Home Malware Programs Adware AdVPN


Posted: September 2, 2015

Threat Metric

Threat Level: 2/10
Infected PCs: 1,909
First Seen: September 2, 2015
Last Seen: January 22, 2023
OS(es) Affected: Windows

Although it may initially seem to be a reliable and legitimate application, you should know that AdVPN possesses all distinctive features of the Potentially Unwanted Programs (PUPs). Just like most of them, AdVPN is advertised in a way that should convince the users to install it. The creators of this tool describe it as a helpful program, which will allow the clients to surf across the cyberspace anonymously. The abbreviation VPN means Virtual Private Network. All that AdVPN does is rerouting you through various proxy servers. This process always contains some security risk as you can never be sure where you will land on. You may find yourself on some fraudulent pages and platforms that host unreliable or harmful software. AdVPN uses the bundling method for its distribution, which means that it may enter stealthily as an addition towards freeware. What is more, if you download this PUP directly, it may attempt to introduce additional questionable tools in your PC. AdVPN is responsible for the creation of some intrusive advertisements, which may bother you during your surfing sessions. The commercial materials take different shapes, including pop-ups, banners, videos and interstitial ads. Some ads may be cleverly placed into the text. AdVPN modifies the performance of all of the installed browsers at the same time, including Google Chrome, Mozilla Firefox and Internet Explorer. The PUP may replace your homepage with a low-quality search platform, designed to boost the traffic towards partner sites. AdVPN may be hard to remove manually, so the best way to get rid of it is with an anti-malware program.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

C:\Users\<username>\AppData\Local\Temp\7830064\ic-0.fa927fad85e35.exe File name: ic-0.fa927fad85e35.exe
Size: 2.91 MB (2915339 bytes)
MD5: 4799909b18c981db5ba980715a72a197
Detection count: 19
File type: Executable File
Mime Type: unknown/exe
Path: C:\Users\<username>\AppData\Local\Temp\7830064\ic-0.fa927fad85e35.exe
Group: Malware file
Last Updated: August 17, 2022

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{RegistryKeys}SOFTWARE\Microsoft\Tracing\AdVPN_RASAPI32SOFTWARE\Microsoft\Tracing\AdVPN_RASMANCSSOFTWARE\Wow6432Node\AdVPNSOFTWARE\Wow6432Node\Microsoft\Tracing\AdVpnProxyService_RASAPI32SOFTWARE\Wow6432Node\Microsoft\Tracing\AdVpnProxyService_RASMANCSSOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\AdVPNSYSTEM\ControlSet001\services\AdVPN ServiceSYSTEM\ControlSet001\services\AdVpnProxyServiceSYSTEM\ControlSet001\services\eventlog\AdVpnServiceLogSYSTEM\ControlSet002\services\AdVpnProxyServiceSYSTEM\ControlSet002\services\eventlog\AdVpnServiceLogSYSTEM\CurrentControlSet\services\AdVPN ServiceSYSTEM\CurrentControlSet\services\AdVpnProxyServiceSYSTEM\CurrentControlSet\services\eventlog\AdVpnServiceLogHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}AdVPNAdVpnProxyServiceAlto Cloud Media Ltd. AdVpnProxyService

Additional Information

The following directories were created: