Internet Security Guard is a rogue of the FakeVimes Family which replaces the Home Security Solutions.
The rogue uses the scare tactics of generating pop up fake alerts to get the users infected to purchase the rogue.
The FakeVimes rogues also hijacks the hosts file and sets a proxy in the Internet Options, Connections, Lan Settings which is used for Search Engine Results hijacking.
The FakeVimes family has also included in the registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Image File Execution Options, hundreds of entries of the different legitimate Antivirus companies executable files to block them from being able to be ran.
Files and Locations:
%ALLUSERSPROFILE%\<Random Named Folder>
%ALLUSERSPROFILE%\<Random Named folder>\<Random File Name>.exe
%ALLUSERSPROFILE%\<Random Named folder>\<Random File Name>.ico
%ALLUSERSPROFILE%\<Random Named folder>\Quarantine Items
%ALLUSERSPROFILE%\<Random Named folder>\<Random File Name>.cfg
%APPDATA%\ Internet Security Guard\Instructions.ini
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\ Internet Security Guard.lnk
There are ways of removing this manually, but we recommend using our malware removal tool, VIPRE Antivirus. You can download a free trial to remove Internet Security Guard from your PC for no cost by clicking on the link below:
http://www.vipreantivirus.com/Antivirus-Trial/VIPRE-Antivirus/
If you are unable to download and install our malware removal tool because the rogue has infected your PC and is not allowing you to install the program, you can use our VIPRE Rescue Disc here:
1 comment
That’s scary. These hijackers should stop creating these malwares.