AdvancedVirusRemover

AdvancedVirusRemover

Found: 
2009-06-09
Known system changes: 

Created Files

  • %Desktop%Advanced Virus Remover.lnk
  • %StartMenu%Advanced Virus Remover
  • %ApplicationData%Microsoft\Internet Explorer\Quick Launch\Advanced Virus Remover.lnk
  • %System%critical_warning.html
  • %StartMenu%Advanced Virus Remover.
  • %CommonDesktop%Advanced Virus Remover..lnk
  • %ApplicationData%Microsoft\Internet Explorer\Quick Launch\Advanced Virus Remover.
  • %Desktop%Advanced Virus Remover..lnk

Created Folders

  • %ProgramFiles%AdvancedVirusRemover
  • %CommonProgramFiles%AdvancedVirusRemover
  • %ProgramFiles%AdvancedVirusRemover

Registry Entries

  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
  • Value: DisableTaskMgr
  • Data: 1
  • Key: HKEY_CURRENT_USER\Software\AVR
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • Value: AdvancedVirusRemover
  • Data: C:\Program Files\AdvancedVirusRemover\PAVRM.exe
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  • Value: Advanced Virus Remover
  • Data: C:\Program Files\AdvancedVirusRemover\PAVRM.exe
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • Value: Advanced Virus Remover
  • Data: C:\Program Files\AdvancedVirusRemover\PAVRM.exe
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.advancedantivirus-f3b17fcbebec7212112d2fd84341346a
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop
  • Value: NoChangingWallpaper
  • Data: 1
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
  • Value: NoActiveDesktopChanges
  • Data: 1
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
  • Value: NoSetActiveDesktop
  • Data: 1
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  • Value: winupdate.exe
  • Data: C:\WINDOWS\system32\winupdate.exe