Malware Description:
Explorersecurityhelper.com is not a website dedicated to IE security, as it may sound like. On the contrary, Explorersecurityhelper.com is a malicious domain promoting a yet more hazardous fake anti-spyware application known as Personal Antivirus. The way Explorersecurityhelper.com pushes people into buying PAV rogue is as follows: it stealthily uses trojan viruses to hijack the web browsers on the targeted computer. As a result, your web searches and routine online activities will keep ending up on Explorersecurityhelper.com whether you like it or not. When you hit Explorersecurityhelper.com/block.php, you will see a window whose snapshot is shown below. It’s clear that Explorersecurityhelper.com tries to make it look like the site you are about to visit has been reported as insecure, which is expected to become the stimulus for pushing one of the buttons available on Explorersecurityhelper.com warning sign: Continue Unprotected or Get security software. Too bad both options take you basically nowhere because you will get again redirected to Personal Antivirus fraudulent page – this time, it’s the one meant for purchasing PAV commercial version which is proclaimed to be capable of protecting your PC. Do not get lured by the attractive design of Explorersecurityhelper.com and the adjacent web pages – they aim to get hold of your money and give nothing but a malware program in return. Please, see more information below.

Malware Type: Browser Hijackers

Malware Author: Innovagest2000 SL

Threat Level: Critical

Advice: Immediately remove and scan for additional malware

Explorersecurityhelper.com Hijacker Free Scanner and Remover: Download Now

Explorersecurityhelper.com Screenshots:

How to remove Explorersecurityhelper.com hijacker manually:
Manual removal of Explorersecurityhelper.com hijacker and attendant malware is feasible if you have sufficient expertise in dealing with program files, system processes, .dll files and registry entries.

The associated files to be deleted are listed below:

• %Documents and Settings%\All Users\Desktop\Personal Antivirus.lnk
• %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus
• %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus Home Page.lnk
• %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus.lnk
• %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus\Purchase License.lnk
• %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Personal Antivirus.lnk
• %UserProfile%\Application Data\Personal Antivirus
• %UserProfile%\Application Data\Personal Antivirus\settings.ini
• %UserProfile%\Application Data\Personal Antivirus\uill.ini
• %UserProfile%\Application Data\Personal Antivirus\unins000.exe
• %UserProfile%\Application Data\Personal Antivirus\Uninstall Personal Antivirus.lnk
• %UserProfile%\Application Data\Personal Antivirus\db
• %UserProfile%\Application Data\Personal Antivirus\db\config.cfg
• %UserProfile%\Application Data\Personal Antivirus\db\Timeout.inf
• %UserProfile%\Application Data\Personal Antivirus\db\Urls.inf
• %UserProfile%\Local Settings\Application Data\Microsoft\Windows\log.txt
• %UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini
• %UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe
• %Program Files%\Personal Antivirus
• %Program Files%\Personal Antivirus\activate.ico
• %Program Files%\Personal Antivirus\Explorer.ico
• %Program Files%\Personal Antivirus\PerAvir.exe
• %Program Files%\Personal Antivirus\unins000.dat
• %Program Files%\Personal Antivirus\uninstall.ico
• %Program Files%\Personal Antivirus\working.log
• %Program Files%\Personal Antivirus\db
• %Program Files%\Personal Antivirus\db\DBInfo.ver
• %Program Files%\Personal Antivirus\db\ia080614.db
• %Program Files%\Personal Antivirus\db\ia080618x.db
• %Program Files%\Personal Antivirus\Languages
• %Program Files%\Personal Antivirus\Languages\IAEs.lng
• %Program Files%\Personal Antivirus\Languages\IAFr.lng
• %Program Files%\Personal Antivirus\Languages\IAGer.lng
• %Program Files%\Personal Antivirus\Languages\IAIt.lng
• %WINDOWS%\system32\log.txt
• %UserProfile%\Application Data\Microsoft\Windows\winlogon.exe
• %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iGSh.png
• %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iMSh.png
• %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iPSh.png
• %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iv.exe
• %UserProfile%\Local Settings\Application Data\Microsoft\Windows\log.txt
• %UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini
• %UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe

The related registry entries to be removed are as follows:

• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Personal Antivirus_is1
• HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ITGRDENGINE
• HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ITGrdEngine
• HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer “PrS”
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Personal Antivirus”

Please, be aware that manual removal of Explorersecurityhelper.com hijacker is a cumbersome procedure and does not ensure complete deletion of the malware, due to the fact that some files might be hidden or may automatically reanimate themselves afterwards. Moreover, manual interference of this kind may cause damage to the system. That’s why we strongly recommend automatic removal of Explorersecurityhelper.com hijacker, which will save your time and enable avoiding any system malfunctions and guarantee the needed result.