new randomly named file, then you should be able to update, scan and clean.

If you wish to keep malwarebytes antimalware on your system for future use you may be best off uninstalling and reinstalling after this software is cleaned off.

The following processes are associated with malware defense and should have been killed off by rkill:

mdefense.exe
uninstall.exe

The following files and folders are associated with Malware Defense and should be deleted in a full removal of malware defense:

%progfiles%\Malware Defense
%progfiles%\Malware Defense\help.ico
%progfiles%\Malware Defense\md.db
%progfiles%\Malware Defense\mdefense.exe
%progfiles%\Malware Defense\mdext.dll
%progfiles%\Malware Defense\uninstall.exe
%userprof%\Desktop\Malware Defense Support.lnk
%userprof%\Desktop\Malware Defense.lnk
%userprof%\Start Menu\Programs\Malware Defense
%userprof%\Start Menu\Programs\Malware Defense\Malware Defense Support.lnk
%userprof%\Start Menu\Programs\Malware Defense\Malware Defense.lnk
%userprof%\Start Menu\Programs\Malware Defense\Uninstall Malware Defense.lnk

Due to the nature of this rogue it’s not really practical to do a manual removal of malware defense, but even after you have gone through the automated removal I think you should follow up with other scans until the system is clean. Use malwarebytes antimalware if you like, or superantispyware as another alternative. Also I would follow this with an antivirus scan from a trusted antivirus application such as trendmicros online housecall or avg, avira, avast, mcafee, etc. Scan untill clean.

   Send article as PDF   

Similar Posts