Badware Protector
Badware Protector, also known as BadwareProtector, is a rogue anti-spyware program similar to AntiSpyware Protector. Badware Protector is usually installed in your computer with the help of Trojan Zlob, which is often bundled in a fake codec download. Once Zlob is installed, you'll receive a large amount of fake system notification messages stating that your computer is infected with spyware. In order to remove these supposed infections, you'll be redirected to Badware Protector's website (badware-protector.com) where Badware Protector is sold as a legitimate spyware remover.
In addition, Badware Protector is able to run a fake computer system scan and generate a list of imaginary infections as a result. These scare tactics are only meant to scare you and lure you into purchasing the full Badware Protector program. Badware Protector is may also hijack your browser. Badware Protector may come from the same creators of XPAntivirus.
File System Modifications
- The following files were created in the system:
# File Name 1 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\BP.lnk 2 %UserProfile%\Desktop\badware-protector.exe 3 %UserProfile%\Desktop\BP.lnk 4 %UserProfile%\Start Menu\BP 5 %UserProfile%\Start Menu\BP\BP.lnk 6 %UserProfile%\Start Menu\BP\Help.lnk 7 %UserProfile%\Start Menu\BP\Registration.lnk 8 backup.lst 9 BadwareProtector_log.txt 10 bp.exe 11 c:\Program Files\Common Files\System\Uninstall 12 c:\Program Files\Common Files\System\Uninstall\Uninstall BP.lnk 13 helper.sys 14 ieupdates.exe 15 krln32.exe 16 pn.cfg 17 protector.exe 18 scvh0st.exe 19 spyware.dat
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74f25a2c-22b3-4023-8f1a-ca616c30a8b5}\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D714A94F-123A-45CC-8F03-040BCAF82AD6}\HKEY_USERS\Software\BadwareProtectorHKEY_USERS\Software\Microsoft\Windows\CurrentVersion\Run\"Badware Protector" = "C:\Program Files\BadwareProtector\badwareprotector.exe"HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BadwareProtectorHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "BadwareProtector"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Protector"HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}BadwareProtector
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.