Home Malware Programs Rogue Anti-Spyware Programs WiniGuard


Posted: October 20, 2008

Threat Metric

Threat Level: 10/10
Infected PCs: 16
First Seen: July 24, 2009
Last Seen: January 10, 2019
OS(es) Affected: Windows

WiniGuard is a fake anti-spyware application that is usually downloaded and installed by a Trojan. WiniGuard is also known to be installed without your permission through a browser security hole or directly from a malicious website that advertises the WiniGuard program. After WiniGuard is installed it starts displaying numerous popups and notifications that are all bogus. This is a poor attempt by WiniGuard to get you to purchase a full version of WiniGuard which will result in your lose of money. WiniGuard is associated with the Zlob Trojan and may be difficult to manually remove in many cases.


WiniGuard [Sunbelt]Mal/Generic-A [Sophos]High Risk Fraudulent Security Program [Prevx1]Generic Trojan [Panda]Trojan:Win32/Insebro.A [Microsoft]Trojan.Win32.Malware.1 [K7AntiVirus]Trojan.Generic [Ikarus]Win32/VMalum.EVXS [eTrust-Vet]Trojan.Fakealert.3829 [DrWeb]Trojan.Insebro.a [CAT-QuickHeal]Trojan.Generic.1245046 [BitDefender]Downloader.Agent.APUE [AVG]TR/Insebro.A [AntiVir]Win-Trojan/Xema.variant [AhnLab-V3]PAK_Generic.001 [TrendMicro]
More aliases (40)

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to WiniGuard may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

cfrog.exe File name: cfrog.exe
Size: 13.31 KB (13312 bytes)
MD5: 6f2e7ae0d178b933f20942ca70ee69e1
Detection count: 54
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
winiguard_installer[1].exe File name: winiguard_installer[1].exe
Size: 3.46 MB (3467396 bytes)
MD5: 1963a655091d18a2358b9ccfcbcdea6a
Detection count: 52
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
logaes.dll File name: logaes.dll
Size: 30.72 KB (30720 bytes)
MD5: 85bb5ff18b6d809c876e561438e646da
Detection count: 50
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
LinkSave.dll File name: LinkSave.dll
Size: 45.05 KB (45056 bytes)
MD5: 31632e99e78d2d77969b83f8c6e0caa9
Detection count: 41
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009

Registry Modifications

The following newly produced Registry Values are:

Directory%ProgramFiles%\Innovagest 2000 SL\WiniGuard

Additional Information

The following cookies were detected:


  • justin says:

    i deleted all the winigaurd files and the reg files but i am still getting a winigaurd ap pop up saying it detected an infection then it asks if i want winigaurd to take care of it. I also get a pop up saying my memory is low, i think it might have to do with winigaurd. Any suggestions on how to get rid of this?

  • jordan says:

    i made the mistake of downloading this malicious software.
    i tried removing it through the traditional way: by uninstalling it. but it is still in the tray down the bottom right! iv done search after search, but i cannot find the files and programes that are supposed to exist for this software. i have windows vista, un updated because of other problems with the microsoft updates.