Windows Attacks Defender removal guide

Remove Windows Attacks Defender (Uninstall Guide)

Windows Attacks Defender  is a malicious software that will display fake alerts, claiming malware has been detected on your computer.

In reality, none of the issues are real, and are only used to scare you into buying Windows Attacks Defender and stealing your personal financial information.

We strongly advise you to follow our Windows Attacks Defender removal guide and ignore any alerts that this malicious software might generate.Under no circumstance should you buy this rogue security software as this can lead to identity theft.

If you’ve got a Windows Attacks Defender   infection , you’ll be seeing this screens :

[Image: Windows Attacks Defender]

[Image: Windows Attacks Defender scan]

[Image: Windows Attacks Defender alert]

Registration codes for Windows Attacks Defender

You can use the following registration code to register this malicious software and stop the fake alerts.

0W000-000B0-00T00-E0020

Please keep in mind that entering the above registration code will NOT remove Windows Attacks Defender from your computer , instead it will just stop the fake alerts so that you’ll be able to complete our removal guide without being interrupted by this rogue.

Removal guide for Windows Attacks Defender

STEP 1 : Start your computer in Safe Mode with Networking

To boot into Safe Mode with Networking press and hold the F8 key as your computer restarts.
On the Advanced Boot Options screen, use the arrow keys to highlight Safe Mode with Networking , and then press ENTER

[Image: Safemode.jpg]

STEP 2 : Remove Windows Attacks Defender malicious proxy server which is preventing the you from accessing the internet.

Open Internet Explorer → Click on the gear icon [Image: icongear.png] (Tools for Windows XP Users) → Select Internet Options → Connections tab → Click on LAN Settings → Uncheck the option Use a proxy server for your LAN
[Image: Windows Attacks Defender   2012-ie3]

If you are a Firefox users, go to Firefox(upper left corner) → Options → Advanced tab → Network → Settings → Select No Proxy

STEP 3: Run RKill to terminate Windows Attacks Defender malicious processes

  1. While your computer is  in Safe Mode with Networking ,download and run RKill to terminate Windows Attacks Defender malicious processes.
    downloadnow
  2. Run Rkill , when the program has completed its task, it will generate a log. You can then proceed with the rest of the guide.
    [Image: rkill3.jpg]

WARNING: Do not reboot your computer after running RKill as the malware process will start again , preventing you from properly performing the next step.

STEP 4: Download and scan with Malwarebytes Anti-Malware FREE to remove Windows Attacks Defender malicious files from your computer.

  1. Download and run Malwarebytes Anti-Malware FREE
    downloadnow
  2. Install Mawlarebytes Anti-Malware by following the prompts. Do not make any changes to the default installation settings and do not restart your computer if asked so.
    [Image: Windows Attacks Defender  mbam2.png]
  3. On the Scanner tab,please select Perform full scan and then click on the Scan button to start scanning your computer for any possible infections.
    [Image: Windows Attacks Defender  mbam4.png]
  4. When the scan is finished click the ‘OK‘ button and then you will be presented with a screen showing you the malware infections that Malwarebytes’ Anti-Malware has detected.
    Make sure that everything is Checked (ticked) and click on Remove Selected button.
    [Image: Windows Attacks Defender  mbam6.png]
  5. Malwarebytes’ Anti-Malware will now start removing the malicious files.
    If during the removal process Malwarebytes will display a message stating that it needs to reboot, please allow this request.
    [Image: Windows Attacks Defender  mbam10.png]

STEP 5: Download ans scan with HitmanPro to double check your system for any left over infections.

  1. This step can be performed in Normal Mode ,so please download the latest official version of HitmanPro.
    downloadnow
  2. Start HitmanPro  by double clicking on the previously downloaded file. and then following the prompts.
    [Image: hitmanproscan4.png]
  3. Once the scan is complete, a screen displaying all the malicious files that the program found will be shown as seen in the image below.After reviewing each malicious object click Next .
    [Image: hitmanproscan5.png]
  4. Click Activate free license to start the free 30 days trial and remove the malicious files.
    [Image: hitmanproscan6.png]
  5. HitmanPro will now start removing the infected objects, and in some instances, may suggest a reboot in order to completely remove the malware from your system. In this scenario, always confirm the reboot action to be on the safe side.
    [Image: hitmanproscan7.png]

STEP 6: Remove the residual damage from Windows Attacks Defender

Windows Attacks Defender may also modify your HOSTS file default settings, which can cause browser redirects or errors while trying to access antivirus and security websites.
To protect itself, Windows Attacks Defender has changed the permissions of the HOSTS file so you can’t edit or delete it.

  1. Please download the following batch file to revert your HOSTS file permissions:
    .bat  hostfix.bat (Size: 134 bytes)
  2. Click on hostfix.bat and allow this file to run.Once it starts you will see a small black window that opens and then quickly goes away, then you should be able access your HOSTS file.
  3. Please download and run the below file from Microsoft to revert your host file to its original settings.Please note that if you have added custom entries to your HOSTS file then you will need to add them again after restoring the default HOSTS file.
    downloadnow

If you are still experiencing problems on your machine, please start a new thread in our Malware Removal Assistance forum.

For more detailed instructions on how to perform each step, you can read our Windows Attacks Defender Complete Removal guide

How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.

    Shield Guide

    It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.

  2. Keep software and operating systems up-to-date.

    updates-guide

    Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.

  3. Be careful when installing programs and apps.

    install guide

    Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."

  4. Install an ad blocker.

    Ad Blocker

    Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.

  5. Be careful what you download.

    Trojan Horse

    A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.

  6. Be alert for people trying to trick you.

    warning sign

    Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.

  7. Back up your data.

    backup sign

    Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.

  8. Choose strong passwords.

    lock sign

    Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.

  9. Be careful where you click.

    cursor sign

    Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.

  10. Don't use pirated software.

    Shady Guide

    Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.

Leave a Comment