XPPoliceAntivirus
XPPoliceAntivirus
Found:
2009-01-28
Known system changes:
Created Files
- %Desktop%XP Police Antivirus.lnk
- %StartMenu%XP Police Antivirus.lnk
- %Desktop%XP Police Antivirus..lnk
Created Folders
- %ProgramFiles%XPPoliceAntivirus
Registry Entries
- Key: HKEY_CLASSES_ROOT\Interface\{967A494A-6AEC-4555-9CAF-FA6EB00ACF91}
- Value:
- Data:
- Key: HKEY_CLASSES_ROOT\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}
- Value:
- Data:
- Key: HKEY_CURRENT_USER\Control Panel\don't load
- Value: scui.cpl
- Data: No
- Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
- Value: DisableRegistryTools
- Data: 1
- Key: HKEY_CURRENT_USER\Software\XP Police Antivirus
- Value:
- Data:
- Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- Value: PoliceAV
- Data: C:\Program Files\XPPoliceAntivirus\xppolice.exe
- Key: HKEY_CLASSES_ROOT\CLSID\{b6b571fb-b71d-449c-ad70-82e966328795}
- Value:
- Data:
- Key: HKEY_CLASSES_ROOT\TypeLib\{16406580-14CE-4441-B904-AD56CC8064CA}
- Value:
- Data:
- Key: HKEY_CLASSES_ROOT\WinApp.WinSafe
- Value:
- Data:
- Key: HKEY_CLASSES_ROOT\WinApp.WinSafe.1
- Value:
- Data:
- Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b6b571fb-b71d-449c-ad70-82e966328795}
- Value:
- Data:
- Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
- Value: DisableTaskMgr
- Data: 1
- Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- Value: PoliceAV
- Data: C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\fe3700b340ca47362573c9200a8976d4.exe