Home Malware Programs Rogue Anti-Spyware Programs Malware Protection Center

Malware Protection Center

Posted: January 24, 2012

Threat Metric

Threat Level: 10/10
Infected PCs: 37
First Seen: January 24, 2012
Last Seen: August 17, 2022
OS(es) Affected: Windows

Malware Protection Center Screenshot 1Malware Protection Center is a fake anti-spyware application that has no genuine ability to find or delete PC threats from your computer. In spite of this, Malware Protection Center will continue to pretend that Malware Protection Center has such functions by creating fraudulent warning messages and scanner results. SpywareRemove.com malware researchers recommend that you delete Malware Protection Center using a genuine anti-malware tool whenever possible, since there's no benefit to keeping Malware Protection Center around and because Malware Protection Center's presence may also hamper your security by blocking system utilities or hijacking your browser. Under no circumstances should you ever heed Malware Protection Center's advice to purchase its full version or take its recommendations regarding threats to your PC that are, in all likelihood, nonexistent.

A Center That Plays Host to Lying Pop-ups

Rogue antispyware programs like Malware Protection Center often proliferate by using Zlob Trojans or drive-by-download scripts that are embedded in fake movie player updates or fake system scans. Simple caution around suspicious websites and acquisition of updates only from official sources will allow you to avoid probable routes of attack by Malware Protection Center and related PC threats. However, once on your PC, Malware Protection Center will attempt to beguile its way into your trust by implying that a wide range of problems has befallen your computer – and that Malware Protection Center can remove them all if you bother to purchase its complete version for a 'low' price.

However, this marketing method is just another scam to make you spend money on fake software, similar to the same hoaxes that are in use by Malware Protection Center's clones from the FakeCog (CoreGuard) family, which include (among others) PC Protection Center 2008, CoreGuard Antivirus 2009, Protection System, Paladin Antivirus, Dr.Guard, User Protection, Your Protection, Digital Protection, Data Protection, Protection Center, Defense Center, AnVi, PC Protection Center, Virus.DOS.RogueAntiSpyware and Fraud.Defense Center. SpywareRemove.com malware analysts recommend that you treat any PC threat that resembles Malware Protection Center to be just as hostile and ignore their fake warning messages and other attempts at fraudulent communication. You can recognize some of this family's warning messages from the samples noted here:

Security Center Alert
To help protect your computer, Security Center has blocked some features of this program.
Name: Win64.BIT.Looker.exe
Risk: High

ERROR MESSAGE:
Warning
Warning! Virus detected
Threat Detected: Trojan-Spy.HTML.Sunfraud.a

Security Center
Unauthorized remote connection!
Your system is making an unauthorized personal data transfer to a remote computer!
Warning! Unauthorized personal data transfer is detected! It may be your personal credit card details, logins and passwords, browsing habits or information about files you have downloaded.
To protect your private data, please click 'Prevent Connection' button below.

System warning
No real-time malware, spyware and virus protection was found. Click here to activate.

WARNING! 371 threats detected
Detected malicious programs can damage your computer and compromise your privacy. It’s strongly recommended to remove them immediately [sic]!
Potential risks: Infecting other computers on your network
Continue unprotected Remove all threats now

Warning! Identity theft attempt detected
Hidden connection IP: 128.154.26.11
Target: Microsoft Corporation keys

Insecurity Internet activity. Threat of virus attack
Due to insecure Internet browsing your PC can easily get infected with viruses, worms and Trojans without knowledge, and that can lead to system slowdown, freezes and crashes. Also insecure Internet activity can result in revealing your personal information. To get full advanced real-time protection for PC and Internet activity, register your antivirus software.

Malware Protection Center – Only Interested in Protecting Itself

In addition to its fraudulent errors and warnings, Malware Protection Center may also cause other issues for your PC that are symptomatic of its family of scamware. Common related problems that SpywareRemove.com malware experts have noted tend to include:

  • Browser redirect attacks that force your browser to load Malware Protection Center's site or block its ability to load PC security sites.
  • The creation of junk files (often in .dll or .sys formats) that Malware Protection Center accuses of being the result of unrelated infections, such as Trojans.
  • Blocked anti-malware, security and system analysis applications.

In most cases, you can avoid these attacks by disabling Malware Protection Center and related PC threats in Safe Mode, although more advanced methods (such as loading a secondary OS) can also be used. Although SpywareRemove.com malware researchers discourage attempts to remove Malware Protection Center without disabling Malware Protection Center first or without assistance from dedicated anti-malware scanners, permanent damage from a Malware Protection Center infection can be considered an unlikely result.

Malware Protection Center Screenshot 2Malware Protection Center Screenshot 3Malware Protection Center Screenshot 4Malware Protection Center Screenshot 5Malware Protection Center Screenshot 6Malware Protection Center Screenshot 7

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%ALLUSERSPROFILE%\2cecca\MalwarePC.exe File name: MalwarePC.exe
Size: 3.38 MB (3384320 bytes)
MD5: 94663391f5c8f907f8dd91720904a291
Detection count: 89
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\2cecca
Group: Malware file
Last Updated: January 24, 2012
%ALLUSERSPROFILE%\Application Data\371db\MP3aa.exe File name: MP3aa.exe
Size: 6.37 MB (6373376 bytes)
MD5: 2e3664cce7e8e89cd5d83187392229f2
Detection count: 16
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Application Data\371db
Group: Malware file
Last Updated: August 17, 2022
%AppData%\Malware Protection Center\Instructions.ini File name: %AppData%\Malware Protection Center\Instructions.ini
Mime Type: unknown/ini
Group: Malware file
%CommonAppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].cfg File name: %CommonAppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].cfg
Mime Type: unknown/cfg
Group: Malware file
%AppData%\Microsoft\Internet Explorer\Quick Launch\Malware Protection Center.lnk File name: %AppData%\Microsoft\Internet Explorer\Quick Launch\Malware Protection Center.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%Desktop%\Malware Protection Center.lnk File name: %Desktop%\Malware Protection Center.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%Programs%\Malware Protection Center.lnk File name: %Programs%\Malware Protection Center.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%StartMenu%\Malware Protection Center.lnk File name: %StartMenu%\Malware Protection Center.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%AppData%\Malware Protection Center\ScanDisk_.exe File name: %AppData%\Malware Protection Center\ScanDisk_.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
%CommonAppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe File name: %CommonAppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
%CommonAppData%\[RANDOM CHARACTERS]\ISG.ico File name: %CommonAppData%\[RANDOM CHARACTERS]\ISG.ico
Mime Type: unknown/ico
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

File name without pathMalware Protection Center.lnkHKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Malware Protection Center" "%CommonAppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe" /s /d

Related Posts

Loading...