Antispyway.com

Antispyway.com Description

Antispyway.com is a malicious website used to promote and distribute rogue security software. Antispyway.com can be inserted into the Hosts file of a compromised PC, resulting in frequent redirection to the website. Once associated rogueware infiltrates a machine, it will display fake security alerts which may also direct a victim to Antispyway.com once clicked on. Avoid visiting Antispyway.com and if you do encounter this criminal domain, use a reliable security tool to remove it and the rogueware associated with it.

Technical Information

File System Details

Antispyway.com creates the following file(s):
# File Name Detection Count
1 %Temp%\[random]\[random]agnz.exe N/A
2 %Temp%\[random]\ N/A

Registry Details

Antispyway.com creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random]agnz.exe"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter "Enabled" = "0"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = "1"
HKEY_CURRENT_USER\Software\[random]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:33921"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random]agnz.exe"