Windows Guard Pro
Windows Guard Pro is a fake spyware remover hailing from the same family as Ultimate System Guard, Windows Protection Suite, Malware Catcher, and others. The unregistered version of Windows Guard Pro spreads via browser-hijacking methods or through trojans that utilize security exploits in order to infiltrate your PC. Once active and running, Windows Guard Pro displays numerous fake and annoying pop-up windows claiming your computer is infected, or it will report various fabricated results after a counterfeit scan of your system. Either way, Windows Guard Pro will attempt to scare you into purchasing the full version of Windows Guard Pro.
File System Modifications
- The following files were created in the system:
# File Name 1 %Documents and Settings%\All Users\Application Data\9201 2 %Documents and Settings%\All Users\Application Data\9201\1527.mof 3 %Documents and Settings%\All Users\Application Data\9201\mozcrt19.dll 4 %Documents and Settings%\All Users\Application Data\9201\sqlite3.dll 5 %Documents and Settings%\All Users\Application Data\9201\unins000.dat 6 %Documents and Settings%\All Users\Application Data\9201\WindowsGP.exe 7 %Documents and Settings%\All Users\Application Data\9201\WINGP.ico 8 %Documents and Settings%\All Users\Application Data\9201\WINGPSys 9 %Documents and Settings%\All Users\Application Data\9201\WINGPSys\vd952342.bd 10 %Documents and Settings%\All Users\Application Data\WINGPSys 11 %Documents and Settings%\All Users\Application Data\WINGPSys\winpg.cfg 12 %Program Files%\Mozilla Firefox\searchplugins\search.xml 13 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Guard Pro.lnk 14 %UserProfile%\Application Data\Windows Guard Pro 15 %UserProfile%\Application Data\Windows Guard Pro\cookies.sqlite 16 %UserProfile%\Desktop\Windows Guard Pro.lnk 17 %UserProfile%\Start Menu\Programs\Windows Guard Pro.lnk 18 %UserProfile%\Start Menu\Windows Guard Pro.lnk
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "787917903"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Windows Guard Pro"HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes "URL" => http://search-gala.com/?&uid=7&q={searchTerms}HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}HKEY_CLASSES_ROOT\WindowsGP.DocHostUIHandlerHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Windows Guard Pro
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.