AntivirusPlus

Lavasoft Malware Lab's Rogue Gallery
What's a Rogue?
Latest - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z - Submit a Rogue

AntivirusPlus

Found: 
2008-12-11
Known system changes: 

Created Files

  • %System%avp.id
  • %Windir%system\cmd
  • %Desktop%Antivirus Plus.lnk
  • %Desktop%AntiVirus Plus..lnk
  • %ApplicationData%Microsoft\Internet Explorer\Quick Launch\AntiVirus Plus.
  • %System%dmns.cfg
  • %CommonStartUp%AntiVirus Plus.lnk
  • %ApplicationData%Microsoft\Internet Explorer\Quick Launch\AntiVirus Plus.lnk

Created Folders

  • %ProgramFiles%Antivirus Plus
  • %CommonPrograms%Antivirus Plus
  • %CommonStartMenu%Programs\Antivirus Plus
  • %Desktop%Antivirus Plus.
  • %StartMenu%Programs\AntiVirus Plus

Registry Entries

  • Key: HKEY_CLASSES_ROOT\CLSID\{D032570A-5F63-4812-A094-87D007C23012}
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D032570A-5F63-4812-A094-87D007C23012}
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
  • Value: C:\WINDOWS\system\dop.exe
  • Data: C:\WINDOWS\system\dop.exe:*:Enabled:se
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
  • Value: C:\WINDOWS\system\rundll32.exe
  • Data: C:\WINDOWS\system\rundll32.exe:*:Enabled:rundll32
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
  • Value: C:\WINDOWS\system\se.exe
  • Data: C:\WINDOWS\system\se.exe:*:Enabled:se
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  • Value: se
  • Data: C:\WINDOWS\system\se.exe
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  • Value: shell
  • Data: C:\WINDOWS\system\rundll32.exe 00001
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
  • Value: C:\WINDOWS\system\dop.exe
  • Data: C:\WINDOWS\system\dop.exe:*:Enabled:se
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
  • Value: C:\WINDOWS\system\rundll32.exe
  • Data: C:\WINDOWS\system\rundll32.exe:*:Enabled:rundll32
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
  • Value: C:\WINDOWS\system\se.exe
  • Data: C:\WINDOWS\system\se.exe:*:Enabled:se
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  • Value: shell
  • Data: C:\WINDOWS\system\rundll32.exe
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  • Value: shell
  • Data: C:\WINDOWS\system\kernel32.exe 90001
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  • Value: shell
  • Data: C:\WINDOWS\system\rundll32.exe 70100
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
  • Value: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\installer_70100.exe
  • Data: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\installer_70100.exe:*:Enabled:installer
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
  • Value: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\installer_70100.exe
  • Data: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\installer_70100.exe:*:Enabled:installer
  • Key: HKEY_CLASSES_ROOT\CLSID\{B035573A-5F43-4862-A194-87D027C63012}
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B035573A-5F43-4862-A194-87D027C63012}
  • Value:
  • Data:
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  • Value: shell
  • Data: C:\WINDOWS\system\rundll32.exe 70154
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  • Value: svchost
  • Data: C:\WINDOWS\system\svchost.exe
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • Value: AntiVirus Plus
  • Data: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\AntiVirus Plus.70106.exe
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  • Value: shell
  • Data: C:\WINDOWS\system\rundll32.exe 1
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
  • Value: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\4d27bd17e7ddfc8d1b3434ed7d37ceed.exe
  • Data: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\4d27bd17e7ddfc8d1b3434ed7d37ceed.exe:*:Enabled:rundll32
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
  • Value: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\installer_1.exe
  • Data: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\installer_1.exe:*:Enabled:installer *
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
  • Value: C:\WINDOWS\system\svchost.exe
  • Data: C:\WINDOWS\system\svchost.exe:*:Enabled:svchost
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
  • Value: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\4d27bd17e7ddfc8d1b3434ed7d37ceed.exe
  • Data: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\4d27bd17e7ddfc8d1b3434ed7d37ceed.exe:*:Enabled:rundll32
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
  • Value: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\installer_1.exe
  • Data: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\installer_1.exe:*:Enabled:installer *
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
  • Value: C:\WINDOWS\system\svchost.exe
  • Data: C:\WINDOWS\system\svchost.exe:*:Enabled:svchost
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
  • Value: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\fraudtool.win32.exe
  • Data: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\fraudtool.win32.exe:*:Enabled:rundll32
  • Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
  • Value: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\fraudtool.win32.exe
  • Data: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\fraudtool.win32.exe:*:Enabled:rundll32
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • Value: AntiVirus Plus
  • Data: C:\Program Files\AntiVirus Plus\AntiVirus Plus.1.exe

Lavasoft is the maker of Ad-Aware, the world's most popular anti-malware software with over 450 million downloads.
© 2023 Lavasoft. All rights reserved.
Terms Of Use |   Privacy Policy


x

Our best antivirus yet!

Fresh new look. Faster scanning. Better protection.

Enjoy unique new features, lightning fast scans and a simple yet beautiful new look in our best antivirus yet!

For a quicker, lighter and more secure experience, download the all new adaware antivirus 12 now!

Download adaware antivirus 12
No thanks, continue to lavasoft.com
close x

Discover the new adaware antivirus 12

Our best antivirus yet

Download Now