System-protector.org

By JubileeX in Rogue Websites

Translate To:

System-protector.org is a browser hijacker promoting the rogue anti-spyware program called System Protector. Through trojans that infiltrate your computer through security exploits and alter your browser settings, you will discover your web-surfing activities becoming interrupted and redirected to the System-protector.org domain. Here your computer is subject to a fraudulent online scan that displays numerous false infection reports, as well as aggressive advertising schemes, all in order to persuade you to purchase and install System Protector.

File System Details

System-protector.org may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%UserProfile%\Application Data\shellex.dll
Name: %UserProfile%\Application Data\shellex.dll Type: Dynamic link library
2.	%UserProfile%\Application Data\lsascs.exe
Name: %UserProfile%\Application Data\lsascs.exe Type: Executable File
3.	%UserProfile%\Application Data\install.exe
Name: %UserProfile%\Application Data\install.exe Type: Executable File
4.	%UserProfile%\Application Data\Microsoft\windll32.exe
Name: %UserProfile%\Application Data\Microsoft\windll32.exe Type: Executable File
5.	%UserProfile%\Desktop\System Protector.lnk
Name: %UserProfile%\Desktop\System Protector.lnk Type: Shortcut
6.	%UserProfile%\Start Menu\Programs\System Protector\System Protector.lnk
Name: %UserProfile%\Start Menu\Programs\System Protector\System Protector.lnk Type: Shortcut
7.	%UserProfile%\Application Data\SpyProtectorSC_Config.ini
Name: %UserProfile%\Application Data\SpyProtectorSC_Config.ini
8.	%UserProfile%\Start Menu\Programs\System Protector\Support Page.url
Name: %UserProfile%\Start Menu\Programs\System Protector\Support Page.url
9.	%WINDOWS%\system32\spyprotector.cpl
Name: %WINDOWS%\system32\spyprotector.cpl
10.	%UserProfile%\Application Data\SpyProtectorSC_Base_new.dat
Name: %UserProfile%\Application Data\SpyProtectorSC_Base_new.dat Type: Data file
11.	%UserProfile%\Start Menu\Programs\System Protector\Purchase License.url
Name: %UserProfile%\Start Menu\Programs\System Protector\Purchase License.url
12.	%Program Files%\System Protector
Name: %Program Files%\System Protector

Registry Details

System-protector.org may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\System Protector

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "System Protector"

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\System Protector

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\System Protector

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\lsascs.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" => 1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{107A1D63-2EAA-4694-8ABA-EC209C630D83}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\System Protector

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

System-protector.org

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen