AdvancedVirusRemover
AdvancedVirusRemover
Found:
2009-06-09
Known system changes:
Created Files
- %Desktop%Advanced Virus Remover.lnk
- %StartMenu%Advanced Virus Remover
- %ApplicationData%Microsoft\Internet Explorer\Quick Launch\Advanced Virus Remover.lnk
- %System%critical_warning.html
- %StartMenu%Advanced Virus Remover.
- %CommonDesktop%Advanced Virus Remover..lnk
- %ApplicationData%Microsoft\Internet Explorer\Quick Launch\Advanced Virus Remover.
- %Desktop%Advanced Virus Remover..lnk
Created Folders
- %ProgramFiles%AdvancedVirusRemover
- %CommonProgramFiles%AdvancedVirusRemover
- %ProgramFiles%AdvancedVirusRemover
Registry Entries
- Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
- Value: DisableTaskMgr
- Data: 1
- Key: HKEY_CURRENT_USER\Software\AVR
- Value:
- Data:
- Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- Value: AdvancedVirusRemover
- Data: C:\Program Files\AdvancedVirusRemover\PAVRM.exe
- Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- Value: Advanced Virus Remover
- Data: C:\Program Files\AdvancedVirusRemover\PAVRM.exe
- Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- Value: Advanced Virus Remover
- Data: C:\Program Files\AdvancedVirusRemover\PAVRM.exe
- Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.advancedantivirus-f3b17fcbebec7212112d2fd84341346a
- Value:
- Data:
- Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop
- Value: NoChangingWallpaper
- Data: 1
- Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
- Value: NoActiveDesktopChanges
- Data: 1
- Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
- Value: NoSetActiveDesktop
- Data: 1
- Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- Value: winupdate.exe
- Data: C:\WINDOWS\system32\winupdate.exe