Windows Defence
Windows Defence is a rogue anti-spyware application. Windows Defence can spread via system vulnerabilities, fake video codecs or infected documents and pdf files. Once Windows Defence is inside a system it will simulate a fake system scan that will report the detection of numerous malware infections. Windows Defence will also generate fake pop-ups and security alerts to further alarm a victim and coerce him/her into purchasing its 'full version' to remove all the 'detected' malware. The full version of Windows Defence does not exist and this rogueware is not able to detect or remove real computer malware.
File System Details
Windows Defence may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. |
C:\Documents and Settings\ |
|
| 2. |
C:\Documents and Settings\ |
|
| 3. |
C:\Documents and Settings\ |
|
| 4. |
C:\Documents and Settings\ |
|
| 5. | c:\protocol.log | |
| 6. |
C:\Documents and Settings\ |
|
| 7. | %UserProfile%\Local Settings\Application Data\\ | |
| 8. |
C:\Documents and Settings\ |
|
| 9. |
C:\Documents and Settings\ |
Registry Details
Windows Defence may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\smmservice
HKEY_USERS\.DEFAULT\Software\DefenceCenter
