Avtivirus-fortress.com

By LoneStar in Rogue Websites

Translate To:

Avtivirus-fortress.com (or Avtivirusfortress.com) is a corrupt website which promotes the Antivirus Suite rogue antivirus program. Hackers use Avtivirusfortress.com to convince Internet users to buy rogue software. Avtivirus-fortress.com acts like a fake system scan which produces bogus results claiming the computer is infected. Avtivirusfortress.com soon bombards the user with popup warnings urging the purchase of Antivirus Suite. Use a proven antivirus program to remove the threats associated to Avtivirusfortress.com.

File System Details

Avtivirus-fortress.com may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]tssd.exe
Name: %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]tssd.exe Type: Executable File
2.	%Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]ftav.exe
Name: %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]ftav.exe Type: Executable File
3.	%Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]sysguard.exe
Name: %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]sysguard.exe Type: Executable File

Registry Details

Avtivirus-fortress.com may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = "1"

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"[random string].exe"

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".exe"

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = "1"

HKEY_LOCAL_MACHINE\SOFTWARE\avsuite

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5555"

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = "no"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"[random string].exe"

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Avtivirus-fortress.com

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen