Posted: February 21, 2011 Description

As just another malicious domain for promoting harmful rogue security products, will abuse the trust of visitors by downloading malware onto their computers. The site should never be visited deliberately since even cursory contact can result in infections. Web browser hijackings that result in redirections towards are a primary symptom of infection by the site's product, AntiVira Av. The AntiVira Av rogue security product should be considered as dangerous as the site itself, and all traces of either should be eradicated mercilessly to assure the safety of your computer.

The Spread of the Disease

Just like real diseases, the AntiVira Av infection that relies on will infect most computers without their users being at all aware of the event. However, signs of the sickness riddling your system will become apparent almost instantly, since AntiVira Av will practically yell in your ear that it's here to help you whether you like it or not!

AntiVira Av's fake scans and highly erroneous warning messages all serve to unbalance the mind of the user and make him or her susceptible to the rogue security product's wheedling. Everything AntiVira Av tells you is a total fabrication, and your computer will continue to malfunction as long as the rogue security product hangs around.

Aside from general dishonesty in reporting on the state of your computer's welfare, AntiVira Av also serves as a primary link to The rogue security product will perform browser hijacking duties on the side, and any web browsing on your part will be met with constant redirections towards or a similar AntiVira Av-affiliated website.

Don't just assume that direct and obvious redirections are the only hijacking experiences your browser is attacked by; AntiVira Av is also capable of more subtle assaults. This malware and others similar to it can shove you onto right away by changing your homepage, by inserting links into normal website content, or even by displaying fake unsafe website warnings that block out safe sites.

What Can Happen to Your System with Just One Visit to

If one sets aside all the problems caused directly by's rogue security product, there are still quite a number of ways can hurt your system. All these symptoms are combated best by just not visiting this malicious site at all, but if you do find yourself at, having extremely conservative security and browser settings may help.

  • Taking up on its offer to sell AntiVira Av's registered version to you will result in your money being taken away for a harmful product. Even a registered AntiVira Av is still a very real threat to your computer until you swallow the bitter pill and figure out how to delete it. Any charges to your credit card may be repeated indefinitely, and the crooks in charge of are unlikely to grant refunds.
  • Information offered to may be used for criminal purposes. Keeping your cards close to your chest and not offering up personal details regarding your identity or finances will reduce your risk of being a victim of identity theft or other violating crimes.
  • Even if you don't offer any information or money to, you're still at risk! Just going to the website gives this malicious domain the opportunity to use browser exploits to download Trojans and other malware onto your machine. This will almost always happen with absolutely no warning, so that you will not even know about it until it's too late.

As a fraudulent and highly harmful domain, is unlikely to have a long life span, but it's not quite dead just yet. Until that time comes and it's shut down for good, you should sweep any trash away from your machine with a care towards minimizing all damage, particularly with regards to the AntiVira Av infiltrator.

File System Modifications

  • The following files were created in the system:
    # File Name
    2 %Temp%\[random]\[RANDOM CHARACTERS].exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter "Enabled" = "0?HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyEnable” = "1?HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS].exe"HKEY_CURRENT_USER\Software\[RANDOM CHARACTERS]

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.