Windows Defence is a clone of the Defence Center malware.
It is spread by system vulnerabilities, fake video codecs or infected documents and pdf files. You can also get infected if your PC runs out dated version of Microsoft Windows, as Windows Defence might exploit DLL and shortcut vulnerabilities as attack point. The parasite is similar to other rogues in many ways.
The first symptom of Windows Defense infection is a fake control center (blue shield with lightning) icon in windows task bar. After that you get bombarded by countless alerts and popups that inform you about various infections, hacker attacks and vulnerabilities and you are required to do a Windows Defence scan.
This scan provides fake results: non-existing infected files (you can not find them on your PC for manual deletion) or system files (their deletion would cripple your PC). Then Windows Defense center will ask to pay around 70 USD for removing these threats. Do not pay for it! Your credit card details will be known to creators of Windows Defence, who will surely misuse this information.
Removal:
Kill malicious Processes from Task Manager:
- smmservice.exe
Location of the infection:
- c:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\smmservice.exe
Registry Entries to be removed. (Take a backup of registry, before editing it)
- HKEY_USERS\.DEFAULT\Software\DefenceCenter
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\smmservice
Although it is possible to manually remove Windows Defence, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend malware and spyware removal applications.
After removing all these files, restart your computer and the issue will be fixed. And don’t forget to do update your Security Software, check the Firewall Settings and the Operating System and finally do a full system scan with the Security Software.
0 comments:
Post a Comment