PUP.Optional.SProtect.A

malware No Comments

Dmitry Sokolov recommends UnHackMe!

UnHackMe is a powerful tool against malware.

UnHackMe quickly removes rootkits/malware/adware/browser hijack issues!

: Solved! 5 Stars (5 / 5)

PUP.Optional.SProtect.A also known as Generic5.AAFE, Win32:SProtector-A [PUP], Adware.BGuard.11.

Malware Analysis of PUP.Optional.SProtect.A

Created files:

%Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\bookmarkbackups\bookmarks-2013-09-11.json
%Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\extensions\ob2jeyiyj-at@rpadfosyyyo.com\bootstrap.js
%Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\extensions\ob2jeyiyj-at@rpadfosyyyo.com\chrome.manifest
%Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\extensions\ob2jeyiyj-at@rpadfosyyyo.com\content\bg.js
%Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\extensions\ob2jeyiyj-at@rpadfosyyyo.com\install.rdf
%Desktop%\error.txt
%Local Appdata%\Google\Chrome\User Data\Default\Extensions\eagomldojokcnajmekbhdamldkiacimk\5.10\AfOje0b.js
%Local Appdata%\Google\Chrome\User Data\Default\Extensions\eagomldojokcnajmekbhdamldkiacimk\5.10\background.html
%Local Appdata%\Google\Chrome\User Data\Default\Extensions\eagomldojokcnajmekbhdamldkiacimk\5.10\content.js
%Local Appdata%\Google\Chrome\User Data\Default\Extensions\eagomldojokcnajmekbhdamldkiacimk\5.10\lsdb.js
%Local Appdata%\Google\Chrome\User Data\Default\Extensions\eagomldojokcnajmekbhdamldkiacimk\5.10\manifest.json
%Local Appdata%\Google\Chrome\User Data\Default\Extensions\eagomldojokcnajmekbhdamldkiacimk\5.10\sqlite.js
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\0\36\7E7AFd01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\1\77\06D38d01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\1\C6\CD8CEd01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\2\2A\B31E8d01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\2\B7\76E9Fd01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\2\C3\71CF0d01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\3\A1\1B204d01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\3\F4\8BD61d01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\7\5C\5243Dd01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\7\C5\B1E06d01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\8\2C\72D2Ad01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\A\16\21CC5d01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\A\5B\C18DFd01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\C\3F\EA089d01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\C\04\6A14Cd01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\C\3C\4D230d01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\C\4C\F03CFd01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\C\8C\B0544d01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\E\CB\A88F8d01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\F\55\2B215d01
%Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\thumbnails\1debe8d57c1d428a2376a70c49a59c6a.png
%Temp%\00294823\7fMOgjP.dat
%Temp%\00294823\7fMOgjP.exe
%Temp%\00294823\eagomldojokcnajmekbhdamldkiacimk\AfOje0b.js
%Temp%\00294823\eagomldojokcnajmekbhdamldkiacimk\background.html
%Temp%\00294823\eagomldojokcnajmekbhdamldkiacimk\content.js
%Temp%\00294823\eagomldojokcnajmekbhdamldkiacimk\lsdb.js
%Temp%\00294823\eagomldojokcnajmekbhdamldkiacimk\manifest.json
%Temp%\00294823\eagomldojokcnajmekbhdamldkiacimk\sqlite.js
%Temp%\00294823\ob2jeyiyj-at@rpadfosyyyo.com\bootstrap.js
%Temp%\00294823\ob2jeyiyj-at@rpadfosyyyo.com\chrome.manifest
%Temp%\00294823\ob2jeyiyj-at@rpadfosyyyo.com\content\bg.js
%Temp%\00294823\ob2jeyiyj-at@rpadfosyyyo.com\install.rdf
%Temp%\00294823\r_wdaj.dll
%Temp%\00294823\r_wdaj.tlb
%Temp%\dd4.tmp
%Temp%\dd8.tmp
%Temp%\ddA.tmp
%Temp%\{89FF0652-F069-421B-A0F0-B84B521C24A4}\download_abort.ico
%Temp%\{89FF0652-F069-421B-A0F0-B84B521C24A4}\download_pause.ico
%Temp%\{89FF0652-F069-421B-A0F0-B84B521C24A4}\download_resume.ico
%Temp%\{89FF0652-F069-421B-A0F0-B84B521C24A4}\general_logo.jpg
%Temp%\{89FF0652-F069-421B-A0F0-B84B521C24A4}\hotfile_down.jpg
%Temp%\{89FF0652-F069-421B-A0F0-B84B521C24A4}\hotfile_up.jpg
%Temp%\{89FF0652-F069-421B-A0F0-B84B521C24A4}\x64\regsvr32.exe
%Temp%\{89FF0652-F069-421B-A0F0-B84B521C24A4}\x86\regsvr32.exe
%Common Appdata%\InstallMate\{89FF0652-F069-421B-A0F0-B84B521C24A4}\20130911105629.log
%Common Appdata%\InstallMate\{89FF0652-F069-421B-A0F0-B84B521C24A4}\Custom.dll
%Common Appdata%\InstallMate\{89FF0652-F069-421B-A0F0-B84B521C24A4}\Readme.txt
%Common Appdata%\InstallMate\{89FF0652-F069-421B-A0F0-B84B521C24A4}\Setup.dat
%Common Appdata%\InstallMate\{89FF0652-F069-421B-A0F0-B84B521C24A4}\Setup.exe
%Common Appdata%\InstallMate\{89FF0652-F069-421B-A0F0-B84B521C24A4}\Setup.ico
%Common Appdata%\InstallMate\{89FF0652-F069-421B-A0F0-B84B521C24A4}\TsuDll.dll
%Common Appdata%\InstallMate\{89FF0652-F069-421B-A0F0-B84B521C24A4}\_Setup.dll
%Common Appdata%\saveensharE\7fMOgjP.dat
%Common Appdata%\saveensharE\7fMOgjP.exe
%Common Appdata%\saveensharE\r_wdaj.dat
%Common Appdata%\saveensharE\r_wdaj.dll
%Common Appdata%\saveensharE\r_wdaj.tlb
%Program Files%\ss helper\sprotector.dll
%Program Files%\ss helper\uninstall.exe

Detected by UnHackMe:

SPROTECTOR.DLL
Default location: %PROGRAM FILES%\SS HELPER\SPROTECTOR.DLL

Written by 

Malware Hunter.

UnHackMe removes malware invisible for your antivirus!

Free Download

1
UnHackMe is compatible with most antivirus software.
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10. UnHackMe uses minimum of computer resources.

Tatva WordPress theme by IdeaBox

WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera