Antivirdrome.com

Antivirdrome.com Description

Antivirdrome.com is a malicious browser hijacker that uses scare tactics to coerce users into purchasing Antivirus IS. Once Antivirdrome.com has infiltrated a victim's Hosts file, he/she will be frequently redirected to Antivirdrome.com with every attempt to browse the internet. Stop the redirection to Antivirdrome.com by using a reliable security tool to remove Antivirus IS.

Technical Information

File System Details

Antivirdrome.com creates the following file(s):
# File Name Detection Count
1 %UserProfile%\Local Settings\Application Data\{random}\{random}.exe N/A
2 %UserProfile%\Local Settings\Application Data\{random}\ N/A

Registry Details

Antivirdrome.com creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5643'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "{random}"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = "{local}"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "{random}"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter "Enabled" = "0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = "1'