The file SPROTECTOR.DLL can destroy your system, thus making the computer to work abnormally.
SPROTECTOR.DLL is a dangerous file.
RemoveSPROTECTOR.DLL from your computer immediately.
Kill the process SPROTECTOR.DLL and remove SPROTECTOR.DLL from the Windows startup.
Malware Analysis of SPROTECTOR.DLL
Full path on a computer: %Program Files%\SafeSaver\sprotector.dll
Detected by UnHackMe:
SPROTECTOR.DLL
Default location: %Program Files%\SafeSaver\sprotector.dll
Removal Results: Success
Number of reboot: 1
SPROTECTOR.DLL is known as:
Trojan.Sprotector, ADW_SPROTECT, Win32:SProtector-A [PUP], Adware.BGuard.B (B), Adware.BGuard.11, a variant of Win32.SProtector.A
SPROTECTOR.DLL hash:
- MD5: d59fb8a196cc8ad8e8bde0c437070cc6
The file tries to connect to the dangerous web site.
How to quickly detect SPROTECTOR.DLL presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}\InprocServer32\: “%Program Files Common%\Microsoft Shared\Triedit\triedit.dll”
- HKLM\Software\Classes\CLSID\{4EC6F37F-A3A4-7830-523C-4DC7708E9A2A}\InProcServer32\: “%Common Appdata%\SearchNewTab\51b9c2dd61f12.dll”
- HKLM\Software\Classes\CLSID\{9BF7E5AA-56A3-AFAF-577A-812C9EDF6536}\InProcServer32\: “%Common Appdata%\safe save\51b9c163cacfa.dll”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\RDReminder: “%Program Files%\RegClean Pro\RegCleanPro.exe -rem”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\SystweakASP: “”%Program Files%\RegClean Pro\SystweakASP.exe” /verysilent”
Folders:- %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged
- %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged\5-it7@jczqtrpwpe.com
- %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged\5-it7@jczqtrpwpe.com\content
- %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged\rjwoc@shrxnecw.org
- %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged\rjwoc@shrxnecw.org\content
- %Appdata%\Mozilla\Firefox\Profiles\profile.default\searchplugins
- %Appdata%\Advanced System Protector
- %Appdata%\Systweak
- %Appdata%\Systweak\RegClean Pro
- %Appdata%\Systweak\RegClean Pro\Version 6.1
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\jdinhlkbfioapnhiffhnjpckpmeiinbd
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\jdinhlkbfioapnhiffhnjpckpmeiinbd\1
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\pgpnflmkngcffolifndcihkihhnodolb
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\pgpnflmkngcffolifndcihkihhnodolb\1
- %Temp%\is-27LKN.tmp
- %Temp%\is-27LKN.tmp\_isetup
- %Temp%\is-AA3BH.tmp
- %Temp%\is-AIGHH.tmp
- %Temp%\is-AIGHH.tmp\_isetup
- %Temp%\is-LLOUQ.tmp
- %Common Appdata%\InstallMate
- %Common Appdata%\InstallMate\{CF5A583B-D402-4920-ABCB-9C2014B97ACD}
- %Common Appdata%\safe save
- %Common Appdata%\SearchNewTab
- %Common Appdata%\StarApp
- %Common Appdata%\StarApp\Setup
- %Common Startmenu%\Programs\RegClean Pro
- %Common Startmenu%\Programs\safe save
- %Common Startmenu%\Programs\SearchNewTab
- %Program Files%\RegClean Pro
- %Program Files%\SafeSaver
- %Program Files%\WebSearch
Files:- %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged\5-it7@jczqtrpwpe.com\bootstrap.js
- %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged\5-it7@jczqtrpwpe.com\chrome.manifest
- %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged\5-it7@jczqtrpwpe.com\content\bg.js
- %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged\5-it7@jczqtrpwpe.com\install.rdf
- %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged\rjwoc@shrxnecw.org\bootstrap.js
- %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged\rjwoc@shrxnecw.org\chrome.manifest
- %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged\rjwoc@shrxnecw.org\content\bg.js
- %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged\rjwoc@shrxnecw.org\install.rdf
- %Appdata%\Mozilla\Firefox\Profiles\profile.default\searchplugins\WebSearch.xml
- %Appdata%\Advanced System Protector\aspsetup.exe
- %Appdata%\Systweak\RegClean Pro\Version 6.1\eng_rcp.dat
- %Appdata%\Systweak\RegClean Pro\Version 6.1\log_06-13-2013.log
- %Desktop%\error.txt
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\jdinhlkbfioapnhiffhnjpckpmeiinbd\1\51b9c2dd61cce5.58714335.js
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\jdinhlkbfioapnhiffhnjpckpmeiinbd\1\background.html
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\jdinhlkbfioapnhiffhnjpckpmeiinbd\1\content.js
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\jdinhlkbfioapnhiffhnjpckpmeiinbd\1\lsdb.js
