Remove Rogue Antivirus Defense Center (defcnt.exe) - gHacks Tech News

Remove Rogue Antivirus Defense Center (defcnt.exe)

Rogue antivirus programs like Defense Center look on first glance as valid security software that protects a computer system from threats. On second glance though they usually displays non-existing infections deliberately, usually to convince users to upgrade to a premium version to remove those infections or to buy another software that cleans them.

Defense Center is just one of the many rogue antivirus available on the Internet. The interface looks like that of legit security programs, displaying security status, firewall, antivirus and antispyware protection, and more.

The program scans the computer system and display a number of non-existing infections to the user. Users can verify that the listed files are not infected by uploading them to services such as Virustotal, which checks the files using more than 40 different antivirus engines.

defense center
defense center

Defense Center displays a variety of warnings and alerts to the user, including:

  • Warning! Virus threat detected! Virus activity detected!
  • Warning! Adware detected! Adware module detected on your PC!
  • Warning! Network attack detected! Network intrusion detected!
  • Danger! A security threat detected on your computer.
  • Danger! Harmful viruses detected on your computer.

The fake antivirus software is either installed deliberately by the user, or by trojans and other security exploits. The program tries to remove existing antivirus solutions from the operating system, to make the detection and removal more difficulty.

Defense Center can be removed manually or automatically.

Defense Center Automatic Removal

Automatic removal of Defense Center is usually the better option, considering that it may be that additional malicious software has been loaded onto the computer system.

Free security tools that detect and remove Defense Center are for instance:

Please note that you may need to start your computer in Safe Mode to get rid of Defense Center completely. This can be done by pressing F8 during boot. Just tap the key until you see the Windows Advanced Options Menu, select Safe Mode from the list to boot into Safe Mode.

Defense Center Manual Removal

This requires the deletion of files and Registry entries. Some of these files may be locked if they are in use. The best option is to use a boot CD or boot the computer into Safe mode to remove the files and Registry entries:

Defense Center processes that may be running and need to be stopped: This can be done by pressing Ctrl-Shift-Esc to fire up the Windows Task Manager, switching to the Processes tab, selecting the processes and clicking End Process.

Uninstall.exe
spam001.exe
spam003.exe
defcnt.exe
troj000.exe

Make sure to delete all files in the commonprograms and programfiles directories.

%appdata%\microsoft\internet explorer\quick launch\Defense Center.lnk
%desktop%\Defense Center support.lnk
%desktop%\Defense Center.lnk
%commonprograms%\Defense Center\
%programfiles\Defense Center\

Open the Registry Editor with the shortcut Windows-R, type regedit in the runbox and hit enter.

HKLM\SOFTWARE\Defense Center
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Defense Center
HKCU\Software\Microsoft\Windows\CurrentVersion\Run “Defense Center”
HKCR\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}

Security Precautions

Defense Center managed to get on your computer once, chance is that the security solutions in place are not efficient enough. Take a look at the following security measures to avoid future infections:

  • Make sure your operating system and the software installed is up to date. This is especially important for the web browser used to surf the Internet.
  • If you do not have security software installed, do so immediately. Free options are Microsoft Security Essentials, Avast Antivirus or AVG

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

  1. Bob Smith said on July 20, 2010 at 2:15 am
    Reply

    Looks very Sexy LOL.
    Um, if you can (I did not read the article since I use Haiku OS!!!!!!!!!!) Go to your C:/drive and click program files folder and find it from there (it it is there…) and delete it, then scan and whatever, thanks goes to srajure on youtube!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.