Home Malware Programs Rogue Anti-Spyware Programs iON Internet Security

iON Internet Security

Posted: April 9, 2013

Threat Metric

Threat Level: 10/10
Infected PCs: 169
First Seen: April 9, 2013
Last Seen: May 2, 2022
OS(es) Affected: Windows

iON Internet Security Screenshot 1iON Internet Security is a fake anti-malware scanner that detects legitimate names for PC threats such as worms and backdoor Trojans, but detects them regardless of whether or not they really are on your computer. Similar to scamware products like the unrelated System Care Antivirus or Vista AntiMalware 2010, iON Internet Security continues to interfere with your PC usage and detect fake threats until you pay for its registration – a process SpywareRemove.com malware researchers explicitly do not recommend as a way of resolving an iON Internet Security infection. Because iON Internet Security is incapable of fulfilling the functions that it claims to have and can interfere with the legitimate security functions of other programs, you should remove iON Internet Security with an actual anti-malware product whenever you find it installed on your computer.

iON Internet Security: the Anti-Virus Charge that Will Leave Your PC Sizzling

iON Internet Security is designed to look, but not act like an actual anti-malware scanner, with a fake system scan that displays predesignated lists of fake threats and a variety of inaccurate system alerts (such as pop-ups warning about the attempted theft of your personal information). SpywareRemove.com malware analysts' current review of iON Internet Security's fake anti-malware capabilities notes that iON Internet Security's pop-ups are worded with an unlikely level of informality that makes them unconvincing as actual system alerts. However, by contrast, iON Internet Security's system scans appear to use technical malware identifications (such as ZeroAccess.gb) that actually are used by various legitimate security companies.

iON Internet Security launches with Windows and will display these pop-ups and scans automatically. Other attacks by iON Internet Security and related PC threats may include browser hijacks to redirect your browser to hostile websites, as well as attempts to block other programs. Since SpywareRemove.com malware research team has failed to uncover any legitimate security functions linked to iON Internet Security, spending money on registering iON Internet Security (even in an attempt to uninstall or disable iON Internet Security) never should be attempted.

The Security Software that You Can Trust to Take Care of iON Internet Security

While iON Internet Security may resemble a legitimate anti-malware program externally, internally, iON Internet Security is no different from any other rogue AV product, and as such, iON Internet Security should be considered dangerous to your PC whenever its presence is confirmed. iON Internet Security will refuse to be uninstalled by the methods that would work on legitimate software, but real anti-malware applications shouldn't experience many obstacles in deleting iON Internet Security during a basic anti-malware scan.

In some cases, iON Internet Security or other PC threats may prevent you from using any anti-malware products that could disinfect your PC. To solve this blockade as quickly as possible, SpywareRemove.com malware experts generally recommend booting into Safe Mode or, if it's required, booting from a flash drive.

Aliases

Suspicious file [Panda]Mal/Sinowa-A [Sophos]MalCrypt.Indus! [Comodo]Backdoor.Win32.ZAccess.bvpw [Kaspersky]Generic Trojan [Panda]PSW.Banker.61.AI [AVG]Trojan-PWS.Banker.61 [Ikarus]Spyware/Win32.Bancos [AhnLab-V3]UnclassifiedMalware [Comodo]Win32:VB-PYB [Avast]a variant of Win32/Spy.Bancos.NPA [NOD32]Generic PWS.y!ctg [McAfee]Trj/CI.A [Panda]Generic32.WTV [AVG]W32/Foreign.AVWI!tr [Fortinet]
More aliases (36)

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%WINDIR%\Help\gbi.exe File name: gbi.exe
Size: 40.96 KB (40960 bytes)
MD5: 6a6cbe5193d829092be2e3ffddc95525
Detection count: 97
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\Help
Group: Malware file
Last Updated: April 10, 2013
394f19cb7fcf6dea4d9f10215b6fa25f File name: 394f19cb7fcf6dea4d9f10215b6fa25f
Size: 50.17 KB (50176 bytes)
MD5: 394f19cb7fcf6dea4d9f10215b6fa25f
Detection count: 74
Group: Malware file
Last Updated: April 10, 2013
13b85a92e4466b4454b235d765876320 File name: 13b85a92e4466b4454b235d765876320
Size: 320.01 KB (320012 bytes)
MD5: 13b85a92e4466b4454b235d765876320
Detection count: 72
Group: Malware file
Last Updated: April 10, 2013
bf37091630764b6d75364da2c6c9ca1b File name: bf37091630764b6d75364da2c6c9ca1b
Size: 518.14 KB (518144 bytes)
MD5: bf37091630764b6d75364da2c6c9ca1b
Detection count: 22
Group: Malware file
Last Updated: April 10, 2013
%AppData%\Microsoft\Protect\SysInit.exe File name: %AppData%\Microsoft\Protect\SysInit.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{RegistryKeys}Software\Microsoft\Windows\CurrentVersion\Run\SysInitHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "SysInit" = "%AppData%\Microsoft\Protect\SysInit.exe"

Additional Information

The following messages's were detected:
# Message
1Warning! Your computer is infected!
Highly possible that you may lose all the data.
Your personal data can get to third parties and all your files can be removed during the day and you can have other problems.

Loading...