Royalantivirus.microsoft.com

By ZulaZuza in Rogue Websites

Translate To:

Royalantivirus.microsoft.com also known as Royalantivirus.com, is a malicious domain used to maladvertise rogue programs. Royalantivirus.microsoft.com uses deceptive advertisements to trick users into purchasing and installing Antivirus System PRO. Royalantivirus.microsoft.com is a warning page that informs its victims that they have been browsing unsafe websites. The warning page also advises the user to purchase Antivirus System PRO in order to continue browsing safely.

Trojans that are used to get Royalantivirus.microsoft.com onto the system, modify the Hosts file ensuring that the user will be frequently redirected to Royalantivirus.microsoft.com. Users should avoid browsing Royalantivirus.microsoft.com and use a legitimate security tool to remove the Trojan and files related to Royalantivirus.microsoft.com.

File System Details

Royalantivirus.microsoft.com may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%ProgramFiles%\Antivirus System PRO\Antivirussystempro.exe
Name: %ProgramFiles%\Antivirus System PRO\Antivirussystempro.exe Type: Executable File
2.	c:\WINDOWS\sysguard.exe
Name: c:\WINDOWS\sysguard.exe Type: Executable File
3.	%ProgramFiles%\Antivirus System PRO\uninstall.exe
Name: %ProgramFiles%\Antivirus System PRO\uninstall.exe Type: Executable File

Registry Details

Royalantivirus.microsoft.com may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_LOCAL_MACHINE\SOFTWARE\Antivirus System PRO

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad “ieModule”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “Antivirus System PRO”

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “system tool”

HKEY_CLASSES_ROOT\CLSID\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Antivirus System PRO

HKEY_CURRENT_USER\Software\AvScan

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Royalantivirus.microsoft.com

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen