Windows Security Tutorials - Herong's Tutorial Examples
Dr. Herong Yang, Version 3.00

Antivirus System PRO

This chapter provides some notes on removing Antivirus System PRO infection. Topics include Antivirus System PRO fake security alert; malicious programs sysguard.exe and iehelper.dll; related backdoor trojans: pp10.exe and ld12.exe.

Antivirus System PRO - Fake Security Alert

Antivirus System PRO - Task Bar Icon Message

Malicious Progarm - WinSpywareProtect sysguard.exe

Malicious Programs - pp10.exe and ld12.exe

IE BHO - iehelper.dll

Faked Host Name - 209.44.111.62

Malicious System Service - drv.dll and drv.sys

Conclusion:

  • Antivirus System PRO can infect local systems through malicious Websites.
  • Antivirus System PRO uses fake security alerts to scare users to purchase this program.
  • Antivirus System PRO uses fake host names, like surety.microsoft.com, linking to IP address 209.44.111.62.
  • Antivirus System PRO installs two files %SYSTEMROOT%\sysguard.exe and %SYSTEMROOT%\system32\iehelper.dll.
  • Antivirus System PRO may be bundled with other virus programs, pp10.exe, ld12.exe, drv.dll, etc.

Table of Contents

 About This Windows Security Book

 Windows 8: System Security Review

 Windows 8: System Security Protection

 Windows 8 System Recovery

 Windows 8 Defender for Real-Time Protection

 Windows 7: System Security Review

 Windows 7: System Security Protection

 Windows 7 System Recovery

 Windows 7 Forefront Client Security

 Norton Power Eraser - Anti-Virus Scan Tool

 McAfee Virus and Malware Protection Tools

 Spybot - Spyware Blocker, Detection and Removal

 Keeping Firefox Secure

 Keeping IE (Internet Explorer) Secure

 Malware (Adware, Spyware, Trojan, Worm, and Virus)

 HijackThis - Browser Hijacker Diagnosis Tool

 IE Add-on Program Listing and Removal

 "Conduit Search" - Malware Detection and Removal

 "Tube Dimmer", "Scorpion Saver" or "Adpeak" Malware

 Malware Manual Removal Experience

 Vundo (VirtuMonde/VirtuMundo) - vtsts.dll Removal

 Trojan and Malware "Puper" Description and Removal

 VSToolbar (VSAdd-in.dll) - Description and Removal

 PWS (Password Stealer) Trojan Infection Removal

 MS08-001 Vulnerability on Windows Systems

Antivirus System PRO

 References

 PDF Printing Version

Dr. Herong Yang, updated in 2013
Antivirus System PRO