System Protector
System Protector Description
System Protector is a fake anti-spyware program that is designed to trick the user into buying their full version of the program by displaying misleading pop-ups and “system alerts,” claiming that your machine is infected with malicious software. System Protector may use its system scanner to display false positives which work as an incentive to make unsuspecting users purchase System Protector’s commercial version.
Do not click on any link provided by System Protector. Once you click on the link provided, you’ll be redirected to System Protector’s website to download and purchase System Protector’s rogue anti-spyware program. System Protector has the ability to recreate itself after reboot and its “System scan” messages may continue to pop up on your task manager. It is advised to run a scan with a reliable anti-spyware program to check for the presence of System Protector on your computer.
Aliases
FraudTool.Spyprotector.BG [VirusBuster]Adware.Spyprotector.R.1943040.F [ViRobot]TROJ_FAKEVIR.CN [TrendMicro]Trojan Horse [Symantec]SpyProtector [Sunbelt]Medium Risk Malware [Prevx]Trojan.Generic [PCTools]W32/FakeAV.I!genr [Norman]probably a variant of Win32/TrojanDownloader.Agent [NOD32]Trojan.DisableTask.1943040.3 [McAfee-GW-Edition]
More aliases (69)
System Protector Automatic Detection Tool (Recommended)
Is your PC infected with System Protector? To safely & quickly detect System Protector, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect System Protector
What happens if System Protector does not let you open SpyHunter or blocks the Internet?
Technical Details
Visual & GUI Characteristics
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read
the tutorials on how to find malware,
kill unwanted processes,
remove malicious DLLs and
delete other harmful files. Always be
sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name Detection Count 1 shellex.dll 658 2 sysprotector_install[1].exe 527 3 %ProgramFiles%\System Protector 513 4 %UserProfile%\Start Menu\Programs\System Protector 468 5 sysprotector_install_71174136[1].exe 307 6 sys-protector.exe N/A 7 System Protector.lnk N/A 8 dfgfgh.ini N/A 9 C:\WINDOWS\system32\spyprotector.cpl N/A 10 C:\Program Files\System Protector N/A 11 %UserProfile%\Application Data\lsascs.exe N/A 12 %UserProfile%\Application Data\install.exe N/A 13 %UserProfile%\Application Data\Microsoft\windll32.exe N/A 14 %UserProfile%\Application Data\shellex.dll N/A 15 %UserProfile%\Desktop\System Protector.lnk N/A 16 %UserProfile%\Application Data\SpyProtectorSC_Config.ini N/A 17 %UserProfile%\Application Data\SpyProtectorSC_Base_new.dat N/A 18 %UserProfile%\Start Menu\Programs\System Protector\System Protector.lnk N/A 19 %UserProfile%\Start Menu\Programs\System Protector\Support Page.url N/A 20 %UserProfile%\Start Menu\Programs\System Protector\Purchase License.url N/A
Registry Modifications
Tutorial: To edit and delete registry entries manually, read the tutorial on
how to remove malicious registry entries.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
- The following newly produced Registry Values are:
HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" => 1HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "System Protector"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\System Protector HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\System ProtectorHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\System ProtectorHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellexHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\System ProtectorHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\lsascs.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "System Protector" - The following CLSID's were detected:
HKEY..\..\{CLSID Path} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{107A1D63-2EAA-4694-8ABA-EC209C630D83}
Additional Information
- The following cookies were detected:
system-protector
Posted: March 30, 2009 | By SpywareRemove
MoreThreat Level: 10/10
(2 votes, average: 4.00 out of 5)
Loading ...Rate this article:
Detection Count: 1,942
none
cant remove systems protector
Please remove advanced system protector…
tell me how to get advanced system protector off my computer
how do i remove advance system protector
I really need to delete this Advanced Systen Protector. Help!
Honestly, I didn’t know you interact with non human!
I want to remove Advanced System Protector
I wish to remove Advanced System Protector from Systweak as I am NOT a registered user but as it runs in background from boot-up I cannot use Start or the Control Panel. Any ideas?