Malware Protection Center
Posted: January 24, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 37 |
| First Seen: | January 24, 2012 |
|---|---|
| Last Seen: | August 17, 2022 |
| OS(es) Affected: | Windows |
Malware Protection Center is a fake anti-spyware application that has no genuine ability to find or delete PC threats from your computer. In spite of this, Malware Protection Center will continue to pretend that Malware Protection Center has such functions by creating fraudulent warning messages and scanner results. SpywareRemove.com malware researchers recommend that you delete Malware Protection Center using a genuine anti-malware tool whenever possible, since there's no benefit to keeping Malware Protection Center around and because Malware Protection Center's presence may also hamper your security by blocking system utilities or hijacking your browser. Under no circumstances should you ever heed Malware Protection Center's advice to purchase its full version or take its recommendations regarding threats to your PC that are, in all likelihood, nonexistent.
A Center That Plays Host to Lying Pop-ups
Rogue antispyware programs like Malware Protection Center often proliferate by using Zlob Trojans or drive-by-download scripts that are embedded in fake movie player updates or fake system scans. Simple caution around suspicious websites and acquisition of updates only from official sources will allow you to avoid probable routes of attack by Malware Protection Center and related PC threats. However, once on your PC, Malware Protection Center will attempt to beguile its way into your trust by implying that a wide range of problems has befallen your computer – and that Malware Protection Center can remove them all if you bother to purchase its complete version for a 'low' price.
However, this marketing method is just another scam to make you spend money on fake software, similar to the same hoaxes that are in use by Malware Protection Center's clones from the FakeCog (CoreGuard) family, which include (among others) PC Protection Center 2008, CoreGuard Antivirus 2009, Protection System, Paladin Antivirus, Dr.Guard, User Protection, Your Protection, Digital Protection, Data Protection, Protection Center, Defense Center, AnVi, PC Protection Center, Virus.DOS.RogueAntiSpyware and Fraud.Defense Center. SpywareRemove.com malware analysts recommend that you treat any PC threat that resembles Malware Protection Center to be just as hostile and ignore their fake warning messages and other attempts at fraudulent communication. You can recognize some of this family's warning messages from the samples noted here:
Security Center Alert
To help protect your computer, Security Center has blocked some features of this program.
Name: Win64.BIT.Looker.exe
Risk: High
ERROR MESSAGE:
Warning
Warning! Virus detected
Threat Detected: Trojan-Spy.HTML.Sunfraud.a
Security Center
Unauthorized remote connection!
Your system is making an unauthorized personal data transfer to a remote computer!
Warning! Unauthorized personal data transfer is detected! It may be your personal credit card details, logins and passwords, browsing habits or information about files you have downloaded.
To protect your private data, please click 'Prevent Connection' button below.
System warning
No real-time malware, spyware and virus protection was found. Click here to activate.
WARNING! 371 threats detected
Detected malicious programs can damage your computer and compromise your privacy. It’s strongly recommended to remove them immediately [sic]!
Potential risks: Infecting other computers on your network
Continue unprotected Remove all threats now
Warning! Identity theft attempt detected
Hidden connection IP: 128.154.26.11
Target: Microsoft Corporation keys
Insecurity Internet activity. Threat of virus attack
Due to insecure Internet browsing your PC can easily get infected with viruses, worms and Trojans without knowledge, and that can lead to system slowdown, freezes and crashes. Also insecure Internet activity can result in revealing your personal information. To get full advanced real-time protection for PC and Internet activity, register your antivirus software.
Malware Protection Center – Only Interested in Protecting Itself
In addition to its fraudulent errors and warnings, Malware Protection Center may also cause other issues for your PC that are symptomatic of its family of scamware. Common related problems that SpywareRemove.com malware experts have noted tend to include:
- Browser redirect attacks that force your browser to load Malware Protection Center's site or block its ability to load PC security sites.
- The creation of junk files (often in .dll or .sys formats) that Malware Protection Center accuses of being the result of unrelated infections, such as Trojans.
- Blocked anti-malware, security and system analysis applications.
In most cases, you can avoid these attacks by disabling Malware Protection Center and related PC threats in Safe Mode, although more advanced methods (such as loading a secondary OS) can also be used. Although SpywareRemove.com malware researchers discourage attempts to remove Malware Protection Center without disabling Malware Protection Center first or without assistance from dedicated anti-malware scanners, permanent damage from a Malware Protection Center infection can be considered an unlikely result.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%ALLUSERSPROFILE%\2cecca\MalwarePC.exe
File name: MalwarePC.exeSize: 3.38 MB (3384320 bytes)
MD5: 94663391f5c8f907f8dd91720904a291
Detection count: 89
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\2cecca
Group: Malware file
Last Updated: January 24, 2012
%ALLUSERSPROFILE%\Application Data\371db\MP3aa.exe
File name: MP3aa.exeSize: 6.37 MB (6373376 bytes)
MD5: 2e3664cce7e8e89cd5d83187392229f2
Detection count: 16
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Application Data\371db
Group: Malware file
Last Updated: August 17, 2022
%AppData%\Malware Protection Center\Instructions.ini
File name: %AppData%\Malware Protection Center\Instructions.iniMime Type: unknown/ini
Group: Malware file
%CommonAppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].cfg
File name: %CommonAppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].cfgMime Type: unknown/cfg
Group: Malware file
%AppData%\Microsoft\Internet Explorer\Quick Launch\Malware Protection Center.lnk
File name: %AppData%\Microsoft\Internet Explorer\Quick Launch\Malware Protection Center.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%Desktop%\Malware Protection Center.lnk
File name: %Desktop%\Malware Protection Center.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%Programs%\Malware Protection Center.lnk
File name: %Programs%\Malware Protection Center.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%StartMenu%\Malware Protection Center.lnk
File name: %StartMenu%\Malware Protection Center.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%AppData%\Malware Protection Center\ScanDisk_.exe
File name: %AppData%\Malware Protection Center\ScanDisk_.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%CommonAppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe
File name: %CommonAppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%CommonAppData%\[RANDOM CHARACTERS]\ISG.ico
File name: %CommonAppData%\[RANDOM CHARACTERS]\ISG.icoMime Type: unknown/ico
Group: Malware file
Registry Modifications
File name without pathMalware Protection Center.lnkHKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Malware Protection Center" "%CommonAppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe" /s /d
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.