Program:Win32/TopGuide

Program:Win32/TopGuide has been first recorded in December 2012, but can be recognized much faster by such older alias malware as Application/BoontyGames, Downloader.MisleadApp, and Win32.SuspectCrc!IK. This cyber criminal’s program is a browser helper object (BHO), which will be used to monitor your activities in the Web. Collected data on your search results, duration of time spent on specific sites and other browsing habits could then be used to flood your system with advertisements, selected accordingly to your needs. Do not even think that cyber criminals, sending these ads, will offer you anything useful, and if you decide to follow online purchase instructions, you could loose your money, disclose personal details, or even acquire more dangerous malware. An example of such malignant software is fake antispyware XP SecurityCenter, which will present with various, fictitious security notifications:

System Warning!
Self-restoring Trojan virus that can lead to total system crash has been detected on your PC. Click here to remove this harmful virus immediately with the latest version of XP SecurityCenter.

Warning!
XP SecurityCenter has found [XX] useless and UNWANTED files on your computer!
You need to register XP Security Center to clean unwanted files found. Click “register now” button below to obtain the license key and remove useless or compromising material from your PC.

Overall, Program:Win32/TopGuide cannot propagate itself, and it is highly likely to have your Windows attacked by this malignant application via infected CDs, USB drives, spam email attachments, IRC protocols or unreliable file sharing sites. Once inside a computer, the malignant program will be controlled by various malignant components, including those with randomly generated names, like PZnVIgKoWWgqhbl.exe. You should also be careful of cloaked malware files Boonty.exe and SmartTool.exe, as these two executables are most dangerous, and can be extremely harmful. SmartTool.exe can delete system’s processes, modify registry keys, link your system to remote servers, and Boonty.exe can steal information from autoexec.bat files, system’s contact databases. This executable is polymorphic, which could make it impossible for you to detect and remove Program:Win32/TopGuide as a whole.

Additionally, the dangerous BHO can monitor Internet Explorer openings, which would allow unauthorized redirections to websites selling products, ascertained by previously collected personal information. See a few examples of websites, which could be used to redirect you to purchase bogus products:

akmall.com/search/
.enuri.com/view
academic.naver.com
club.cyworld.com
hankyung.com
kr.blog.yahoo.com

You should rush to delete Program:Win32/TopGuide from your operating Windows system, because this dangerous browser helper object could breach your privacy and allow invasion of more treacherous malware. It might seem impossible to remove an infection, which does not have an interface, but you must do it right away! So, install automatic removal tools or delete the infection manually, and remember that you should choose a task appropriate to your previous experience.