Protection System Security Alert
"Protection System Security" Alert is a fake security alert launched by the fake spyware remover Protection System. This Protection System Security Alert pop-up reads as follows:
"Protection System security alert.
Your computer is being attacked from a remote PC. Attack from 240.105.231.105:10484.
Block your computer Internet access to prevent system infection? Windows Firewall has blocked this program from accepting connection from the Internet or a network. If you recognize the program or trust the publisher, you can unblock it."
The purpose of this false security notification is to get you to block your internet connections out of fear for infection, and offer a solution in the form of Protection System rogue spyware remover. Be advised to remove "Protection System Security" Alert as soon as possible.
File System Modifications
- The following files were created in the system:
# File Name 1 %Program Files%\Protection System 2 %Program Files%\Protection System\blacklist.cga 3 %Program Files%\Protection System\core.cga 4 %Program Files%\Protection System\CoreExt.dll 5 %Program Files%\Protection System\firewall.dll 6 %Program Files%\Protection System\Help 7 %Program Files%\Protection System\Help\images 8 %Program Files%\Protection System\Help\images\buttons 9 %Program Files%\Protection System\Help\images\buttons\offline.gif 10 %Program Files%\Protection System\Help\images\buttons\online.gif 11 %Program Files%\Protection System\Help\images\buttons\voice.gif 12 %Program Files%\Protection System\Help\images\delete.png 13 %Program Files%\Protection System\Help\images\info.png 14 %Program Files%\Protection System\Help\images\plus_circle.png 15 %Program Files%\Protection System\Help\images\tick.png 16 %Program Files%\Protection System\Help\images\warn.png 17 %Program Files%\Protection System\Help\reg.html 18 %Program Files%\Protection System\Help\support.png 19 %Program Files%\Protection System\Help\unreg.html 20 %Program Files%\Protection System\Protection System.exe 21 %Program Files%\Protection System\Uninstall.exe 22 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Protection System.lnk 23 %UserProfile%\Desktop\Protection System.lnk 24 %UserProfile%\Start Menu\Programs\Protection System 25 %UserProfile%\Start Menu\Programs\Protection System\Protection System.lnk 26 %UserProfile%\Start Menu\Programs\Protection System\Uninstall Protection System.lnk
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\ ProtectionSystemHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Protection System"HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Protection System
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.