Antiviruspowerfulscanv2.com
Antiviruspowerfulscanv2.com is a rogue website promoting the fake spyware remover called Personal Antivirus. Affiliated trojans infiltrate the system through security exploits in order to alter browser settings, causing redirection of web-surfing activities to the antiviruspowerfulscanv2.com domain. Here the compromised machine is subject to a false online scan that will typically report fabricated infection threats in order to intimidate the user into purchasing and installing the rogue anti-spyware program Personal Antivirus.
File System Details
Antiviruspowerfulscanv2.com may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe | |
| 2. | %UserProfile%\Application Data\Personal Antivirus\unins000.exe | |
| 3. | %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iv.exe | |
| 4. | %Program Files%\Personal Antivirus\PerAvir.exe | |
| 5. | %UserProfile%\Application Data\Microsoft\Windows\winlogon.exe | |
| 6. | %Program Files%\Personal Antivirus\unins000.dat | |
| 7. | %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus | |
| 8. | %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus\Purchase License.lnk | |
| 9. | %UserProfile%\Application Data\Personal Antivirus\settings.ini | |
| 10. | %UserProfile%\Application Data\Personal Antivirus\db | |
| 11. | %UserProfile%\Application Data\Personal Antivirus\db\Urls.inf | |
| 12. | %Program Files%\Personal Antivirus | |
| 13. | %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iMSh.png | |
| 14. | %Program Files%\Personal Antivirus\db | |
| 15. | %Program Files%\Personal Antivirus\db\ia080618x.db | |
| 16. | %Program Files%\Personal Antivirus\Languages\IAFr.lng | |
| 17. | %Program Files%\Personal Antivirus\Explorer.ico | |
| 18. | %Documents and Settings%\All Users\Desktop\Personal Antivirus.lnk | |
| 19. | %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus.lnk | |
| 20. | %UserProfile%\Application Data\Personal Antivirus | |
| 21. | %UserProfile%\Application Data\Personal Antivirus\Uninstall Personal Antivirus.lnk | |
| 22. | %UserProfile%\Application Data\Personal Antivirus\db\Timeout.inf | |
| 23. | %UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini | |
| 24. | %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iGSh.png | |
| 25. | %Program Files%\Personal Antivirus\working.log | |
| 26. | %Program Files%\Personal Antivirus\db\ia080614.db | |
| 27. | %Program Files%\Personal Antivirus\Languages\IAEs.lng | |
| 28. | %Program Files%\Personal Antivirus\Languages\IAIt.lng | |
| 29. | %Program Files%\Personal Antivirus\activate.ico | |
| 30. | %Program Files%\Personal Antivirus\uninstall.ico | |
| 31. | %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus Home Page.lnk | |
| 32. | %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Personal Antivirus.lnk | |
| 33. | %UserProfile%\Application Data\Personal Antivirus\uill.ini | |
| 34. | %UserProfile%\Application Data\Personal Antivirus\db\config.cfg | |
| 35. | %UserProfile%\Local Settings\Application Data\Microsoft\Windows\log.txt | |
| 36. | %WINDOWS%\system32\log.txt | |
| 37. | %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iPSh.png | |
| 38. | %Program Files%\Personal Antivirus\db\DBInfo.ver | |
| 39. | %Program Files%\Personal Antivirus\Languages | |
| 40. | %Program Files%\Personal Antivirus\Languages\IAGer.lng |
Registry Details
Antiviruspowerfulscanv2.com may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ITGrdEngine
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ITGRDENGINE
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Personal Antivirus"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Personal Antivirus_is1
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "PrS"
