InfoGuard

InfoGuard

Found: 
2011-03-01
Description: 

Win32.FraudTool.InfoGuard is a rogue anti-spyware application. It may give exaggerated threat reports on the compromised computer then ask the user to purchase a registered version to remove those reported threats.

Known system changes: 

Files

Folders

%ProgramFiles%\infoguard

RegistryEntries

Key: HKEY_CURRENT_USER\Software\infoguard
Key: HKEY_CURRENT_USER\Software\yinfoguard
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\infoguard
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\infoguard
Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Value: infoguardr
Data: "C:\Program Files\infoguard\infoguardrun.exe"