Iron Protector
Iron Protector (or IronProtector) is a rogue antispyware program used for cybercrime by malicious hackers. Iron Protector redirects the browser to a fake scan page which produces bogus results claiming the PC is infected with all sorts of malware. The system will soon be bombarded by popup warnings urging the purchase of IronProtector to remove the alleged threats. Do not click on anything this rogue produces and do not fall for its trickery. Remove Iron Protector using a reliable antispyware program.
File System Modifications
- The following files were created in the system:
# File Name 1 %Documents and Settings%\All Users\Application Data\RegistryClever 2 %Documents and Settings%\All Users\Application Data\RegistryClever\BackupedItems\ 3 %Documents and Settings%\All Users\Application Data\RegistryClever\BackupedItems\items.xml 4 %Documents and Settings%\All Users\Desktop\RegistryClever.lnk 5 %Documents and Settings%\All Users\Start Menu\Programs\IronProtector.lnk 6 %Documents and Settings%\All Users\Start Menu\Programs\RegistryClever\ 7 %Documents and Settings%\All Users\Start Menu\Programs\RegistryClever\Homepage.lnk 8 %Documents and Settings%\All Users\Start Menu\Programs\RegistryClever\RegistryClever.lnk 9 %Documents and Settings%\All Users\Start Menu\Programs\RegistryClever\Uninstall.lnk 10 %Program Files%\FDFCA\ 11 %Program Files%\FDFCA\F0E84.exe 12 %Program Files%\FDFCA\Uninstall.exe 13 %Program Files%\RegistryClever Software\ 14 %Program Files%\RegistryClever Software\RegistryClever\ 15 %Program Files%\RegistryClever Software\RegistryClever\license.txt 16 %Program Files%\RegistryClever Software\RegistryClever\RegistryClever.exe 17 %Program Files%\RegistryClever Software\RegistryClever\RegistryCleverTray.exe 18 %Program Files%\RegistryClever Software\RegistryClever\Styles\ 19 %Program Files%\RegistryClever Software\RegistryClever\Styles\Vista.cjstyles 20 %Program Files%\RegistryClever Software\RegistryClever\uninstall.exe 21 %UserProfile%\Desktop\IronProtector.lnk 22 %UserProfile%\Local Settings\Temp\.exe 23 %WINDOWS%\.bin 24 %WINDOWS%\.cpl 25 %WINDOWS%\.dll 26 %WINDOWS%\system32\.bin 27 %WINDOWS%\system32\.cpl 28 %WINDOWS%\system32\.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\IronProtectorHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ".exe"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "TrayScan"HKEY_CURRENT_USER\Software\RegistryCleverHKEY_LOCAL_MACHINE\SOFTWARE\IronProtectorHKEY_LOCAL_MACHINE\SOFTWARE\RegistryCleverHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "F0E84.exe"HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}IronProtectorRegistryClever
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.