Antivirus IS

From Wiki-Security, the free encyclopedia of computer security

Antivirus IS Information
Type: Spyware
Analysis: Installs & gathers info from a PC without user permission.
Infection: By downloading freeware & shareware.
Symptoms: Changes PC settings, excessive popups & slow PC performance.
Detection Tool: >>> Download SpyHunter's Spyware Scanner <<<

SpyHunter's spyware scanner is intended to quickly scan and identify spyware on your PC. If you wish to eliminate spyware from your PC and prevent future spyware attacks, we recommend you buy SpyHunter's spyware removal tool, which includes full technical support and a Spyware HelpDesk to tackle spyware that is uniquely affecting your PC.
IE Alert:

If you are using Internet Explorer and can not download SpyHunter, please use a different browser like Firefox or Chrome.

Antivirus IS is a very dangerous rogue anti-virus program. Aside from the fact that it seriously disrupts your ability to use your computer, Antivirus IS is also part of a wide-spread Internet scam. Antivirus IS infections began cropping up in September 2010, but it is from an existing family of rogue anti-malware applications that include Antivirus Soft and Security Suite.

What is Antivirus IS' Behavior?

Most of the time, Antivirus IS will show up on an infected system without warning. One day, you turn on the computer, only to find that some antivirus program you've never heard of is running a scan. This is because once Antivirus IS makes its way onto your computer it will edit the registry so that it runs when Windows starts. Then, of course, the phony “scan” that it will run every time will report a long list of threats that it encountered on your computer. If you look carefully, you will find that most of the dangerous files listed are nonexistent, and the rest are legitimate, harmless Windows components. Antivirus IS will always prompt you to purchase the “licensed” version of its software, or to pay to “activate” it, although Antivirus IS is not a real anti-virus software and cannot actually do anything for you once you pay for it.

Antivirus IS also uses a lot of what are usually called “nag screens,” which are pop-ups that it will create in order to scare you and annoy you. These pop-ups will all claim that your computer is under attack, and in particular, some of them will claim that the threat is "Win32/Nuqel.E" or that there is an “Infiltration Alert.” All of these pop-up warnings will also say that in order to protect your computer from the supposed threat, you must pay for an activated copy of Antivirus IS.

Antivirus IS will typically prevent you from opening any other program, aside from web browsers. It will show an error message saying that whatever program you're trying to open is infected with a serious virus. Antivirus IS can't be shut down through the Task Manager, since it will prevent you from opening the Task Manager in the same way as it prevents you from opening any other program. Antivirus IS only allows web browsers to open, because it can then hijack them, and direct you to its own malicious websites. All of this, everything that Antivirus IS does, is intended to scare you into thinking you have no choice but to pay the money it demands. If you don't  believe the claims that Antivirus IS makes about needing to clean your system of threats, then you still might believe that paying the ransom is the only choice you have to gain control of your computer. (Unfortunately, paying the money will not change anything.)

So, How Did Antivirus IS Get Inside Your Computer?

Who would willingly download such malicious software onto their computer? Occasionally, malicious websites will set themselves up to look realistic, and to offer free “security scans”, which actually infect the scanned computer with Antivirus IS. More often, a computer is infected with a Trojan that takes advantage of a weakness in some program, or which is hidden in a seemingly harmless download. The Trojan then downloads Antivirus IS, and the next time you start Windows, there it is. Most people are surprised to find this mysterious software on their computer, especially if they haven't heard of Antivirus IS.

Remember that Antivirus IS is a scam. It has nothing to offer, and it can't scan for viruses or remove threats. Although Antivirus IS tries to trick you into thinking it has irrevocably taken your computer hostage, you do have options aside from paying the ransom. Antivirus IS can be removed, and you should never pay money for a virus.

To check your computer for Antivirus IS, download SpyHunter Spyware Detection Tool.

SpyHunter spyware detection tool is only a scanner meant to assist you in detecting Antivirus IS and other threats. If you detect the presence of Antivirus IS on your PC, you have the opportunity to purchase the SpyHunter removal tool to remove any traces of Antivirus IS.


Detection of Antivirus IS (Recommended)

Antivirus IS is difficult to detect and remove. Antivirus IS is not likely to be removed through a convenient "uninstall" feature. Antivirus IS, as well as other spyware, can re-install itself even after it appears to have been removed.

You also run the risk of damaging your computer since you're required to find and delete sensitive files in your system such as DLL files and registry keys. It is recommended you use a good spyware remover to remove Antivirus IS and other spyware, adware, trojans and viruses on your computer.

Run a Antivirus IS scan/check to successfully detect all Antivirus IS files with the SpyHunter Spyware Detection Tool. If you wish to remove Antivirus IS, you can either purchase the SpyHunter spyware removal tool to remove Antivirus IS or follow the Antivirus IS manual removal method provided in the "Remedies and Prevention" section.

Method of Infection

There are many ways your computer could get infected with Antivirus IS. Antivirus IS can come bundled with shareware or other downloadable software.

Another method of distributing Antivirus IS involves tricking you by displaying deceptive pop-up ads that may appear as regular Windows notifications with links which look like buttons reading Yes and No. No matter which "button" that you click on, a download starts, installing Antivirus IS on your system. Antivirus IS installs on your computer through a trojan and may infect your system without your knowledge or consent.

If you think you may already be infected with Antivirus IS, use this SpyHunter Spyware dectection tool to detect Antivirus IS and other common Spyware infections. After detection of Antivirus IS, the next advised step is to remove Antivirus IS with the purchase of the SpyHunter Spyware removal tool.


Antivirus IS may attempt to change your computer's desktop, hijack your browser, monitor your Internet browsing activities, change system files, and can do this without your knowledge or permission. Therefore, it is strongly recommended to remove all traces of Antivirus IS from your computer.

Remedies and Prevention

Antivirus IS, as well as other Spyware, are constantly evolving and becoming more advanced to avoid detection. Antivirus IS along with its variants can install in different locations and even when you try to uninstall it you find they reappear when you reboot your computer.

Install a good anti-spyware software

When there's a large number of traces of Spyware, for example Antivirus IS, that have infected a computer, the only remedy may be to automatically run a Spyware scan from a good anti-spyware software designed to detect Antivirus IS and other types of spyware.

Remove Antivirus IS manually

Another method to remove Antivirus IS is to manually delete Antivirus IS files in your system. Detect and remove the following Antivirus IS files:


  • lanw.exe

Registry Keys

  • HKEY_CURRENT_USER\Software\mzkhgqspw
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter "Enabled" = "0"
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http="
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = "1"
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[SET OF RANDOM CHARACTERS]lanw.exe"
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[SET OF RANDOM CHARACTERS]lanw.exe"

External links

If you believe your computer is infected with spyware,
Wiki-Security highly recommends SpyHunter's spyware detection tool to detect the latest spyware threats.

Disclaimer Information
This website, its content or any portion of this website is NOT affiliated with, connected to, or sponsored by Antivirus IS or its creators in any way. This website does not advocate the actions or behavior of Antivirus IS and its creators. Our objective is to provide Internet users with the know-how to detect and remove Antivirus IS and other Internet threats.

The readers of this article should not mistake, confuse or associate this article to be an advertisement or a promotion of Antivirus IS in any way. The content provided on this website is intended for educational or informational purposes and is provided "AS IS" with no warranties, and confers no rights.