How to remove PC Defender 360 (Removal Guide)

PC Defender 360 is a computer virus, which pretends to be a legitimate security program and claims that malware has been detected on your computer. If you try to remove these infections, PC Defender 360 will state that you need to buy its full version before being able to do so.
It’s important to remember that by purchasing PC Defender 360 you will be submitting your personal information to unscrupulous persons and may also end up being a victim of credit card or identity fraud or theft.
[Image: PC Defender 360 virus]

PC Defender 360 targets users browsing Internet websites, and rely on social engineering to deliver its payload. This infection is promoted through web sites that have been hacked with scripts that try to install the software by exploiting vulnerabilities on your computer. It is also promoted through Trojans that pretend to be legitimate programs that are required to view an online video, but instead it will install the PC Defender 360 infection.

Once installed, PC Defender 360 will display fake security alerts that are designed to think that your data is at risk or that your computer is severely infected.These messages may include:

Security Alert
Vulnerabilities Found
Background scan for security breaches has been finished. Serious problems have been detected. Safeguard your system against exploits, malware and viruses right now by activating Proactive Defence.
Upgrade to full version of PC Defender 360 software package now! Clean your system and ward off new attacks against your system integrity and sensitive data. FREE daily updates and online protection from web-based intrusions are already in the bundle.

Security Alert
Unknown program is scanning your system registry right now! Identity theft detected!
Threat: Hoax.HTML.OdKlas.a

In reality, none of the reported issues are real, and are only used to scare you into buying PC Defender 360 and stealing your personal financial information.

As part of its self-defense mechanism, PC Defender 360 has disabled the Windows system utilities, including the Windows Task Manager and Registry Editor, and will block you from running certain programs that could lead to its removal.
This rogue antivirus has also modified your Windows files associations, and now whenever you are trying to open a program, PC Defender 360 will block this operation and display a bogus notification in which will report that the file is infected.

PC Defender 360 Firewall Alert
iexplore.exe is infected with Trojan-Downloader.JS.Agent.ftu. Private data can be stolen by third parties, including credit card details and passwords.

If your computer is infected with PC Defender 360 virus, then you are seeing the following screens:
[Image: PC Defender 360 malware]

[Image: PC Defender 360 Security Alert]

[Image: PC Defender 360 Firewall Alert]
PC Defender 360 is a scam, and you should ignore any alerts that this malicious software might generate.
Under no circumstance should you buy PC Defender 360 as this could lead to identity theft, and if you have, you should contact your bank and dispute the charge stating that the program is a scam and a computer virus.

How to remove PC Defender 360 virus (Removal Guide)

This page is a comprehensive guide, which will remove the PC Defender 360 infection from your your computer. Please perform all the steps in the correct order. If you have any questions or doubt at any point, STOP and ask for our assistance.
OPTION 1: Remove PC Defender 360 virus using its activation code
OPTION 2: Manually remove PC Defender 360 virus from your computer
OPTION 3: Remove PC Defender 360 virus with HitmanPro Kickstart USB stick


OPTION 1: Remove PC Defender 360 virus using its activation code

STEP 1: Activate PC Defender 360 to stop its malicious behavior

PC Defender 360 has hijacked the .EXE extension in your Windows Registry. This allows PC Defender 360 to launch before any application you start and to block it from running. To prevent this from happening, we can use the below code to register PC Defender 360.

  1. Open PC Defender 360 interface, click on the Registration button in the right top corner, then enter the below registration code.
    PC Defender 360 Activation Code: ?O?Z?L?W?I?T?F?Q?C?N?Y?K?V?H?S?E
    [Image: PC Defender 360 Activation Code]
  2. PC Defender 360 should now allow you to open your web browser and other programs.

Please keep in mind that entering the above registration code will NOT remove PC Defender 360 from your computer, instead it will just stop the fake alerts so that you’ll be able to complete this removal guide without being interrupted by this infection.

STEP 2: Repair your Windows Registry from PC Defender 360 malicious changes

PC Defender 360 has changed your Windows registry settings so that when you try to run a executable file, it will instead launch the infection rather than the desired program.

