I'm throwing this up because it's something I ran into and I've found nothing on Google about it.
Threat Capability/intent:
Unknown
Effected OS's:
Windows 7 x64 (confirmed, but likely all versions of Windows)
Description:
Randomly a popup occur that says "Warning your computer is at risk of malware attacks". This popup appears to be triggered by Internet Explorer going to a new page. This can be any page, even known good ones. Clicking "Ok" shoots you to www1.simpleguardinsentinel.ln. The page instantly shows a status of a "scan" going through your hard drive.
Resident Files:
While there may be a program resident on the computer somewhere I have yet to find it. Files are likely protected from searches in Windows. Searching the registry reveals at least 3 registry entries. Deleting these entries appears to at least temporarily disable the malware.
Further Data Needed:
Searches of effected file system in Linux.
Further data on registry entries.
Further data on reaction of deleted registry entries/files (if applicable)(Number of reboots for return).
Notes:
If there is a better place to post this please point me to it.
Unfortunately I made the mistake of killing it before I fully examined it.
I do not know exactly where I picked it up initially, but will look to catch it again under a controlled environment unless further guidance is found. I want to say I accidently clicked an advertisement that I thought was a news article.