Threat Database Rogue Websites is a deceptive domain that is involved in the advertisement and distribution of the rogue security application, Antivir. The URL usually comes with the '/block.php' extension at the end. Trojans related to Antivir, infect user's systems and redirect their browsers to continuously land on is basically a fake warning page that informs victims of the detection of web security issues. Users that click on anything on the page will be diverted to a page that severely advertises the purchase and installation of Antivir. is an untrustworthy website; do not purchase any rogueware promoted by the website.

File System Details may create the following file(s):
# File Name Detections
1. %Program Files%\AV\antivir.exe
2. %WINDOWS%\system32\UpdateCheck.dll
3. %UserProfile%\Desktop\Antivir.lnk
4. %Documents and Settings%\All Users\Start Menu\AV\Uninstall.lnk
5. %Program Files%\Common Files\Uninstall\AV\Uninstall.lnk
6. %Documents and Settings%\All Users\Start Menu\AV\Antivir.lnk
7. %Program Files%\Common Files\Uninstall
8. %Program Files%\Common Files\Uninstall\AV
9. %Documents and Settings%\All Users\Start Menu\AV
10. %Program Files%\AV

Registry Details may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “AV”


Most Viewed