  1. You can download the registryfix.reg utility from the below link.
    REGISTRYFIX.REG DOWNLOAD LINK (This link will automatically download registryfix.reg on your computer)
  2. Double-click on the registryfix.reg, then click on Yes on the Registry Editor prompt window, then click on the OK button.
    Fix Windows registry after PC Defender 360 Windows registry fix

STEP 3: Remove PC Defender 360 virus with Malwarebytes Anti-Malware Free

Malwarebytes Anti-Malware Free is a powerful on-demand scanner which will remove PC Defender 360 malicious files from your computer.

  1. You can download Malwarebytes Anti-Malware Free from the below link, then double-click on the icon named mbam-setup.exe to install this program.
    MALWAREBYTES ANTI-MALWARE DOWNLOAD LINK(This link will open a download page in a new window from where you can download Malwarebytes Anti-Malware Free)
  2. When the installation begins, keep following the prompts in order to continue with the setup process, then at the last screen click on the Finish button.
    [Image: Malwarebytes Anti-Malware final installation screen]
  3. On the Scanner tab, select Perform quick scan, and then click on the Scan button to start searching for the PC Defender 360 malicious files.
    [Image: Malwarebytes Anti-Malware Quick Scan]
  4. Malwarebytes’ Anti-Malware will now start scanning your computer for PC Defender 360 virus as shown below.
    [Image: Malwarebytes Anti-Malware scanning for PC Defender 360
  5. When the Malwarebytes Anti-Malware scan has finished, click on the Show Results button.
    [Image: Malwarebytes Anti-Malware scan results]
  6. You will now be presented with a screen showing you the computer infections that Malwarebytes Anti-Malware has detected. Make sure that everything is Checked (ticked), then click on the Remove Selected button.
    [Image: Malwarebytes Anti-Malwar removing
  7. Once your computer will restart, open Malwarebytes Anti-Malware and perform a Full System scan to verify that there are no remaining threats.

STEP 4: Remove PC Defender 360 infection with HitmanPro

HitmanPro is a cloud on-demand scanner, which will scan your computer with 5 antivirus engines  for the PC Defender 360 infection.

  1. You can download HitmanPro from the below link:
    HITMANPRO DOWNLOAD LINK (This link will open a web page from where you can download HitmanPro)
  2. Double-click on the file named HitmanPro.exe (for 32-bit versions of Windows) or HitmanPro_x64.exe (for 64-bit versions of Windows). When the program starts you will be presented with the start screen as shown below.
    HitmanPro scanner
    Click on the Next button, to install HitmanPro on your computer.
    HitmanPro installation
  3. HitmanPro will now begin to scan your computer for PC Defender 360 trojan.
    HitmanPro detecting for PC Defender 360
  4. When it has finished it will display a list of all the malware that the program found as shown in the image below. Click on the Next button, to remove PC Defender 360 virus.
    HitmanPro scan results
  5. Click on the Activate free license button to begin the free 30 days trial, and remove all the malicious files from your computer.
    [Image: HitmanPro 30 days activation button]

OPTION 2: Manually remove PC Defender 360 virus from your computer

When PC Defender 360 has infected a computer, it will drop it’s malicious files in the C:\Documents and Settings\All Users\Application Data\ifdstore (Windows XP) or C:\ProgramData\ifdstore (Windows Vista, 7 or 8) folder, and add on your desktop a PC Defender 360.lnk shortcut. In the following steps, we will rename this malicious folder thus disabling this infection.

STEP 1: Display the hidden files and folders on your computer

Because the C:\ProgramData\ path is hidden by default, we will need to enable the Show hidden files and folders option.

  1. Click on the Start button, and click on Computer.
  2. Click Organize and choose Folder and Search Options. (Tools > Folder Options for Windows XP Users).
    Folder and Search Option
  3. Click the View tab, select Show hidden files, folders and drives, then click on Apply and then OK.
    Show hidden files, folders and drives

STEP 2: Rename the ifdstore folder to disable PC Defender 360 virus

  1. Browse to C:\Documents and Settings\All Users\Application Data\ (For Windows XP) or C:\ProgramData\ (For Windows Vista, 7 or 8), and find the ifdstore folder.
  2. Right click on the ifdstore folder, and select Rename from the context menu.
    [Image: PC Defender 360 malicious folder]
  3. Add a unique variation to the filename, such as _old (for example, ifdstore_old) or something random.
    [Image: PC Defender 360 malicious folder renamed]
  4. Restart your computer.

STEP 3: Fix your .Exe registry association to revert the PC Defender 360 hijack

  1. After a restart, copy the below text and paste into Notepad.
    Windows Registry Editor Version 5.00[HKEY_CLASSES_ROOT\.exe] @=”exefile”
    “Content Type”=”application/x-msdownload”
  2. In the Save as type filed, select All files , then save the file as fix.reg to your Desktop.
    [Image: Fix .exe file association ]
  3. Double-click on fix.reg, and click Yes for Registry Editor prompt window. Then click OK.

STEP 4: Remove PC Defender 360 virus from your computer, and fix your Windows registry

You should now be able to start your web browser, even if you have managed to disable PC Defender 360, its malicious files are still on your computer.
Now we will need to fix your Windows registry as seen in Option 1 on Step 2, and run a computer scan with Malwarebytes Anti-Malware and HitmanPro


OPTION 3: Remove PC Defender 360 virus with with HitmanPro Kickstart

If you cannot remove PC Defender 360 virus using the previous options, we can use the HitmanPro Kickstart program to bypass PC Defender 360 infection.
As the PC Defender 360 infection will prevent your from start your programs, you will need to create a bootable USB drive that contains the HitmanPro Kickstart program.
You will need a USB drive, which will have all of its data erased and will then be formatted. Therefore, only use a USB drive that does not contain any important data.

  1. Using a “clean” (non-infected) computer, please download HitmanPro Kickstart from the below link.
    HITMANPRO DOWNLOAD LINK (This link will open a download page in a new web page from where you can download HitmanPro Kickstart)
  2. Once HitmanPro has been downloaded, please insert the USB flash drive that you would like to erase and use for the installation of HitmanPro Kickstart. Then double-click on the file named HitmanPro.exe (for 32-bit versions of Windows) or HitmanPro_x64.exe (for 64-bit versions of Windows).
    To create a bootable HitmanPro USB drive, please follow the instructions from this video:
  3. Now, remove the HitmanPro Kickstart USB drive and insert it into the PC Defender 360 infected computer.
  4. Once you have inserted the HitmanPro Kickstart USB drive, turn off the infected computer and then turn it on. As soon as you power it on, look for text on the screen that tells you how to access the boot menu.
    [Image: Windows Boot Menu screens]
    The keys that are commonly associated with enabling the boot menu are F10, F11 or F12.
  5. Once you determine the proper key (usually the F11 key) that you need to press to access the Boot Menu, restart your computer again and start immediately tapping that key. Next, please perform a scan with HitmanPro Kickstart as shown in the video below.
  6. HitmanPro will now reboot your computer and Windows should start normally. Then you will need to fix your Windows registry as seen in Option 1 on Step 2, and run a computer scan with Malwarebytes Anti-Malware and HitmanPro

Your computer should now be free of the PC Defender 360 infection. If your current anti-virus solution let this infection through, you may want to consider purchasing the PRO version of Malwarebytes Anti-Malware to protect against these types of threats in the future, and perform regular computer scans with HitmanPro.
If you are still experiencing problems while trying to remove PC Defender 360 from your machine, please start a new thread in our Malware Removal Assistance forum.

How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.

    Shield Guide

    It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.

  2. Keep software and operating systems up-to-date.

    updates-guide

    Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.

  3. Be careful when installing programs and apps.

    install guide

    Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."

  4. Install an ad blocker.

    Ad Blocker

    Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.

  5. Be careful what you download.

    Trojan Horse

    A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.

  6. Be alert for people trying to trick you.

    warning sign

    Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.

  7. Back up your data.

    backup sign

    Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.

  8. Choose strong passwords.

    lock sign

    Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.

  9. Be careful where you click.

    cursor sign

    Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.

  10. Don't use pirated software.

    Shady Guide

    Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.

Leave a Comment