Welcome to remove-malware.net

How to remove User Protection rogue anti-spyware

Malware Description:
User Protection is an awfully annoying program referring to the group of rogue antivirus applications, being a clone and successor of the infamous Dr. Guard malware. This one propagates through hacking into Social Engineering networks and via blackhat Search Engine Optimization tricks. The only thing needed for User Protection to install on to your computer is a tiny trojan that gets dropped without your knowledge. Therefore User Protection needs no approval of yours to infiltrate your PC and start messing it up. This rogue will typically affect your files and Windows Registry and will be sure to add some of its own items into Program Files directory. The malignant processes associated by User Protection will start running each time you log into Windows and will overrule the rest of your executables and applications. User Protection will by all means start popping up in the shape of bogus system tray alerts, fake virus infiltration warnings and counterfeit security scanners. All these ads will claim there is something amiss and you need some trusty and efficient antivirus tool to get your system protected and running smooth. No doubt User Protection fakes those alerts in order to encourage you to purchase the full commercial version of its software. It will keep rerouting your browser to web pages that indulge in selling User Protection license. What’s worse, User Protection usually prevents people from running antivirus utilities and other executables associated in any way with the legit computer defense. You might as well be unable to bring up your Task Manager and do a System Restore because User Protection distorts your Registry in such a way that these options appear to be blocked. So you might want to try booting into Safe Mode with Networking through F8 key (hit it during startup) and stick to the instructions we are providing further. Anyway, User Protection must not persevere on your machine otherwise it may damage your system and violate your privacy.

Malware Type: Rogue Anti-Spyware

Malware Author: Unknown

Threat Level: Critical

Advice: Immediately remove and scan for additional malware

User Protection Free Scanner and Remover: Download Now

User Protection Screenshot:

How to remove User Protection manually:
Manual removal of User Protection is a feasible objective if you have sufficient expertise in dealing with program files, processes, .dll files and registry entries.

The files to be deleted are listed below:

• %Documents and Settings%\[UserName]\Desktop\User Protection Support.lnk
• %Documents and Settings%\[UserName]\Desktop\User Protection.lnk
• %Documents and Settings%\[UserName]\Start Menu\Programs\User Protection
• %Documents and Settings%\[UserName]\Start Menu\Programs\User Protection\About.lnk
• %Documents and Settings%\[UserName]\Start Menu\Programs\User Protection\Activate.lnk
• %Documents and Settings%\[UserName]\Start Menu\Programs\User Protection\Buy.lnk
• %Documents and Settings%\[UserName]\Start Menu\Programs\User Protection\User Protection Support.lnk
• %Documents and Settings%\[UserName]\Start Menu\Programs\User Protection\User Protection.lnk
• %Documents and Settings%\[UserName]\Start Menu\Programs\User Protection\Scan.lnk
• %Documents and Settings%\[UserName]\Start Menu\Programs\User Protection\Settings.lnk
• %Documents and Settings%\[UserName]\Start Menu\Programs\User Protection\Update.lnk
• %Documents and Settings%\[UserName]\Application Data\Microsoft\Internet Explorer\Quick Launch\User Protection.lnk
• %Program Files%\User Protection
• %Program Files%\User Protection\about.ico
• %Program Files%\User Protection\activate.ico
• %Program Files%\User Protection\buy.ico
• %Program Files%\User Protection\drg.db
• %Program Files%\User Protection\drgext.dll
• %Program Files%\User Protection\drghook.dll
• %Program Files%\User Protection\help.ico
• %Program Files%\User Protection\scan.ico
• %Program Files%\User Protection\settings.ico
• %Program Files%\User Protection\splash.mp3
• %Program Files%\User Protection\uninstall.exe
• %Program Files%\User Protection\update.ico
• %Program Files%\User Protection\virus.mp3
• %Temp%\asr64_ldm.exe

The registry entries that need to be removed are as follows:

• HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\SimpleShlExt
• HKEY_CLASSES_ROOT\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}
• HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\SimpleShlExt
• HKEY_LOCAL_MACHINE\SOFTWARE\User Protection
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\User Protection
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr”
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “User Protection”
• HKEY_CLASSES_ROOT\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved “{5E2121EE-0300-11D4-8D3B-444553540000}”
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = “1″

Please, be aware that manual removal of User Protection is a cumbersome process and does not always ensure complete deletion of the malware, due to the fact that some files might be hidden or may get reanimated automatically afterwards. Moreover, manual interference of this kind may cause damage to the system. That’s why we strongly recommend automatic removal User Protection, which will save your time and enable avoiding any system malfunctions and guarantee the needed result.

Related Articles:

How to remove Windows Protection Suite rogue anti-spyware
How to remove Cyber Protection Center rogue anti-spyware
How to remove Antivirus Protection rogue anti-spyware
How to remove Total Security Protection Center rogue anti-spyware