SPROTECTOR.DLL is Trojan Sprotector

Dmitry Sokolov recommends his nice removal tool: UnHackMe


UnHackMe quickly removes rootkits/malware/adware/browser hijack issues!

: Solved!
5 Stars (5 / 5)


Is the file SPROTECTOR.DLL located on your computer? Then your computer is infected.
We do suggest you should remove SPROTECTOR.DLL from your computer as soon as possible.
SPROTECTOR.DLL is Trojan/Backdoor.
Kill the process SPROTECTOR.DLL and remove SPROTECTOR.DLL from the Windows startup.

Malware Analysis of SPROTECTOR.DLL
Full path on a computer: %Program Files%\WebSearch\sprotector.dll

Detected by UnHackMe:

SPROTECTOR.DLL
Default location: %Program Files%\WebSearch\sprotector.dll

Removal Results: Success
Number of reboot: 1

SPROTECTOR.DLL is known as:

Trojan.Sprotector, ADW_SPROTECT, Win32:SProtector-A [PUP], Adware.BGuard.B (B), Adware.BGuard.11, a variant of Win32.SProtector.A

SPROTECTOR.DLL hash:

  • MD5: d59fb8a196cc8ad8e8bde0c437070cc6
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect SPROTECTOR.DLL presence?

Registry:
  • HKLM\Software\Classes\CLSID\{93999FCE-1090-D2A5-C2B6-E2DCDBF4A242}\InProcServer32\: “%Common Appdata%\SearchNewTab\519b20edad3b4.dll”
  • HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\LoadAppInit_DLLs: 0×00000001
Folders:
  • %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged
  • %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged\goyuy_0cwod@xs-pxhoflx.org
  • %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged\goyuy_0cwod@xs-pxhoflx.org\content
  • %Appdata%\Mozilla\Firefox\Profiles\profile.default\searchplugins
  • %Local Appdata%\Google\Chrome\User Data\Default\Extensions
  • %Local Appdata%\Google\Chrome\User Data\Default\Extensions\odnekongaepnmanaeblnkmfcdkekohbb
  • %Local Appdata%\Google\Chrome\User Data\Default\Extensions\odnekongaepnmanaeblnkmfcdkekohbb\1
  • %Common Appdata%\InstallMate
  • %Common Appdata%\InstallMate\{7C1DD3C6-EA58-40FB-A210-A27AA7FEF130}
  • %Common Appdata%\SearchNewTab
  • %Common Appdata%\StarApp
  • %Common Appdata%\StarApp\Setup
  • %Common Startmenu%\Programs\SearchNewTab
  • %Program Files%\WebSearch
Files:
  • %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged\goyuy_0cwod@xs-pxhoflx.org\bootstrap.js
  • %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged\goyuy_0cwod@xs-pxhoflx.org\chrome.manifest
  • %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged\goyuy_0cwod@xs-pxhoflx.org\content\bg.js
  • %Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\staged\goyuy_0cwod@xs-pxhoflx.org\install.rdf
  • %Appdata%\Mozilla\Firefox\Profiles\profile.default\searchplugins\WebSearch.xml
  • %Desktop%\error.txt
  • %Local Appdata%\Google\Chrome\User Data\Default\Extensions\odnekongaepnmanaeblnkmfcdkekohbb\1\519b20edad18b3.21858289.js
  • %Local Appdata%\Google\Chrome\User Data\Default\Extensions\odnekongaepnmanaeblnkmfcdkekohbb\1\background.html
  • %Local Appdata%\Google\Chrome\User Data\Default\Extensions\odnekongaepnmanaeblnkmfcdkekohbb\1\content.js
  • %Local Appdata%\Google\Chrome\User Data\Default\Extensions\odnekongaepnmanaeblnkmfcdkekohbb\1\lsdb.js
  • %Local Appdata%\Google\Chrome\User Data\Default\Extensions\odnekongaepnmanaeblnkmfcdkekohbb\1\manifest.json
  • %Local Appdata%\Google\Chrome\User Data\Default\Extensions\odnekongaepnmanaeblnkmfcdkekohbb\1\newtab.html
  • %Local Appdata%\Google\Chrome\User Data\Default\Extensions\odnekongaepnmanaeblnkmfcdkekohbb\1\sqlite.js
  • %Recent%\error.lnk
  • %Common Appdata%\InstallMate\{7C1DD3C6-EA58-40FB-A210-A27AA7FEF130}\20130521111541.log
  • %Common Appdata%\InstallMate\{7C1DD3C6-EA58-40FB-A210-A27AA7FEF130}\Custom.dll
  • %Common Appdata%\InstallMate\{7C1DD3C6-EA58-40FB-A210-A27AA7FEF130}\Readme.txt
  • %Common Appdata%\InstallMate\{7C1DD3C6-EA58-40FB-A210-A27AA7FEF130}\Setup.dat
  • %Common Appdata%\InstallMate\{7C1DD3C6-EA58-40FB-A210-A27AA7FEF130}\Setup.exe
  • %Common Appdata%\InstallMate\{7C1DD3C6-EA58-40FB-A210-A27AA7FEF130}\Setup.ico
  • %Common Appdata%\InstallMate\{7C1DD3C6-EA58-40FB-A210-A27AA7FEF130}\TsuDll.dll
  • %Common Appdata%\InstallMate\{7C1DD3C6-EA58-40FB-A210-A27AA7FEF130}\_Setup.dll
  • %Common Appdata%\SearchNewTab\519b20edad3b4.dll
  • %Common Appdata%\SearchNewTab\519b20edad3b4.tlb
  • %Common Appdata%\SearchNewTab\settings.ini
  • %Common Appdata%\SearchNewTab\uninstall.exe
  • %Common Startmenu%\Programs\SearchNewTab\SearchNewTab.lnk
  • %Common Startmenu%\Programs\SearchNewTab\Uninstall.lnk
  • %Program Files%\WebSearch\sprotector.dll
  • %Program Files%\WebSearch\uninstall.exe

UnHackMe removes malware invisible for your antivirus!

Free Download

UnHackMe is compatible with most antivirus software.
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1. UnHackMe uses minimum of computer resources.

Testimonials:

Simon:
UnHackMe is a success where others have failed. We have used the software for sometime. Thank you for a great product, which actually works and we believe in the developers.

Bob:
The UnHackMe is a real program, no spyware or phish and works great and is easy to use. Enjoy!

Leave a Reply