After deep analysis of VANGUARD.EXE file we confidently state that it is harmful one and is worth immediate removal. It is implanted on the vulnerable computer by cyber crooks as a tool for evil plot implementation.
Make sure to regularly check your PC for unknown files presence because they sneak to the targeted PCs invisibly. All PC holders are at the risk group.
The short report of this malware analysis
Full path on a computer: %SysDir%\Vanguard.exeVANGUARD.EXE is known under the name of Trojan.Lypserat
In the process of installation it adds the following registry entries:
HKLM\Software\Microsoft\Active Setup\Installed Components\{51PRH-F2ER3-JV90G-1PXE8-DCQ9E}\StubPath: “%SysDir%\Vanguard.exe” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Vanguard Server: “%SysDir%\Vanguard.exe”
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Vanguard Server: “%SysDir%\Vanguard.exe”
The files are caused by this malware
%Temp%\CryptedFile.exe %SysDir%\Vanguard.exe
To neutralize its malicious activity, we recommend you to launch GridinSoft Trojan Killer, a reputable antivirus tool. It will remove this unwanted file and check your computer system for other insecure stuff.
No comments:
Post a Comment