How to remove sprotector.dll (SPROTECTOR.DLL is Trojan SProtector.AMN)

We checked some samples of SPROTECTOR.DLL and detected the file SPROTECTOR.DLL as threat.
Remove the SPROTECTOR.DLL file from your computer right now.
Removal tool: http://www.unhackme.com

Malware Analysis of SPROTECTOR.DLL
Full path on a computer: %Program Files%\ZoomEx\sprotector.dll

Detected by UnHackMe:

Item Name: AppInit_DLLs
Author: Unknown
Related File: c:\progra~1\zoomex\sprote~1.dll
Type: List of Injected DLLs

Item Name: ZoomExUpdaterTask{E404575A-3F7F-4656-A85C-5AC64D4ED847}
Author:
Related File: %COMMON APPDATA%\PREMIUM\ZOOMEX\ZOOMEX.EXE
Type: Scheduled Tasks

Item Name: sprotector.dll
Author:
Current Setting: %PROGRAM FILES%\ZOOMEX\SPROTECTOR.DLL
Type: Unwanted Software Files

Removal Results: Success
Number of reboot: 1

SPROTECTOR.DLL is known as:

Trojan.SProtector.AMN (A), Adware.BGuard.11, a variant of Win32.SProtector.A, Win32:SProtector-A [PUP]

SPROTECTOR.DLL hash:

  • MD5: decac42ec861e07d2b0d19ade95339ee
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect SPROTECTOR.DLL presence?

Registry:
  • HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “c:\progra~1\zoomex\sprote~1.dll”
Folders:
  • %Temp%\{A80F3882-2D3A-4C36-AEDD-651873EC1A74}
  • %Common Appdata%\Cloud Software LTD
  • %Common Appdata%\InstallMate
  • %Common Appdata%\InstallMate\ZoomEx
  • %Common Appdata%\InstallMate\{8019FD34-D60A-40EE-A205-9E285BFADFC2}
  • %Common Appdata%\InstallMate\{A80F3882-2D3A-4C36-AEDD-651873EC1A74}
  • %Common Appdata%\Premium
  • %Common Appdata%\Premium\ZoomEx
  • %Common Appdata%\Premium\ZoomEx\DNL1.tmp
  • %Program Files%\ZoomEx
Files:
  • %Temp%\{A80F3882-2D3A-4C36-AEDD-651873EC1A74}\x64\regsvr32.exe
  • %Temp%\{A80F3882-2D3A-4C36-AEDD-651873EC1A74}\x86\regsvr32.exe
  • %Common Appdata%\InstallMate\ZoomEx\Setup.exe
  • %Common Appdata%\InstallMate\ZoomEx\Setup.ico
  • %Common Appdata%\InstallMate\{8019FD34-D60A-40EE-A205-9E285BFADFC2}\Setup.exe
  • %Common Appdata%\InstallMate\{8019FD34-D60A-40EE-A205-9E285BFADFC2}\TsuDll.dll
  • %Common Appdata%\InstallMate\{8019FD34-D60A-40EE-A205-9E285BFADFC2}\_Setup.dll
  • %Common Appdata%\InstallMate\{A80F3882-2D3A-4C36-AEDD-651873EC1A74}\Setup.exe
  • %Common Appdata%\InstallMate\{A80F3882-2D3A-4C36-AEDD-651873EC1A74}\TsuDll.dll
  • %Common Appdata%\InstallMate\{A80F3882-2D3A-4C36-AEDD-651873EC1A74}\_Setup.dll
  • %Common Appdata%\InstallMate\{A80F3882-2D3A-4C36-AEDD-651873EC1A74}\_Setupx.dll
  • %Common Appdata%\Premium\ZoomEx\profile.ini
  • %Common Appdata%\Premium\ZoomEx\run6.tmp
  • %Common Appdata%\Premium\ZoomEx\ZoomEx.exe
  • %Program Files%\ZoomEx\sprotector.dll
  • %Program Files%\ZoomEx\uninstall.exe
  • %WinDir%\Tasks\ZoomExUpdaterTask{E404575A-3F7F-4656-A85C-5AC64D4ED847}.job

Fix it immediately!

Free Download

UnHackMe removes malware invisible for your antivirus!

Leave a Reply