1. Symantec/
  2. Security Response/
  3. AdvancedXPFixer

AdvancedXPFixer

Updated:
May 22, 2008 12:54:07 PM
Type:
Misleading Application
Name:
AdvancedXPFixer
Version:
2.1.0.1
Publisher:
AdvancedXPFixer.com
Risk Impact:
Medium
Systems Affected:
Windows
Behavior
The program must be manually installed. It can be downloaded from the following location:
AdvancedXPFixer.com

The program reports false or exaggerated system security threats on the computer.





The user is then prompted to pay for a full license of the application in order to remove the errors.





Installation
When the program is executed, it creates the following folder:
%UserProfile%\Application Data\AXPFixer

It then creates the following files:
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\AXPFixer.lnk
  • C:\Documents and Settings\All Users\Desktop\AXPFixer.lnk
  • C:\Documents and Settings\All Users\Start Menu\Programs\Advanced XP Fixer\Advanced XP Fixer.lnk
  • C:\Documents and Settings\All Users\Start Menu\Programs\Advanced XP Fixer\How to Register Advanced XP Fixer.lnk
  • C:\Documents and Settings\All Users\Start Menu\Programs\Advanced XP Fixer\License Agreement.lnk
  • C:\Documents and Settings\All Users\Start Menu\Programs\Advanced XP Fixer\Register Advanced XP Fixer.lnk
  • C:\Documents and Settings\All Users\Start Menu\Programs\Advanced XP Fixer\Uninstall.lnk
  • C:\Documents and Settings\All Users\Start Menu\Programs\Advanced XP Fixer.lnk
  • %ProgramFiles%\AXPFixer\AXPFixer.exe
  • %ProgramFiles%\AXPFixer\AXPFixer.exe.local
  • %ProgramFiles%\AXPFixer\AXPFixerSkin.dll
  • %ProgramFiles%\AXPFixer\database.dat
  • %ProgramFiles%\AXPFixer\license.txt
  • %ProgramFiles%\AXPFixer\MFC71.dll
  • %ProgramFiles%\AXPFixer\MFC71ENU.DLL
  • %ProgramFiles%\AXPFixer\msvcp71.dll
  • %ProgramFiles%\AXPFixer\msvcr71.dll
  • %ProgramFiles%\AXPFixer\Uninstall.exe


Next, the program creates the following registry entry so that it executes whenever Windows starts:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"AXPFixer" = "C:\Program Files\AXPFixer\AXPFixer.exe"


It also creates the following registry subkeys:
  • HKEY_LOCAL_MACHINE\SOFTWARE\AXPFixer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AXPFixer

Similar Security Risks
WinIFixer

Summary| Technical Details| Removal

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube