GuardBytes Plus
Posted: December 10, 2014
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 10/10 |
---|---|
Infected PCs: | 9 |
First Seen: | December 10, 2014 |
---|---|
OS(es) Affected: | Windows |
GuardBytes Plus is a rogue anti-malware scanner based on the FakeRean template. This family of scamware is noteworthy for providing different skins for new brand names and referencing different versions of Windows. Although it includes a new appearance, GuardBytes Plus shows few 'under the hood' modifications from prior rogue software from its family. However, GuardBytes Plus still can mislead its victims with its fake security scans, pop-up alerts and file blocking attacks. Infected PCs should be scanned with anti-malware utilities from within a sterile environment to uninstall GuardBytes Plus and any other threats.
A Byte-Based Guard over Unlawful Incomes
GuardBytes Plus is a new change to previous templates based on the fraudulent anti-malware features of the FakeRean family such as Antivirus 2008 Pro, Antivirus XP 2008, Windows Antivirus 2008, Vista Antivirus 2008, PC Clean Pro, Antivirus Pro 2009, Rogue.Vista Antivirus 2008, AntiSpy Safeguard, ThinkPoint, Spyware Protection 2010, Internet Antivirus 2011, Palladium Pro, XP Anti-Virus 2011, CleanThis, XP Security 2012, XP Home Security 2012 and AntiVirus PRO 2015. Its skin promotes GuardBytes Plus as a new security product capable of identifying threats. In direct contrast to these aesthetics, GuardBytes Plus is unaffiliated with any real security company and has no real security functions.
GuardBytes Plus's most visible effects include a range of diverse, fraudulent system alerts, and its ability to mimic the system scans of real anti-malware products. While GuardBytes Plus may identify various threats by their technical names, GuardBytes Plus doesn't attempt to identify any actual infections on the host PC, and can't remove real threatening software of any type.
Malware experts also linked other attacks to GuardBytes Plus, including both other attempts at fraud and a variety of anti-security functions:
- GuardBytes Plus may modify your ability to launch other program files in ways that redirect you to more pop-up alerts.
- GuardBytes Plus may hijack multiple brands of Web browsers and block your access to various sites, including the domains of PC security companies.
- GuardBytes Plus may display a modified version of the Windows Security Center that includes false information promoting its services.
- Other programs also may be blocked automatically, including Windows security tools like wuauserv (the Windows Update manager).
GuardBytes Plus requests the payment of its registration fee before GuardBytes Plus can remove any threats that supposedly are causing the above issues, despite their actually originating from GuardBytes Plus, itself.
When Defending Your PC and Your Income Intersect
GuardBytes Plus's explicit attempt at fraud makes it obvious that PC users will need to continue to exercise vigilance over their machines if they want to avoid being lured into paying for a non-functional product. Although none of GuardBytes Plus's attacks are irreversible, GuardBytes Plus is likely to take steps to prevent you from deleting GuardBytes Plus or using legitimate security tools, as long as GuardBytes Plus is active. As a direct solution to such attacks, malware experts can recommend booting your PC through removable devices or using built-in security features like Safe Mode, which can disable GuardBytes Plus outright. Afterward, you can proceed with deleting GuardBytes Plus with the anti-malware tools of your choice.
In spite of the disruptive nature of its attacks, there's nothing to gain by purchasing GuardBytes Plus's registered version, and both money and sensitive information usually are lost in the process of doing so. If you're in a position of questioning the legitimacy of a security application, malware experts suggest that you trace the history of the brand name. You also can watch for all of the standard symptoms of scamware, as noted at length in this text.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%LOCALAPPDATA%\dtnlfnti.exe
File name: dtnlfnti.exeSize: 91.13 KB (91136 bytes)
MD5: dca219ee65cbe005a91ecd4ff96dddf5
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %LOCALAPPDATA%
Group: Malware file
Last Updated: December 10, 2014
Additional Information
# | Message |
---|---|
1 | GuardBytes Plus has blocked a program from accessing the internet - This program is infected with Trojan-BNK.Win32.Keylogger.gen Private data can be stolen by third parties, including credit card details and passwords |
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.