AdminBot | 23.06.2010 14:57 | Defense Center entfernen Liste der Anhänge anzeigen (Anzahl: 10) Defense Center entfernen Was ist Defense Center?
Defense Center ist ähnlich zu Protection Center und Your Protection. Defense Center ist eine weitere Rogue-Malware in Form einer gefälschten Scan-Software, die mittels eines sog. Trojaners in den PC eindringt und dem Benutzer weissmacht, den PC nach Malware abzusuchen. Diese Software (Defense Center) ist ein Fake und selbst eine Schadsoftware und sollte nicht gekauft werden.
Da solche Software wie Defense Center sich gegen jede Entfernung wehren wird und Defense Center oftmals noch Rootkits mitinstalliert, sollte eine Neuinstallation des Systems in Erwägung gezogen werden.
Verbreitet wird Defense Center nicht mehr ausschliesslich über 'dubiose Seiten' für Cracks, KeyGens und Warez, sondern auch seriöse Seiten werden zunehmend für die Verbreitung dieser mißbraucht ( http://www.trojaner-board.de/90880-d...tallation.html). http://www.trojaner-board.de/attachm...1&d=1278985888 http://www.trojaner-board.de/attachm...1&d=1278985888 Symptome von Defense Center:- ständige Fake Virenmeldungen von Defense Center
- PC läuft seit Defense Center langsamer als üblich
http://www.trojaner-board.de/attachm...1&d=1278985888 http://www.trojaner-board.de/attachm...1&d=1278985888http://www.trojaner-board.de/attachm...1&d=1278985888 http://www.trojaner-board.de/attachm...1&d=1278985888http://www.trojaner-board.de/attachm...1&d=1278985888http://www.trojaner-board.de/attachm...1&d=1278985888 http://www.trojaner-board.de/attachm...1&d=1278985888http://www.trojaner-board.de/attachm...1&d=1278985888 Fake-Meldungen von Defense Center:Warning! Virus threat detected! Virus activity detected! Net-Worm.Win32 has been detected. This adware module advertises websites with explicit content. Be advised of such content being possibly illegal. Please click the button below to locate and remove this threat. Warning! Adware detected! Adware module detected on your PC! Zlob.Porn.Ad adware has been detected. This adware module advertises websites with explicit content. Be advised of such content being possibly illegal. Please click the button below to locate and remove this threat now. Antivirus Alert - Critical threat detected Warning Network attack detected Network attack has been detected. Process is attempting to access your private data. Warning! Network attack detected! Network intrusion detected! Your computer is be attacked from a remote PC. Attack from <ip address>:27040 Process is trying to steal your passwords listed below. It is highly recommended to block this threat now. Danger! A security threat detected on your computer. TrojanASPX.JS.Win32. It strongly recommended to remove this threat right now. Click on the message to remove it. Danger! A security threat detected on your computer. This malicious program may steal your private data. Click on the message to ensure the protection of your computer. Danger! Harmful viruses detected on your computer. Click on the message to scan your computer for security threats for free. Dateien von Defense Center: Code:
c:\Documents and Settings\All Users\Favorites\_favdata.dat
c:\Program Files\Defense Center
c:\Program Files\Defense Center\about.ico
c:\Program Files\Defense Center\activate.ico
c:\Program Files\Defense Center\buy.ico
c:\Program Files\Defense Center\def.db
c:\Program Files\Defense Center\defcnt.exe
c:\Program Files\Defense Center\defext.dll
c:\Program Files\Defense Center\defhook.dll
c:\Program Files\Defense Center\help.ico
c:\Program Files\Defense Center\scan.ico
c:\Program Files\Defense Center\settings.ico
c:\Program Files\Defense Center\splash.mp3
c:\Program Files\Defense Center\Uninstall.exe
c:\Program Files\Defense Center\update.ico
c:\Program Files\Defense Center\virus.mp3
%UserProfile%\Desktop\Defense Center Support.lnk
%UserProfile%\Desktop\Defense Center.lnk
%UserProfile%\Desktop\nudetube.com.lnk
%UserProfile%\Desktop\pornotube.com.lnk
%UserProfile%\Desktop\spam001.exe
%UserProfile%\Desktop\spam003.exe
%UserProfile%\Desktop\troj000.exe
%UserProfile%\Desktop\youporn.com.lnk
%UserProfile%\Start Menu\Programs\Defense Center
%UserProfile%\Start Menu\Programs\Defense Center\About.lnk
%UserProfile%\Start Menu\Programs\Defense Center\Activate.lnk
%UserProfile%\Start Menu\Programs\Defense Center\Buy.lnk
%UserProfile%\Start Menu\Programs\Defense Center\Defense Center Support.lnk
%UserProfile%\Start Menu\Programs\Defense Center\Defense Center.lnk
%UserProfile%\Start Menu\Programs\Defense Center\Scan.lnk
%UserProfile%\Start Menu\Programs\Defense Center\Settings.lnk
%UserProfile%\Start Menu\Programs\Defense Center\Update.lnk Registry-Einträge von Defense Center: Code:
HKEY_USERS\S-1-5-21-861567501-152049171-1708537768-1003_Classes\secfile
HKEY_CURRENT_USER\Software\Classes\secfile
HKEY_CLASSES_ROOT\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CLASSES_ROOT\secfile
HKEY_LOCAL_MACHINE\SOFTWARE\Defense Center
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Defense Center
HKEY_LOCAL_MACHINE\SOFTWARE\Program Groups
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Defense Center"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "DisableTaskMgr" = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{5E2121EE-0300-11D4-8D3B-444553540000}" Defense Center im HijackThis-Log: Code:
O4 - HKCU\..\Run: [Defense Center] "C:\Program Files\Defense Center\defcnt.exe" -noscan |