Malware Description:
System Protector (aka SystemProtector) is definitely NOT a trustworthy application. It’s hard to consider a program developed to deceive unsuspecting computer users to be worth installing. As a rule, you won’t know you have System Protector on board before it apparently manifests itself. There are several sings of System Protector being resident on your computer. First of all, System Protector tends to display popup warnings about some malware infections which are stated to be inside your system. Secondly, System Protector runs its fabricated scanners upon pretty much every system boot, and these scanners report more parasites that need to be urgently removed to keep your PC safe. In fact, though, System Protector scanner has absolutely no antivirus detection capacity and cannot possibly know what infections you have inside the computer. And last but not least, System Protector will then offer you to register its so-called licensed software supposedly to ensure ultimate computer protection. If you happen to install System Protector license, you will, first of all, fail to keep your system secure and, secondly, simply waste your money. So stay away from System Protector and, if infected, remove this rogue as soon as possible.
Malware Type: Rogue Anti-Spyware
Malware Author: Innovagest2000
AUTOMATIC REMOVER
How to remove System Protector and affiliated threats manually:
Manual removal of System Protector is a feasible objective if you have sufficient expertise in dealing with program files, processes, .dll files and registry entries.
The files to be deleted are listed below:
The registry entries that need to be removed are as follows:
How to remove System Protector and affiliated threats manually:
Manual removal of System Protector is a feasible objective if you have sufficient expertise in dealing with program files, processes, .dll files and registry entries.
The files to be deleted are listed below:
%UserProfile%\Application Data\install.exe
%UserProfile%\Application Data\lsascs.exe
%UserProfile%\Application Data\shellex.dll
%UserProfile%\Application Data\Microsoft\windll32.exe
%UserProfile%\Application Data\SpyProtectorSC_Base_new.dat
%UserProfile%\Application Data\SpyProtectorSC_Config.ini
%UserProfile%\Desktop\System Protector.lnk
%UserProfile%\Start Menu\Programs\System Protector\Purchase License.url
%UserProfile%\Start Menu\Programs\System Protector\Support Page.url
%UserProfile%\Start Menu\Programs\System Protector\System Protector.lnk
%Program Files%\System Protector
%WINDOWS%\system32\spyprotector.cpl
The registry entries that need to be removed are as follows:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” => 1DOWNLOAD AUTOMATIC REMOVER
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\System Protector
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\System Protector
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{107A1D63-2EAA-4694-8ABA-EC209C630D83}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\System Protector
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\System Protector
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\lsascs.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “System Protector”
No comments:
Post a Comment