(Thanks to rogueamp)
If you choose to fix supposedly found problems you will get Antivirus software error message. It will claim that you have requested the function that requires installed antivirus software.
If you click on the "Install antivirus" button you will get another window with a form that you supposedly have to fill-in in order to get your activation code.
While running, SP Center will also display fake security warnings. The text of this warning is:
Warning!
SP Center did not find any antivirus software on this computer! Traces of discreditable (for example, the history of visiting adults sites) and security exposure have been found. Click this notification to eliminate vulnerability immediately!
Furthermore, this fake program may block legitimate anti-malware software and hijack Internet Explorer. It may also hide your Desktop icons and Windows task bar. In such case, please click Ctrl+Shift+Esc. Windows Task Manager will open. Click File -> New Task (Run...). Type in: explorer.exe and hit OK. All your icons should be in their places again. Then download MalwareBytes' Anti-malware, SUPERAntispyware or Spyware Doctor and run a full system scan. Don't forger to update anti-malware software before scanning your computer. If you can't download any program in normal mode hen please reboot your computer is safe mode with networking. For more details please follow the SP Center removal instructions below. If you have any questions or additional information about this malware please leave a comment. Good luck and be safe online!
SP Center removal instructions (in Safe Mode with Networking):
1. Reboot your computer is "Safe Mode with Networking". As the computer is booting tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Networking" and press Enter key. Read more detailed instructions here: http://www.computerhope.com/issues/chsafe.htm
NOTE: Login as the same user you were previously logged in with in the normal Windows mode.
2. Download anti-malware software from the list below and run a full system scan.
NOTE: before saving the selected program onto your computer, please rename the installer to iexplore.exe or winlogon.exe. With all of these tools, if running Windows 7 or Vista they MUST be run as Auto Infoistrator. Launch the program and follow the prompts. Don't forget to update the installed program before scanning.
3. New threats appear every day. In order to protect your PC from such (new) infections we strongly recommend you to use ESET Smart Security.
SP Center removal instructions in Normal mode:
1. Download Process Explorer iexplore.exe. Double click to open it. Look for SP Center in the process list and terminate its process(es): ap.exe and sp.exe.
2. Download anti-malware software from the list below. Update it and run a full system scan.
NOTE: before saving the selected program onto your computer, please rename the installer to iexplore.exe or winlogon.exe. With all of these tools, if running Windows 7 or Vista they MUST be run as Auto Infoistrator. Launch the program and follow the prompts. Don't forget to update the installed program before scanning.
3. New threats appear every day. In order to protect your PC from such (new) infections we strongly recommend you to use ESET Smart Security.
SP Center associated files and registry values:
Files:
- C:\Documents and Settings\[User Name]\Application Data\CCenter\ap.exe
- C:\Documents and Settings\[User Name]\Application Data\CCenter\sp.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "ap.exe"
- HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache "C:\Documents and Settings\[User Name]\Application Data\CCenter\ap.exe"
- HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache "C:\Documents and Settings\A[User Name]\Application Data\CCenter\sp.exe"
- HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon shell "C:\Documents and Settings\[User Name]\Application Data\CCenter\sp.exe"
No comments:
Post a Comment