Protection System Pop-up
"Protection System" pop-up is a false security alert launched by rogue spyware remover Protection System. The Protection System pop-up reads as follows:
"Protection System.
There is unauthorized software detected on your computer. It is recommended you remove it, otherwise it could conflict with Protection System. Press 'OK' to remove Malwarebytes' Anti-Malware_is1."
In other words, this fake security notification is attempting to get you to disable your legitimate security software (Malwarebytes, AVG, etc.) in order for Protection System to have free reign over your PC. Remove Protection System pop-up as soon as possible.
File System Modifications
- The following files were created in the system:
# File Name 1 %Program Files%\Protection System 2 %Program Files%\Protection System\blacklist.cga 3 %Program Files%\Protection System\core.cga 4 %Program Files%\Protection System\CoreExt.dll 5 %Program Files%\Protection System\firewall.dll 6 %Program Files%\Protection System\Help 7 %Program Files%\Protection System\Help\images 8 %Program Files%\Protection System\Help\images\buttons 9 %Program Files%\Protection System\Help\images\buttons\offline.gif 10 %Program Files%\Protection System\Help\images\buttons\online.gif 11 %Program Files%\Protection System\Help\images\buttons\voice.gif 12 %Program Files%\Protection System\Help\images\delete.png 13 %Program Files%\Protection System\Help\images\info.png 14 %Program Files%\Protection System\Help\images\plus_circle.png 15 %Program Files%\Protection System\Help\images\tick.png 16 %Program Files%\Protection System\Help\images\warn.png 17 %Program Files%\Protection System\Help\reg.html 18 %Program Files%\Protection System\Help\support.png 19 %Program Files%\Protection System\Help\unreg.html 20 %Program Files%\Protection System\Protection System.exe 21 %Program Files%\Protection System\Uninstall.exe 22 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Protection System.lnk 23 %UserProfile%\Desktop\Protection System.lnk 24 %UserProfile%\Start Menu\Programs\Protection System 25 %UserProfile%\Start Menu\Programs\Protection System\Protection System.lnk 26 %UserProfile%\Start Menu\Programs\Protection System\Uninstall Protection System.lnk
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\ ProtectionSystemHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Protection System"HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Protection System
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.