Info-defender.com

Info-defender.com Description

Info-defender.com also known as Info-defender.microsoft.com is a misleading website that promotes the rogueware called Antivirus Soft. Info-defender.microsoft.com is a fake warning page that informs a user that he/she is about to visit an unsafe website. The fake warning page will also provide and recommend a link to purchase software that will secure the user's internet surfing. The link will redirect the user to Info-defender.com which is one of the payment pages for Antivirus Soft. Do not fall victim to this scam. Should you encounter Info-defender.com, use a recognized security application to completely remove it and the malware associated with it.

Technical Information

File System Details

Info-defender.com creates the following file(s):
# File Name Detection Count
1 %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]sysguard.exe N/A
2 %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]sftav.exe N/A

Registry Details

Info-defender.com creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_CURRENT_USER\Software\AvScan
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5555"