Guard Pro

Guard Pro is a deceptive security application that is distributed by malicious Trojans. Once Guard Pro is installed, it will create a registry entry to automatically execute it whenever Windows is started. Guard Pro will also will also conduct a fake scan of victims' systems, but will not remove any of the detected malware until the victim purchases the "full version" of the application. The numerous infections detected by Guard Pro are fabricated and not to be trusted. Guard Pro may also display pop-up adverts and virus alerts in order to trick users into thinking their computers are seriously infected with malware. Do not pay attention to any warning messages or recommendations to purchase Guard Pro.

File System Details

Guard Pro may create the following file(s):
# File Name Detections
1. %Documents and Settings%\[UserName]\Application Data\Guard Pro\mozcrt19.dll
2. sqlite3.dll
3. %Documents and Settings%\All Users\Application Data\117fc\VH339.exe
4. mozcrt19.dll
5. %Documents and Settings%\[UserName]\Application Data\Guard Pro\sqlite3.dll
6. %Documents and Settings%\[UserName]\Application Data\Guard Pro\BackUp
7. %Documents and Settings%\[UserName]\Application Data\Microsoft\Internet Explorer\Quick Launch\Guard Pro.lnk
8. %Documents and Settings%\[UserName]\Start Menu\Programs\Guard Pro.lnk
9. %Documents and Settings%\All Users\Application Data\VHMELHOOOK
10. %Documents and Settings%\[UserName]\Application Data\Guard Pro\cookies.sqlite
11. %Documents and Settings%\[UserName]\Application Data\Guard Pro\RootLib
12. %Documents and Settings%\[UserName]\Start Menu\Guard Pro.lnk
13. %Documents and Settings%\All Users\Application Data\117fc\VHOOK.ico
14. %Documents and Settings%\[UserName]\Application Data\Guard Pro
15. %Documents and Settings%\[UserName]\Application Data\Guard Pro\Quarantine Items
16. %Documents and Settings%\[UserName]\Desktop\Guard Pro.lnk
17. %Documents and Settings%\All Users\Application Data\117fc
18. %Documents and Settings%\All Users\Application Data\VHMELHOOOK\VHJJOOK.cfg

Registry Details

Guard Pro may create the following registry entry or registry entries:
HKEY_CLASSES_ROOT\trial_ca8cf.DocHostUIHandler
HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Guard Pro"
HKEY_CURRENT_USER\Software\3
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1?

Related Posts

Trending

Most Viewed

Loading...