PC Defender 360 virus (description and removal)

PC Defender 360.lnk

PC Defender 360 is a fake antivirus, the successor of PC Defender Plus scam. Its process is called pcdefender.exe , whereas the typical location in all operating systems is a folder called ifdstore . The methods of its removal from the infected computer vary depending on the type of the operating system which got attacked by the rogue. In this guide we explain how to remove PC Defender 360 malware both in Windows XP and in Windows Vista, 7 & 8 OS versions.

PC Defender 360 screenshot:

PC Defender 360 screenshot

PC Defender 360 is a malware, the product of cyber hackers and frauds. Instead of inventing powerful security software they created another rogue software that simply claims to be able to remove threats, but in reality it is not able even to identify them. So, as you see, this software is totally idle and unable to help you. Once you detect it on your PC make sure to remember what we told you in this article. You’re dealing with a rogue anti-spyware application that mimics a real PC scan, instead of actually running it.

PC Defender 360 scam is famous for its fake PC Defender 360 Firewall Alert. The malware reports all legitimate executables (programs) as malicious, including all installed Internet browsers, security programs, Task Manager, cmd.exe, taskkill.exe and other legitimate Windows files. The following alert comes up in each of such attempts:

PC Defender 360 Firewall Alert
launcher.exe is infected with Trojan-Downloader.JS.Agent.ftu. Private data can be stolen by third parties, including credit card details and passwords.
Name: launcher.exe
Version: 5.1.2600.5512 (xpsp.080413-2111)
Company: Microsoft Corporation
Location: C:\WINDOWS\system32\launcher.exe
Windows recommends activating PC Defender 360.
Click Activate to register your copy of PC Defender 360 and perform threat removal on your system.

PC Defender 360 Firewall Alert

There are many ways how infections like PC Defender 360 may enter your system. In the majority of cases this happens because of the poor security level on your PC. This means that the legitimate anti-virus program you have on your system failed to do its job due to outdated anti-virus database of it. Some users, in fact, prefer not to have any antivirus tool at all. In such cases there is nothing to be surprised about when pests like this one enter your system.

Fake security alerts and warnings of PC Defender 360 rogue:

Security Alert
Vulnerabilities Found
Background scan for security breaches has been finished. Serious problems have been detected. Safeguard your system against exploits, malware and viruses right now by activating Proactive Defence.
Upgrade to full version of PC Defender 360 software package now! Clean your system and ward off new attacks against your system integrity and sensitive data. FREE daily updates and online protection from web-based intrusions are already in the bundle.

Security Alert
Unknown program is scanning your system registry right now! Identity theft detected!
Threat: Hoax.HTML.OdKlas.a

What you should do initially is ignore the fake alerts, notifications and warnings of PC Defender 360 when it runs its fake scans and reports many bogus threats. The aim of the rogue is to lead you to the fake payment processing page where users are prompted to effect the payment for the so-called licensed version of this badware program. Do not make the mistake some users have made when they actually shared their credit card information with the crooks and thus wasted their funds when they bought the totally useless software known as PC Defender 360. To remove this scam from your system you’re recommended to follow the removal instructions below.

PC Defender 360 removal instructions:

  1. Download the installer of Plumbytes Anti-Malware’s latest version from a clean computer through the address https://www.system-tips.net/download.php
  2. Save the installer of Plumbytes Anti-Malware onto your USB Flash (jump) drive.
  3. Copy the installer of Plumbytes Anti-Malware onto your infected PC through USB Flash drive (Memory Stick).
  4. Run Plumbytes Anti-Malware’s installer as Administrator by right-clicking its installer and selecting such option. In Windows XP click “Run as…” and select “Protect my computer and data from unauthorized program activity“. Click OK.
  5. Install the program but do not yet run Anti-Malware. Uncheck the option to run Anti-Malware at the end of its installation.
  6. Run Plumbytes Anti-Malware exe-file as Administrator by right-clicking its desktop icon and choosing such option. In Windows XP click “Run as…” and select “Protect my computer and data from unauthorized program activity“. Click OK.
  7. Run scan with Anti-Malware and remove all infections found.
  8. Restart your computer and repeat scan in the case of necessity.

Example of removal in Windows 7:

Example of removal in Windows XP:

PC Defender360 manual removal information:

Associated files:

%commonappdata%\ifdstore\
%commondesktopdir%\PC Defender 360.lnk

Associated registry entries:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ifdstore

PC Defender 360 typical location in Windows XP:

C:\Documents and Settings\All Users\Application Data\ifdstore

Important! To find the location of ifdstore folder make sure you can view/see hidden files of your computer. Visit this guide for additional information.

PC Defender 360 location in Windows XP

PC Defender 360 typical location in Windows Vista, 7 & 8:

C:\Program Data\ifdstore

PC Defender 360 location in Windows 7

File Location implications:
%Desktop% implies that the file is located straight on your PC’s desktop. The full and detailed location is C:\DOCUMENTS AND SETTINGS\Current User\Desktop\ for Windows 2000/XP, and C:\Users\Current User\Desktop\ for Windows Vista and Windows 7.
%Temp% stands for the Windows Temp folder. By default, it has the location C:\Windows\Temp for Windows 95/98/ME, C:\DOCUMENTS AND SETTINGS\Current User\LOCAL SETTINGS\Temp for Windows 2000/XP, and C:\Users\Current User\AppData\Local\Temp for Windows Vista and Windows 7.
%AppData% means the current users Application Data folder. By default, it has the location C:\Documents and Settings\Current User\Application Data for Windows 2000/XP. For Windows Vista and Windows 7 it is C:\Users\Current User\AppData\Roaming.
%StartMenu% stands for the Windows Start Menu. For Windows 95/98/ME the location is C:\windows\start menu\, for Windows XP, Vista, NT, 2000 and 2003 it stands for C:\Documents and Settings\Current User\Start Menu\, and for Windows Vista/7 it is C:\Users\Current User\AppData\Roaming\Microsoft\Windows\Start Menu.
%CommonAppData% means the Application Data folder in the All Users profile. For Windows XP, Vista, NT, 2000 and 2003 it has the location C:\Documents and Settings\All Users\Application Data\, and for Windows Vista/7 it is C:\ProgramData.

Leave a Comment

Your email address will not be published. Required fields are marked *