Windows Guard Solutions Description
You should not be fooled by Windows Guard Solutions’ name and appearance; this supposed anti-virus application is really a malware infection that is part of the Rogue:FakeVimes family of malware. Windows Guard Solutions carries out the typical rogue anti-virus scam, using fake error messages to induce panic in its victims. Once the victim believes their computer is infected with malware, Windows Guard Solutions will attempt to convince the victim to purchase a useless upgrade for this fake security program. Windows Guard Solutions impersonates an actual security program and borrows heavily from the interfaces of common security applications. However, trying to use Windows Guard Solutions to fix a malware problem simply results in error messages claiming that an expensive “full version” of Windows Guard Solutions is needed to fix the problems.
While all of this may be annoying, a Windows Guard Solutions infection is often accompanied by other severe problems on the infected computer system. For example, a computer infected with Windows Guard Solutions will often become slow and unresponsive, crash frequently, and have problems connecting to the Internet. Because of this, Windows Guard Solutions should be removed immediately. To do this, ESG security analysts advise using a very strong anti-malware program, preferably with anti-rootkit capabilities.
Taking a Look at the Windows Guard Solutions Scam
The Windows Guard Solutions interface is made to resemble the interface for Microsoft Security Center and other common anti-virus programs. However, beyond Windows Guard Solutions’ capability to display error messages and its authentic-looking interface, ESG security researchers have not detected any actual anti-virus capabilities. The FakeVimes family of rogue anti-virus programs has been active in the wild since 2009 and Windows Guard Solutions belongs to a subdivision of this family released after 2012. Examples of clones of Windows Guard Solutions include Windows Antihazard Center>/a>, Windows Safety Manager and Windows Trojans Sleuth. Belonging to a more modern iteration of the FakeVimes family of malware, these fake security programs are often bundled with a rootkit component that can make their removal difficult. They will also severely decrease the infected computer’s security and cause browser redirects to websites associated with Windows Guard Solutions. Other ways in which the infected computer’s web browser can be affected include problems connecting to the Internet, in particular to websites related to computer security. When attempting to connect to these websites, an error message will be displayed instead.
Type: Rogue AntiSpyware Programs
How Can You Detect Windows Guard Solutions?
Download SpyHunter’s Detection Scanner
to Detect Windows Guard Solutions.
Windows Guard Solutions Technical Report
As new Windows Guard Solutions details are reported by our customers and findings from our Threat Research Center, we will update this section.
Fake message for Windows Guard Solutions:
The following fake error message(s) appears for Windows Guard Solutions:
Keylogger activity detected. System information security is at risk. It is recommended to activate protection and run a full system scan.
Attempt to run a potentially dangerous script detected.
Full system scan is a highly recommended.
Software without a digital signature detected.
Your system files are at risk. We strongly advise you to activate your protection.
‘How Windows Guard Solutions Infects Your Computer’ Video
Windows Guard Solutions Removal Details
Windows Guard Solutions has typically the following processes in memory:
- %AppData%\Inspector-[RANDOM CHARACTERS].exe
Windows Guard Solutions creates the following files in the system:
- %CommonPrograms%\Windows Guard Solutions.lnk
- %DesktopDir%\Windows Guard Solutions.lnk
Windows Guard Solutions creates the following registry entries:
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Inspector”