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\jdinhlkbfioapnhiffhnjpckpmeiinbd\1\manifest.json
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\jdinhlkbfioapnhiffhnjpckpmeiinbd\1\newtab.html
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\jdinhlkbfioapnhiffhnjpckpmeiinbd\1\sqlite.js
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\pgpnflmkngcffolifndcihkihhnodolb\1\51b9c163caacb2.59219909.js
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\pgpnflmkngcffolifndcihkihhnodolb\1\background.html
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\pgpnflmkngcffolifndcihkihhnodolb\1\content.js
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\pgpnflmkngcffolifndcihkihhnodolb\1\lsdb.js
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\pgpnflmkngcffolifndcihkihhnodolb\1\manifest.json
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\pgpnflmkngcffolifndcihkihhnodolb\1\sqlite.js
- %Temp%\D94CB95F.TMP
- %Temp%\is-27LKN.tmp\isxdl.dll
- %Temp%\is-27LKN.tmp\_isetup\_shfoldr.dll
- %Temp%\is-AA3BH.tmp\systweakasp.tmp
- %Temp%\is-AIGHH.tmp\isxdl.dll
- %Temp%\is-AIGHH.tmp\_isetup\_shfoldr.dll
- %Temp%\is-LLOUQ.tmp\SystweakASP.tmp
- %Temp%\Perflib_Perfdata_6a8.dat
- %Common Appdata%\InstallMate\{CF5A583B-D402-4920-ABCB-9C2014B97ACD}\20130613164913.log
- %Common Appdata%\InstallMate\{CF5A583B-D402-4920-ABCB-9C2014B97ACD}\Custom.dll
- %Common Appdata%\InstallMate\{CF5A583B-D402-4920-ABCB-9C2014B97ACD}\Readme.txt
- %Common Appdata%\InstallMate\{CF5A583B-D402-4920-ABCB-9C2014B97ACD}\Setup.dat
- %Common Appdata%\InstallMate\{CF5A583B-D402-4920-ABCB-9C2014B97ACD}\Setup.exe
- %Common Appdata%\InstallMate\{CF5A583B-D402-4920-ABCB-9C2014B97ACD}\Setup.ico
- %Common Appdata%\InstallMate\{CF5A583B-D402-4920-ABCB-9C2014B97ACD}\TsuDll.dll
- %Common Appdata%\InstallMate\{CF5A583B-D402-4920-ABCB-9C2014B97ACD}\_Setup.dll
- %Common Appdata%\safe save\51b9c163cacfa.dll
- %Common Appdata%\safe save\51b9c163cacfa.tlb
- %Common Appdata%\safe save\settings.ini
- %Common Appdata%\safe save\uninstall.exe
- %Common Appdata%\SearchNewTab\51b9c2dd61f12.dll
- %Common Appdata%\SearchNewTab\51b9c2dd61f12.tlb
- %Common Appdata%\SearchNewTab\settings.ini
- %Common Appdata%\SearchNewTab\uninstall.exe
- %Common Desktopdirectory%\RegClean Pro.lnk
- %Common Startmenu%\Programs\RegClean Pro\RegClean Pro.lnk
- %Common Startmenu%\Programs\RegClean Pro\Register RegClean Pro.lnk
- %Common Startmenu%\Programs\RegClean Pro\Uninstall RegClean Pro.lnk
- %Common Startmenu%\Programs\safe save\safe save.lnk
- %Common Startmenu%\Programs\safe save\Uninstall.lnk
- %Common Startmenu%\Programs\SearchNewTab\SearchNewTab.lnk
- %Common Startmenu%\Programs\SearchNewTab\Uninstall.lnk
- %Program Files%\RegClean Pro\Chinese_rcp.ini
- %Program Files%\RegClean Pro\CleanSchedule.exe
- %Program Files%\RegClean Pro\Danish_rcp.ini
- %Program Files%\RegClean Pro\Dutch_rcp.ini
- %Program Files%\RegClean Pro\eng_rcp.ini
- %Program Files%\RegClean Pro\Finnish_rcp_fi.ini
- %Program Files%\RegClean Pro\French_rcp.ini
- %Program Files%\RegClean Pro\German_rcp.ini
- %Program Files%\RegClean Pro\greek_rcp_el.ini
- %Program Files%\RegClean Pro\install_left_image.bmp
- %Program Files%\RegClean Pro\isxdl.dll
- %Program Files%\RegClean Pro\Italian_rcp.ini
- %Program Files%\RegClean Pro\Japanese_rcp.ini
- %Program Files%\RegClean Pro\korean_rcp_ko.ini
- %Program Files%\RegClean Pro\Norwegian_rcp.ini
- %Program Files%\RegClean Pro\polish_rcp_pl.ini
- %Program Files%\RegClean Pro\portugese_rcp_pt.ini
- %Program Files%\RegClean Pro\Portuguese_rcp.ini
- %Program Files%\RegClean Pro\RCPUninstall.exe
- %Program Files%\RegClean Pro\RegCleanPro.dll
- %Program Files%\RegClean Pro\RegCleanPro.exe
- %Program Files%\RegClean Pro\russian_rcp_ru.ini
- %Program Files%\RegClean Pro\Spanish_rcp.ini
- %Program Files%\RegClean Pro\Swedish_rcp.ini
- %Program Files%\RegClean Pro\systweakasp.exe
- %Program Files%\RegClean Pro\TraditionalCn_rcp_zh-tw.ini
- %Program Files%\RegClean Pro\turkish_rcp_tr.ini
- %Program Files%\RegClean Pro\unins000.dat
- %Program Files%\RegClean Pro\unins000.exe
- %Program Files%\RegClean Pro\unins000.msg
- %Program Files%\RegClean Pro\xmllite.dll
- %Program Files%\SafeSaver\sprotector.dll
- %Program Files%\SafeSaver\uninstall.exe
- %Program Files%\WebSearch\sprotector.dll
- %Program Files%\WebSearch\uninstall.exe
- %SysDir%\roboot.exe
- %WinDir%\Tasks\RegClean Pro_DEFAULT.job
- %WinDir%\Tasks\RegClean Pro_UPDATES.job