System Diagnosis Popup

Posted: February 18, 2009

System Diagnosis Popup Description

"System Diagnosis" Popup is a rogue security alert from rogue anti-spyware program System Guard Center. "System Diagnosis" Popup may read:

"WARNING: Your system and files may be damaged. Install a repairing solution to check and prevent crashes. WARNING YOUR SYSTEM MAY BE RUNNING WITH ERRORS. A reliable Fixing software is scanning your PC for errors. This Fixing Tool will locate errors and damaged files on your system."

"System Diagnosis" Popup is only meant to make you believe your computer system is infested with spyware. "System Diagnosis" Popup will most likely redirect you to System Guard Center's website or other malicious websites that sell rogue anti-spyware programs.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\SystemGuardCenter.lnk
    2 %UserProfile%\Application Data\SystemGuardCenter
    3 %UserProfile%\Application Data\SystemGuardCenter\Logs
    4 %UserProfile%\Application Data\SystemGuardCenter\Logs\scns.log
    5 %UserProfile%\Desktop\QuickInstallPack.lnk
    6 %UserProfile%\Local Settings\Application Data\qip
    7 %UserProfile%\Local Settings\Application Data\qip\data.ini
    8 %UserProfile%\Local Settings\Application Data\qip\SystemGuardCenter_Setup_Dual_en.exe.ini
    9 %UserProfile%\Local Settings\Application Data\UCLN_QIP
    10 %UserProfile%\Local Settings\Application Data\UCLN_QIP\data.ini
    11 %UserProfile%\Local Settings\Application Data\USGC_QIP
    12 %UserProfile%\Local Settings\Application Data\USGC_QIP\data.ini
    13 %UserProfile%\Start Menu\Programs\QuickInstallPack
    14 %UserProfile%\Start Menu\Programs\QuickInstallPack\Contact Us.url
    15 %UserProfile%\Start Menu\Programs\QuickInstallPack\QuickInstallPack on the Web.url
    16 %UserProfile%\Start Menu\Programs\QuickInstallPack\QuickInstallPack.lnk
    17 %UserProfile%\Start Menu\Programs\QuickInstallPack\Uninstall QuickInstallPack.lnk
    18 c:\Documents and Settings\All Users\Application Data\SystemGuardCenter
    19 c:\Documents and Settings\All Users\Application Data\SystemGuardCenter\Bases
    20 c:\Documents and Settings\All Users\Application Data\SystemGuardCenter\Bases\bbv.dat
    21 c:\Documents and Settings\All Users\Application Data\SystemGuardCenter\Bases\Enemies.dat
    22 c:\Documents and Settings\All Users\Application Data\SystemGuardCenter\Status.dat
    23 c:\Documents and Settings\All Users\Desktop\System GuardCenter.lnk
    24 c:\Documents and Settings\All Users\Start Menu\Programs\SystemGuardCenter
    25 c:\Documents and Settings\All Users\Start Menu\Programs\SystemGuardCenter\Launch SystemGuardCenter Options.lnk
    26 c:\Documents and Settings\All Users\Start Menu\Programs\SystemGuardCenter\Launch SystemGuardCenter.lnk
    27 c:\Documents and Settings\All Users\Start Menu\Programs\SystemGuardCenter\Uninstall SystemGuardCenter.lnk
    28 c:\My Downloads
    29 c:\Program Files\SystemGuardCenter
    30 c:\Program Files\SystemGuardCenter\SystemGuardCenter Options.ico
    31 c:\Program Files\SystemGuardCenter\SystemGuardCenter.ico
    32 c:\Program Files\SystemGuardCenter\SystemGuardCenter.xml
    33 c:\Program Files\SystemGuardCenter\unins.ico
    34 c:\Program Files\SystemGuardCenter\unins000.dat

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "QuickInstallPack"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "SystemGuardCenter"HKEY_CURRENT_USER\Software\SystemGuardCenterHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4CDC21D-43BE-4101-A1EF-E379F134771E}HKEY_LOCAL_MACHINE\SOFTWARE\SystemGuardCenterHKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\AppID\iercpt.DLLHKEY_CLASSES_ROOT\AppID\{3A9377A6-BE7F-485D-908C-D44114691389}HKEY_CLASSES_ROOT\CLSID\{D4CDC21D-43BE-4101-A1EF-E379F134771E}HKEY_CLASSES_ROOT\Interface\{59C345BA-3D5E-44E3-9D10-D3848AF15D73}HKEY_CLASSES_ROOT\TypeLib\{A6FBD2E4-1C7E-4EAB-80DD-01DE2645566A}HKEY_CLASSES_ROOT\iercpt.iercptbhoHKEY_CLASSES_ROOT\iercpt.iercptbho.1HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}QuickInstallPackSGC_is1

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to System Diagnosis Popup may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Annoyances System Diagnosis Popup

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.