Jan 25

Malware Protection Center Rogue of the FakeVimes Family

Malware Protection Center is a rogue of the FakeVimes Family which replaces the Home Security Solutions.

The rogue uses the scare tactics of generating pop up fake alerts to get the users infected to purchase the rogue.

The FakeVimes rogues also at times hijacks the hosts file and sets a proxy in the Internet Options, Connections, Lan Settings which is used for Search Engine Results hijacking.

The FakeVimes family has also included in the registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Image File Execution Options, hundreds of entries of the different legitimate Antivirus companies executable files to block them from being able to be ran.

Malware Protection Center GUI

Files and Locations:
%ALLUSERSPROFILE%\<Random Named Folder>
%ALLUSERSPROFILE%\<Random Named folder>\<Random File Name>.exe
%ALLUSERSPROFILE%\<Random Named folder>\<Random File Name>.ico
%ALLUSERSPROFILE%\<Random Named folder>\Quarantine Items
%ALLUSERSPROFILE%\<Random Named folder>\<Random File Name>.cfg
%APPDATA%\ Internet Security Guard\Instructions.ini
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\ Internet Security Guard.lnk

There are ways of removing this manually, but we recommend using our malware removal tool, VIPRE Antivirus. You can download a free trial to remove Malware Protection Centerfrom your PC for no cost by clicking on the link below:


If you are unable to download and install our malware removal tool because the rogue has infected your PC and is not allowing you to install the program, you can use our VIPRE Rescue Disc here:


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>