Antivirus-power.com

By LoneStar in Browser Hijackers

Translate To:

Antivirus-power.com is a criminal website that promotes the purchase of the rogueware called Antivirus Soft. Antivirus-power.com is usually encountered by users that have already been infected with Antivirus Soft, or by the browser hijacking Trojans associated with the rogueware. Once a victim visits Antivirus-power.com a fake online system scan, security alerts and pop-ups will be launched in order to convince the victim that his/her PC in infected with numerous computer threats. Following the security notifications, the victim will be prompted to purchase the "full" version of Antivirus Soft in order to get rid of all the "detected" computer threats. Antivirus-power.com and Antivirus Soft are both included in a scam to trick users into wasting their money on useless software.

File System Details

Antivirus-power.com may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%UserProfile%\Local Settings\Application Data\[random symbols]\[random symbols]sysguard.exe
Name: %UserProfile%\Local Settings\Application Data\[random symbols]\[random symbols]sysguard.exe Type: Executable File
2.	%UserProfile%\Local Settings\Application Data\[random symbols]\
Name: %UserProfile%\Local Settings\Application Data\[random symbols]\

Registry Details

Antivirus-power.com may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = "1"

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random symbols]"

HKEY_CURRENT_USER\Software\AvScan

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5555"

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random symbols]"

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Antivirus-power.com

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen