Allinonesecurityv.com Description
Allinonesecurityv.com is an untrustworthy security website that promotes the rogue anti-spyware tool Personal Antivirus. With the help of a Trojan, Allinonesecurityv.com is spread. The Trojan will redirect a victim's browser to hit Allinonesecurityv.com. Once Allinonesecurityv.com has been viewed, a scan that looks like a legitimate Windows explorer window will be conducted. The scan will report non-existent malware threats and recommend that the user purchase Personal Antivirus. Allinonesecurityv.com and Personal Antivirus are malicious programs that can be removed with a computer security tool.
Technical Information
File System Details
Allinonesecurityv.com creates the following file(s):
| # | File Name | Detection Count |
|---|---|---|
| 1 | services.exe | N/A |
| 2 | %UserProfile%\Application Data\Personal Antivirus\unins000.exe | N/A |
| 3 | %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iv.exe | N/A |
| 4 | PersonalAv.exe | N/A |
| 5 | winlogon.exe | N/A |
| 6 | %UserProfile%\Application Data\Microsoft\Windows\winlogon.exe | N/A |
| 7 | %UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe | N/A |
| 8 | PerAvir.exe | N/A |
| 9 | c:\Program Files\Personal Antivirus\PerAvir.exe | N/A |
| 10 | c:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus Home Page.lnk | N/A |
| 11 | %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Personal Antivirus.lnk | N/A |
| 12 | %UserProfile%\Application Data\Personal Antivirus\uill.ini | N/A |
| 13 | %UserProfile%\Application Data\Personal Antivirus\db\config.cfg | N/A |
| 14 | %UserProfile%\Local Settings\Application Data\Microsoft\Windows\log.txt | N/A |
| 15 | c:\Program Files\Personal Antivirus\activate.ico | N/A |
| 16 | c:\Program Files\Personal Antivirus\uninstall.ico | N/A |
| 17 | c:\Program Files\Personal Antivirus\db\DBInfo.ver | N/A |
| 18 | c:\Program Files\Personal Antivirus\Languages | N/A |
| 19 | c:\Program Files\Personal Antivirus\Languages\IAGer.lng | N/A |
| 20 | %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iGSh.png | N/A |
| 21 | c:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus | N/A |
| 22 | c:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus\Purchase License.lnk | N/A |
| 23 | %UserProfile%\Application Data\Personal Antivirus\settings.ini | N/A |
| 24 | %UserProfile%\Application Data\Personal Antivirus\db | N/A |
| 25 | %UserProfile%\Application Data\Personal Antivirus\db\Urls.inf | N/A |
| 26 | c:\Program Files\Personal Antivirus | N/A |
| 27 | c:\Program Files\Personal Antivirus\unins000.dat | N/A |
| 28 | c:\Program Files\Personal Antivirus\db | N/A |
| 29 | c:\Program Files\Personal Antivirus\db\ia080618x.db | N/A |
| 30 | c:\Program Files\Personal Antivirus\Languages\IAFr.lng | N/A |
| 31 | c:\WINDOWS\system32\log.txt | N/A |
| 32 | %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iPSh.png | N/A |
| 33 | c:\Documents and Settings\All Users\Desktop\Personal Antivirus.lnk | N/A |
| 34 | c:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus.lnk | N/A |
| 35 | %UserProfile%\Application Data\Personal Antivirus | N/A |
| 36 | %UserProfile%\Application Data\Personal Antivirus\Uninstall Personal Antivirus.lnk | N/A |
| 37 | %UserProfile%\Application Data\Personal Antivirus\db\Timeout.inf | N/A |
| 38 | %UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini | N/A |
| 39 | c:\Program Files\Personal Antivirus\Explorer.ico | N/A |
| 40 | c:\Program Files\Personal Antivirus\working.log | N/A |
| 41 | c:\Program Files\Personal Antivirus\db\ia080614.db | N/A |
| 42 | c:\Program Files\Personal Antivirus\Languages\IAEs.lng | N/A |
| 43 | c:\Program Files\Personal Antivirus\Languages\IAIt.lng | N/A |
| 44 | %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iMSh.png | N/A |
Registry Details
Allinonesecurityv.com creates the following registry entry or registry entries:
Registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ITGRDENGINE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Personal Antivirus_is1
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "PrS"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Personal Antivirus"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ITGrdEngine