Spyware descriptions, detection and removal

Malware Protection Center

January 26th, 2012
Home » Rogue Antispyware » Malware Protection Center

Repair and protect your computer easily. Download Malware Protection Center removal tool

Malware Protection Center description

Malware Protection Center is a typical rogue program. It mimics security warnings to appear functional and it demands paying for those nonexistent services. Do not purchase Malware Protection Center! It’s a fraud and it’s useless.

The goal of Malware Protection Center is pushing its victims into giving their money away. It uses annoying and fraudulent tricks to intimidate people.

Malware Protection Center constantly loads numerous pop-ups supposedly reporting dangerous threats. The files reported by Malware Protection Center as infections are either made up or installed by the fraud itself. The rogue also blocks regular security tools to prevent removal. Do not trust Malware Protection Center and remove it upon sight.

Manual Malware Protection Center Removal

Malware Protection Center processes:

tjd.exe
runddlkey.exe
kernel32.exe
eb.exe
MPa76.exe
ScanDisk_.exe
Help: A Guideline of Killing Malicious Processes

Malware Protection Center registry values:

HKEY_CURRENT_USER\Software\3
HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_CLASSES_ROOT\MP3d5_8029.DocHostUIHandler
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://findgala.com/?&uid=8040&q={searchTerms}"
HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://findgala.com/?&uid=8040&q={searchTerms}"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "PRS" = "http://127.0.0.1:27777/?inj=%ORIGINAL%"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "88680791803"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "update/208040"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "DisallowRun" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "0" = "msseces.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "1" = "MSASCui.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "10" = "avgscanx.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "11" = "avgcfgex.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "12" = "avgemc.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "13" = "avgchsvx.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "14" = "avgcmgr.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "15" = "avgwdsvc.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "2" = "ekrn.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "3" = "egui.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "4" = "avgnt.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "5" = "avcenter.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "6" = "avscan.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "7" = "avgfrw.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "8" = "avgui.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "9" = "avgtray.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Malware Protection Center"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = "no"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpm.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aAvgApi.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adaware.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agentsvr.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zatutor.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zonalm2601.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zonealarm.exe
Help: How to edit windows registry entries

Malware Protection Center DLLs:

std.dll
PE.dll
energy.dll
mozcrt19.dll
sqlite3.dll

Other malicious Malware Protection Center files:

%AppData%\Malware Protection Center\
%AppData%\Malware Protection Center\cookies.sqlite
%AppData%\Malware Protection Center\Instructions.ini
%AppData%\Malware Protection Center\ScanDisk_.exe
%AppData%\Microsoft\Internet Explorer\Quick Launch\Malware Protection Center.lnk
%CommonAppData%\79b35\
%CommonAppData%\79b35\MPa76.exe
%CommonAppData%\79b35\MPC.ico
%CommonAppData%\79b35\5162.mof
%CommonAppData%\79b35\mozcrt19.dll
%CommonAppData%\79b35\sqlite3.dll
%CommonAppData%\79b35\BackUp\
%CommonAppData%\79b35\BackUp\Adobe Reader Speed Launch.lnk
%CommonAppData%\79b35\BackUp\Adobe Reader Synchronizer.lnk
%CommonAppData%\79b35\MPCSys\
%CommonAppData%\79b35\Quarantine Items\
%CommonAppData%\MPOSBTAPBMC\
%CommonAppData%\MPOSBTAPBMC\MPYYBEYC.cfg
%Desktop%\Malware Protection Center.lnk
%UserProfile%\Recent\cb.drv
%UserProfile%\Recent\eb.exe
%UserProfile%\Recent\eb.sys
%UserProfile%\Recent\energy.dll
%UserProfile%\Recent\energy.drv
%UserProfile%\Recent\kernel32.exe
%UserProfile%\Recent\kernel32.tmp
%UserProfile%\Recent\PE.dll
%UserProfile%\Recent\PE.drv
%UserProfile%\Recent\PE.sys
%UserProfile%\Recent\PE.tmp
%UserProfile%\Recent\runddlkey.exe
%UserProfile%\Recent\SM.tmp
%UserProfile%\Recent\snl2w.sys
%UserProfile%\Recent\std.dll
%UserProfile%\Recent\std.drv
%UserProfile%\Recent\tjd.exe
%StartMenu%\Malware Protection Center.lnk
%StartMenu%\Programs\Malware Protection Center.lnk

The manual removal of files and registries should be performed by experienced users. A system can be badly affected if any error is done during the manual removal. We recommend using automatic removal tools to delete Malware Protection Center, if you are not familiar with deleting malware manually.

Spyware Doctor for Malware Protection Center removal

Tags: Malware Protection Center Malware ProtectionCenter MalwareProtection Center MalwareProtectionCenter

Trackbacks /
Pingbacks

AV Security Essentials removal guide

Spyware descriptions, detection and removal

Malware Protection Center

Malware Protection Center description

Manual Malware Protection Center Removal

Trackbacks / Pingbacks

Leave a Reply

Trackbacks /
Pingbacks