Help Net Security
Help Net Security

Rogue software details: Defense Center

Defense Center is a rogue security application. In order to remove it, find out what files and registry entries to look for below.

Known system changes:

Files
c:\Desktop\Defense Center.lnk
c:\Desktop\Defense Center Support.lnk
c:\ProgramFiles\Defense Center\defcnt.exe
c:\Temp\esentutl64.exe
c:\Temp\wscsv32.exe

Folders
c:\ProgramFiles\Defense Center
c:\StartMenu\Programs\Defense Center

Registry entries
Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\
CurrentVersion\Policies\System
Value: DisableTaskMgr
Data: 01, 00, 00, 00
Key: HKEY_CURRENT_USER\Software\Secure Computing
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Program Groups
Key: HKEY_CURRENT_USER\Software\Malware Defense
Key: HKEY_CURRENT_USER\Software\Paladin Antivirus
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Defense Center
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Uninstall\Defense Center
Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\
CurrentVersion\Run
Value: Defense Center
Data: “C:\Program Files\Defense Center\defcnt.exe” -noscan

Source: Lavasoft Malware Lab’s Rogue Gallery.

Featured news

Sponsored

Don't miss