Antivirok.com

Antivirok.com Description

Antivirok.com is a malicious website that ESG PC security researchers have linked to a variety of known malware threats and rogue security programs. Rogue security programs associated with Antivirok.com are fake security applications designed to take over your computer, cause deliberate damage to your operating system and then force you to pay, in order to remove the very problems they caused. ESG PC security researchers strongly recommend against downloading anything from the Antivirok.com website. In fact, even visiting this malicious website may cause your computer to become infected with malware. Components in Antivirok.com are capable of injecting malware directly onto your computer by taking advantage of vulnerabilities in your Internet browser's and operating system's security.
 

How Antivirok.com Attempts to Infect Your Computer System with Malware

Malware from the Antivirok.com website will typically infect a computer system in one of two possible ways. Some users may stumble upon Antivirok.com by accident. Believing Antivirok.com to be a legitimate website, they may download one of the many rogue anti-spyware applications advertised on Antivirok.com. This usually results in pop-up windows and a fake malware scan that Antivirok.com claims to run on your computer system. While experienced computer users will quickly identify Antivirok.com's fake scan for what Antivirok.com is, many visitors to this malicious website fall for this scam, downloading malware in the process. However, it is not necessary to download a rogue security program in order to become infected. According to ESG PC security researchers, the Antivirok.com website contains dangerous scripts and corrupted advertisements, which take advantage of security vulnerabilities in JavaScript or Adobe Flash, in order to cause their victim to become infected with a Trojan or other malware. Once a victim has become infected with malware from Antivirok.com, the risk for identity theft, data theft, credit card fraud or additional malware infections is exponentially increased. This is why deleting malware from Antivirok.com should be a top priority.
 

The Antivirok.com Website is Associated with Browser Hijackers

Most malware related to the Antivirok.com website is associated with browser-hijacking components. Some symptoms of browser hijackers related to Antivirok.com include the following:

  • Browser hijackers associated with Antivirok.com will often change your homepage to Antivirok.com, as well as changing your Internet browser settings.
  • When entering a search onto a popular search engine, results may link to Antivirok.com or similar websites, rather than to the actual search result.
  • Your Internet browser may force you to visit Antivirok.com repeatedly after entering other addresses or clicking on any link.

Technical Information

File System Details

Antivirok.com creates the following file(s):
# File Name Detection Count
1 %Temp%\{RANDOM CHARACTERS}\{RANDOM CHARACTERS}.exe N/A
2 %Temp%\{RANDOM CHARACTERS} N/A

Registry Details

Antivirok.com creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter "Enabled" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = "
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = 'http=127.0.0.1:18810'
HKEY_CURRENT_USER\Software\{RANDOM CHARACTERS}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = '1'