Guard Pro
Guard Pro is a dangerous program that will disguise as computer security protection software. Guard Pro spreads typically over the Internet and promoted on its own fake security web sites. This web site is equipped with a malicious script that will instantly download and install Guard Pro on visitor’s computer. When installed successfully, Guard Pro virus will display fake warning messages. A fake Guard Pro virus scanner will also start automatically. It scans the system and exhibits numerous threats. Then it prompts users to remove these threats but will proceed after payment to registration key has made. Hitting the “remove” button from Guard Pro’s console will redirect user to a payment websites where a fraudulent transaction will take place.
After spending for this useless program, the threat persists and the removal of from Guard Pro is still impossible. Guard Pro is the real threat that exists on computer that must be dealt with great concern. To remove Guard Pro, you can use a combination of legitimate free anti-malware and antivirus tool. This will not only remove Guard Pro, but also infected files and registry entries related to it.
Screen Shot Image:
Technical Details and Additional Information:
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7
[expand title="Show More Details" swaptitle="Hide Details"]
Characteristics (Analysis)
Guard Pro is a fake security application. Rogues are not like Trojans and viruses that reproduce once it infects the system. Guard Pro usually spreads by means of Trojan infection. Once inside the computer, it alters system and Internet browser’s settings. This rogue runs automatically every time Windows starts by adding the following registry entry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “Guard Pro” “VH339.exe”(or random characters[.exe])
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Guard Pro"
HKEY_CURRENT_USER\Software\3
HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_CLASSES_ROOT\trial_ca8cf.DocHostUIHandler
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
Associated Files and Folders:C:\Documents and Settings\All Users\Application Data\221gv C:\Documents and Settings\All Users\Application Data\221gv\VH339.exe C:\Documents and Settings\All Users\Application Data\221gv\VHOOK.ico C:\Documents and Settings\All Users\Application Data\VHMELHOOOK C:\Documents and Settings\All Users\Application Data\VHMELHOOOK\VHJJOOK.cfg %UserProfile%\Application Data\Guard Pro %UserProfile%\Application Data\Guard Pro\cookies.sqlite %UserProfile%\Application Data\Guard Pro\mozcrt19.dll %UserProfile%\Application Data\Guard Pro\sqlite3.dll %UserProfile%\Application Data\Guard Pro\BackUp %UserProfile%\Application Data\Guard Pro\Quarantine Items %UserProfile%\Application Data\Guard Pro\RootLib %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Guard Pro.lnk %UserProfile%\Desktop\Guard Pro.lnk %UserProfile%\Start Menu\Guard Pro.lnk %UserProfile%\Start Menu\Programs\Guard Pro.lnk
How to Remove Guard Pro
1. Kill any running process that belongs to Guard Pro.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for the following files and click End Task.
VH339.exe
2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit. This will open registry editor.
- Find and delete the following:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Guard Pro"
- Close registry editor. Changes made will be save automatically.
3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please Update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.
4. Delete all files dropped by Guard Pro.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Associated Files and Folders.'
Comments and Suggestions
On this area you can find Visitor's personal suggestions. We cannot control and evaluate each recommended procedure from visitors so please use it at your own risks. If your inquiry pertains to Guard Pro payment refund or lost serial key, kindly check the FAQ for rogue program first.
Disclaimer:
Read our article disclaimer about Guard Pro.