Antivirglass.com

Antivirglass.com Description

Antivirglass.com is a malicious website and a browser hijacker. Antivirglass.com is involved in the advertising and distribution of the rogueware called AV Security Suite. AV Security Suite uses scare tactics to coerce users into purchasing its non-existent full version which can be purchased from Antivirglass.com. Users that are infected with the trial version of AV Security Suite are frequently redirected to Antivirglass.com when browsing the internet or when they click on any of the fake security alerts displayed by the rogueware.

Technical Information

File System Details

Antivirglass.com creates the following file(s):
# File Name Detection Count
1 %UserProfile%\Local Settings\Application Data\\[random string]tssd.exe N/A
2 %UserProfile%\Local Settings\Application Data\[random string]\ N/A

Registry Details

Antivirglass.com creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random]"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = "
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random]"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = "no"