Antimalwaresecurity.net

Antimalwaresecurity.net Description

Antimalwaresecurity.net is a malicious website that promotes and distributes AV Security Suite. Users that are infected with the trial version of AV Security Suite will encounter Antimalwaresecurity.net when they click on any of the fake security alerts or pop-up alerts displayed by the rogueware. The trial version of AV Security Suite will also hijack the Hosts file on an infected PC, causing the browser to be frequently redirected to Antimalwaresecurity.net. Use a legitimate and reliable security tool to remove Antimalwaresecurity.net and all the malware associated with it.

Technical Information

File System Details

Antimalwaresecurity.net creates the following file(s):
# File Name Detection Count
1 %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]tssd.exe N/A
2 %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string].exe N/A

Registry Details

Antimalwaresecurity.net creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" ="1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_LOCAL_MACHINE\Software\AvSuite
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5555"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_CURRENT_USER\Software\AvSuite
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = "1"