ProtectCop
Posted: December 9, 2011
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 8/10 |
---|---|
Infected PCs: | 583 |
First Seen: | December 9, 2011 |
---|---|
Last Seen: | February 20, 2021 |
OS(es) Affected: | Windows |
ProtectCop is a fake anti-malware program from Korea that distributes itself through the protectcop.com website. As a clone of equally-fraudulent ProtectInfo, ProtectCop will attempt to display inaccurate system scans and pop-ups that confuse you about your computer's health. Ultimately, this may lead to the attempted theft of your credit card information or finances, and SpywareRemove.com malware researchers recommend that you delete ProtectCop in haste if ProtectCop does manage to find its way onto your PC. Since ProtectCop may attempt to block PC security software that could remove ProtectCop, you should remove ProtectCop by switching to Safe Mode and running an anti-malware scanner while ProtectCop is fully-deactivated.
Why You Shouldn't Give the Time of Day to ProtectCop's Virtual Tickets
ProtectCop, like other types of rogue anti-malware software, has no actual PC threat-detection or removal features, although its interface would like to pretend otherwise. Provided that you can read ProtectCop's interface (most of which is in Korean) you'll find that ProtectCop is warning you about a wide range of supposed problems with your PC. However, this is because ProtectCop is designed to create the appearance of these issues without actually trying to detect them, and SpywareRemove.com malware analysts have found all of zero real PC security functions contained within ProtectCop's code.
ProtectCop is spread throughout the web by protectcop.com, which is a confirmed vector for PC threat propagation. Visits to ProtectCop's website, especially if you're using a web browser with poor security or one that allows scripts to run automatically, can cause your PC to be infected by ProtectCop even if you don't download ProtectCop of your own free will. SpywareRemove.com malware researchers haven't noted other distribution methods for ProtectCop, so the chance of being attacked by ProtectCop if you stay away from protectcop.com can be considered a minor one.
Policing ProtectCop Before It Scams You Out of Your Spare Cash
The top risk from any ProtectCop infection is the possibility of being convinced that purchasing ProtectCop will remove its fake alerts and any other attacks that ProtectCop may have launched, such as blocking PC security applications or redirecting your web browser to hostile sites. However, purchasing a rogue anti-malware application of any sort, including ProtectCop, is strongly-discouraged due to the inherent danger involved in allowing criminals to access your credit card information. If you get rid of ProtectCop with an appropriate anti-malware program, you should be able to shut down all corresponding symptoms of a ProtectCop infection.
Because software-blocking behavior is common for ProtectCop, ProtectInfo and similar types of scamware programs, you should be ready to use Safe Mode to prevent such attacks before you scan your PC. SpywareRemove.com malware experts also recommend that you rename any blocked program files to generic titles (such as 'explorer.exe' or 'iexplore.exe') to allow them to slip through via ProtectCop's whitelist.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%ProgramFiles%\ProtectCop
File name: %ProgramFiles%\ProtectCopGroup: Malware file
%StartMenu%\ProtectCop
File name: %StartMenu%\ProtectCopGroup: Malware file
C:\Program Files\ProtectCop\ProtectCopLaunch.exe
File name: C:\Program Files\ProtectCop\ProtectCopLaunch.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
Registry Modifications
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\ProtectCop HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ProtectCopUp.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ProtectCopHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.