Threat Database Rogue Websites Itsecure.microsoft.com

Itsecure.microsoft.com

By Domesticus in Rogue Websites

Itsecure.microsoft.com is a browser hijacker promoting the rogue anti-spyware application known as Antivirus System PRO.

Itsecure.microsoft.com is not part of the Microsoft Corporation. Hackers use legitimate company names to mislead computer users hoping that users will fall for a scam. The rogue website Itsecure.microsoft.com is not related or affiliated with Microsoft.

Due to affiliated trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activities are redirected to the Itsecure.microsoft.com domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate or persuade the user into purchasing the fake spyware remover Antivirus System PRO.

File System Details

Itsecure.microsoft.com creates the following file(s):
# File Name Detections
1. %WINDOWS%\system32\iehelper.dll N/A
2. %WINDOWS%\sysguard.exe N/A

Registry Details

Itsecure.microsoft.com creates the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}
HKEY_CLASSES_ROOT\CLSID\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}
HKEY_CURRENT_USER\Software\AvScan
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "system tool"

Trending

Most Viewed

Loading...