Antivirprime.com
Antivirprime.com is a malicious website that promotes AV Security Suite. Users that are reluctantly redirected to Antivirprime.com are usually infected with the trial version of AV Security Suite. To stop the redirection to Antivirprime.com, use a legitimate and reliable security application to detect and remove Antivirprime.com and the malware associated with it.
File System Details
Antivirprime.com may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]tssd.exe | |
| 2. | %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string].exe |
Registry Details
Antivirprime.com may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" ="1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_LOCAL_MACHINE\Software\AvSuite
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5555"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_CURRENT_USER\Software\AvSuite
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = "1"
