Threat Database Rogue Websites Antimalwaresecurity.net

Antimalwaresecurity.net

By Domesticus in Rogue Websites

Antimalwaresecurity.net is a malicious website that promotes and distributes AV Security Suite. Users that are infected with the trial version of AV Security Suite will encounter Antimalwaresecurity.net when they click on any of the fake security alerts or pop-up alerts displayed by the rogueware. The trial version of AV Security Suite will also hijack the Hosts file on an infected PC, causing the browser to be frequently redirected to Antimalwaresecurity.net. Use a legitimate and reliable security tool to remove Antimalwaresecurity.net and all the malware associated with it.

File System Details

Antimalwaresecurity.net may create the following file(s):
# File Name Detections
1. %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]tssd.exe
2. %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string].exe

Registry Details

Antimalwaresecurity.net may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" ="1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_LOCAL_MACHINE\Software\AvSuite
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5555"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_CURRENT_USER\Software\AvSuite
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = "1"

Trending

Most Viewed

Loading...