Allinonesecurityv.com

Allinonesecurityv.com Description

Allinonesecurityv.com is an untrustworthy security website that promotes the rogue anti-spyware tool Personal Antivirus. With the help of a Trojan, Allinonesecurityv.com is spread. The Trojan will redirect a victim's browser to hit Allinonesecurityv.com. Once Allinonesecurityv.com has been viewed, a scan that looks like a legitimate Windows explorer window will be conducted. The scan will report non-existent malware threats and recommend that the user purchase Personal Antivirus. Allinonesecurityv.com and Personal Antivirus are malicious programs that can be removed with a computer security tool.

Technical Information

File System Details

Allinonesecurityv.com creates the following file(s):
# File Name Detection Count
1 services.exe N/A
2 %UserProfile%\Application Data\Personal Antivirus\unins000.exe N/A
3 %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iv.exe N/A
4 PersonalAv.exe N/A
5 winlogon.exe N/A
6 %UserProfile%\Application Data\Microsoft\Windows\winlogon.exe N/A
7 %UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe N/A
8 PerAvir.exe N/A
9 c:\Program Files\Personal Antivirus\PerAvir.exe N/A
10 c:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus Home Page.lnk N/A
11 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Personal Antivirus.lnk N/A
12 %UserProfile%\Application Data\Personal Antivirus\uill.ini N/A
13 %UserProfile%\Application Data\Personal Antivirus\db\config.cfg N/A
14 %UserProfile%\Local Settings\Application Data\Microsoft\Windows\log.txt N/A
15 c:\Program Files\Personal Antivirus\activate.ico N/A
16 c:\Program Files\Personal Antivirus\uninstall.ico N/A
17 c:\Program Files\Personal Antivirus\db\DBInfo.ver N/A
18 c:\Program Files\Personal Antivirus\Languages N/A
19 c:\Program Files\Personal Antivirus\Languages\IAGer.lng N/A
20 %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iGSh.png N/A
21 c:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus N/A
22 c:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus\Purchase License.lnk N/A
23 %UserProfile%\Application Data\Personal Antivirus\settings.ini N/A
24 %UserProfile%\Application Data\Personal Antivirus\db N/A
25 %UserProfile%\Application Data\Personal Antivirus\db\Urls.inf N/A
26 c:\Program Files\Personal Antivirus N/A
27 c:\Program Files\Personal Antivirus\unins000.dat N/A
28 c:\Program Files\Personal Antivirus\db N/A
29 c:\Program Files\Personal Antivirus\db\ia080618x.db N/A
30 c:\Program Files\Personal Antivirus\Languages\IAFr.lng N/A
31 c:\WINDOWS\system32\log.txt N/A
32 %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iPSh.png N/A
33 c:\Documents and Settings\All Users\Desktop\Personal Antivirus.lnk N/A
34 c:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus.lnk N/A
35 %UserProfile%\Application Data\Personal Antivirus N/A
36 %UserProfile%\Application Data\Personal Antivirus\Uninstall Personal Antivirus.lnk N/A
37 %UserProfile%\Application Data\Personal Antivirus\db\Timeout.inf N/A
38 %UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini N/A
39 c:\Program Files\Personal Antivirus\Explorer.ico N/A
40 c:\Program Files\Personal Antivirus\working.log N/A
41 c:\Program Files\Personal Antivirus\db\ia080614.db N/A
42 c:\Program Files\Personal Antivirus\Languages\IAEs.lng N/A
43 c:\Program Files\Personal Antivirus\Languages\IAIt.lng N/A
44 %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iMSh.png N/A

Registry Details

Allinonesecurityv.com creates the following registry entry or registry entries:
Registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ITGRDENGINE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Personal Antivirus_is1
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "PrS"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Personal Antivirus"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ITGrdEngine