Antivirdrome.com Description
Antivirdrome.com is a malicious browser hijacker that uses scare tactics to coerce users into purchasing Antivirus IS. Once Antivirdrome.com has infiltrated a victim's Hosts file, he/she will be frequently redirected to Antivirdrome.com with every attempt to browse the internet. Stop the redirection to Antivirdrome.com by using a reliable security tool to remove Antivirus IS.
Technical Information
File System Details
Antivirdrome.com creates the following file(s):
| # | File Name | Detection Count |
|---|---|---|
| 1 | %UserProfile%\Local Settings\Application Data\{random}\{random}.exe | N/A |
| 2 | %UserProfile%\Local Settings\Application Data\{random}\ | N/A |
Registry Details
Antivirdrome.com creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5643'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "{random}"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = "{local}"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "{random}"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter "Enabled" = "0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = "1'