The above URL is a landing page that redirects the user to one of at least two different Rogue AV domains:
Rogue AV Pop-up Scanner
If the user clicks “OK” on the dialog box asking whether they want to download the “Personal Antivirus” and remove the (fake) threats on their system, one of the following URLs:
provide the Rogue AV binary. Detections for this malware instance are poor; only 1/40 tools identify it as malicious.
Users of the PWSS are protected from this threat.