Antivirglass.com
Antivirglass.com is a malicious website and a browser hijacker. Antivirglass.com is involved in the advertising and distribution of the rogueware called AV Security Suite. AV Security Suite uses scare tactics to coerce users into purchasing its non-existent full version which can be purchased from Antivirglass.com. Users that are infected with the trial version of AV Security Suite are frequently redirected to Antivirglass.com when browsing the internet or when they click on any of the fake security alerts displayed by the rogueware.
File System Details
Antivirglass.com may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %UserProfile%\Local Settings\Application Data\\[random string]tssd.exe | |
| 2. | %UserProfile%\Local Settings\Application Data\[random string]\ |
Registry Details
Antivirglass.com may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random]"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = "
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random]"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = "no"
