Ms-antivirus.net

Ms-antivirus.net Description

Ms-antivirus.net also known as ms-antivirus.microsoft.net is a deceptive domain that promotes rogue software. Ms-antivirus.net is involved in the malvertising of the fake anti-virus application called Antivirus Live. Ms-antivirus.net is a site that victims are typically redirected to unintentionally. The redirection is achieved with the help of harmful Trojans that are able to modify the Hosts file and browser settings of a compromised system. Once a victim hits ms-antivirus.net he/she will be informed that a scan conducted by Antivirus Live detected numerous malware infections on his/her computer. The user will also be advised to purchase the "full version" of Antivirus Live in order to remove all the detected malware. Users should be aware that any malware detected by Antivirus Live is fake and Antivirus Live does not have the functionalities of a legitimate security application.

Technical Information

File System Details

Ms-antivirus.net creates the following file(s):
# File Name Detection Count
1 %Documents and Settings%\[UserName]\Application Data\[RandomSymbols]\[Random4Symbols]sysguard.exe N/A

Registry Details

Ms-antivirus.net creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows Script
HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
HKEY_CURRENT_USER\Software\AvScan
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments