Threat Database Rogue Anti-Spyware Program Avlab Internet Security XP/Vista/Win 7/Win 8 Antivirus 2015

Avlab Internet Security XP/Vista/Win 7/Win 8 Antivirus 2015

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 2
First Seen: December 22, 2014
OS(es) Affected: Windows

Avlab Internet Security XP/Vista/Win 7/Win 8 Antivirus 2015 Image

Avlab Internet Security XP/Vista/Win 7/Win 8 Antivirus 2015 is a rogue security application with a large number of variants. The fact is that AVlab Internet Security 2015 can change its name and appearance depending on the targeted computer, often altering its name depending on the victim's operating system in order to make its attack more effective. The main purpose of AVlab Internet Security 2015 is to lure inexperienced PC users. To do this, AVlab Internet Security 2015 will try to convince computer users that there are threats present on their machines. AVlab Internet Security 2015 will use a variety of tactics to do this. AVlab Internet Security 2015 is monetized by convincing inexperienced computer users that they need to pay for a 'full version' of AVlab Internet Security 2015. However, since AVlab Internet Security 2015 is a threat infection itself, completely unable to detect or remove threats, PC security researchers strongly advise against paying for this bogus security program. Instead, computer users should use a real anti-virus application to detect and remove AVlab Internet Security 2015 at once.

Some of the many members of the FakeRean family, variants of AVlab Internet Security 2015 include fake security programs with names such as Antivirus 2008, Windows Antivirus 2008, Vista Antivirus 2008, Antivirus Pro 2009, AntiSpy Safeguard, ThinkPoint, Spyware Protection 2010, Internet Antivirus 2011, Palladium Pro, XP Anti-Virus 2011, CleanThis, PC Clean Pro, XP Home Security 2012, Windows Clear Problems, XP Security 2012, Antivirus PRO 2015.

How AVlab Internet Security 2015 Tries to Steal the Computer Users’ Money

The AVlab Internet Security 2015 tactic is not difficult to understand and has been repeated numerous times for more than a decade. The following are the steps that AVlab Internet Security 2015 and similar rogue security programs may take when trying to get the computer users' money:

  1. AVlab Internet Security 2015 may enter a computer using threat distribution methods. Some of these may include spam email messages, corrupted links, hacked websites or exploit kits.
  2. Once AVlab Internet Security 2015 has entered a computer, AVlab Internet Security 2015 will make harmful changes to the affected PC's settings. These changes allow AVlab Internet Security 2015 to start up automatically when the computer starts up and display error messages that appear to be system notifications.
  3. AVlab Internet Security 2015 will try to convince the victim that the PC is severely infected with threats. Some of the methods AVlab Internet Security 2015 uses to do this include displaying numerous fake error messages, a bogus virus scan with dire results, and purposefully causing system performance problems on the affected PC. For example, AVlab Internet Security 2015 will cause the affected computer to run slowly, interfere with other software, make other programs crash, and prevent computer users from launching certain applications. AVlab Internet Security 2015 will also make it difficult, or impossible, to connect to the Internet or use legitimate security software.
  4. If computer users believe AVlab Internet Security 2015's claims that AVlab Internet Security 2015 is a legitimate security program and try to use AVlab Internet Security 2015 to remove the problems on their computer, AVlab Internet Security 2015 will display additional error messages claiming that it is necessary to pay for a 'full version' of AVlab Internet Security 2015. This has the added risk of allowing the criminals responsible for AVlab Internet Security 2015 to gain access to the computer user's credit card information. Although paying for AVlab Internet Security 2015 may stop some of its most irritating symptoms, it will not remove AVlab Internet Security 2015 from the affected computer, or remove the real problem in any way.

If AVlab Internet Security 2015 is installed on your computer, it should be removed at once. Since AVlab Internet Security 2015 interferes with legitimate security software, it may be necessary to use alternate start-up methods to prevent AVlab Internet Security 2015 from running during start-up. Once AVlab Internet Security 2015 has been bypassed, a reliable security application should be able to remove this rogue security program completely.
Avlab Internet Security Antivirus 2015 Image 2Avlab Internet Security Antivirus 2015 Image 3Avlab Internet Security Antivirus 2015 Image 4

SpyHunter Detects & Remove Avlab Internet Security XP/Vista/Win 7/Win 8 Antivirus 2015

File System Details

Avlab Internet Security XP/Vista/Win 7/Win 8 Antivirus 2015 may create the following file(s):
# File Name MD5 Detections
1. runixbqv.exe 03c68f727557c5627dba0af2707b4df0 2
2. %CommonAppData%\893686b8
3. %LocalAppData%\[RANDOM].exe
4. %LocalAppData%\893686b8
5. %AppData%\893686b8
6. %AppData%\Protector-[RANDOM].exe
7. %AppData%\result.db
8. %UserProfile%\Desktop\Avlab Internet Security 2015.lnk
9. %UserProfile%\Templates\893686b8
10. %AllUsersProfile%\Start Menu\Programs\Avlab Internet Security 2015.lnk

Registry Details

Avlab Internet Security XP/Vista/Win 7/Win 8 Antivirus 2015 may create the following registry entry or registry entries:
HKEY_CLASSES_ROOT\CLSID\[RANDOM NUMBERS]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\"Shell" = "[SET OF RANDOM CHARACTERS].exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MSConfig\startupfolder\[RANDOM WORDS]
HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MSConfig\startupreg\[RANDOM WORDS]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM]" = "%LocalAppData%\[RANDOM].exe"

Trending

Most Viewed

Loading...