Threat Database Rogue Websites Info-protector.com

Info-protector.com

Info-protector.com or Info-protector.microsoft.com is a misleading website involved in the promotion of Antivirus Soft - a rogue security program. Info-protector.com can be encountered by users that have been infected with the trial version of Antivirus Soft or users that have been infected with browser hijacking Trojans related to the website. Info-protector.com uses scare tactics that include running fake system scans and displaying bogus security alerts, in order to trick victims into thinking that their PCs are infested with malware. Following the fake security notifications is a recommendation to purchase the full version of Antivirus Soft in order to clear the PC of all the threats. This is all a scam and the detected malware threats do not exist; the only real threat is Antivirus Soft and Info-protector.com.

File System Details

Info-protector.com may create the following file(s):
# File Name Detections
1. %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]sysguard.exe
2. %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]sftav.exe

Registry Details

Info-protector.com may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_CURRENT_USER\Software\AvScan
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5555"

Trending

Most Viewed

Loading...