Threat Database Rogue Websites

By Domesticus in Rogue Websites is a browser hijacker promoting the rogue anti-spyware application known as Antivirus System PRO. is not part of the Microsoft Corporation. Hackers use legitimate company names to mislead computer users hoping that users will fall for a scam. The rogue website is not related or affiliated with Microsoft.

Due to affiliated trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activities are redirected to the domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate or persuade the user into purchasing the fake spyware remover Antivirus System PRO.

File System Details may create the following file(s):
# File Name Detections
1. %WINDOWS%\system32\iehelper.dll
2. %WINDOWS%\sysguard.exe

Registry Details may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "system tool"


Most Viewed