Antivirspace.com

Antivirspace.com Description

Antivirspace.com is a malicious domain that promotes Security Suite - a rogue security application. Security Suite can surreptitiously infiltrate a computer system and display fake security alerts. Once a user clicks on the fake alerts or attempts to browse the internet, he/she will be redirected to Antivirspace.com and coerced into paying for the "licensed" version of Security Suite which does not even exist. Use a reliable anti-spyware application to remove Security Suite and stop the redirection to Antivirspace.com.

Technical Information

File System Details

Antivirspace.com creates the following file(s):
# File Name Detection Count
1 %UserProfile%\Local Settings\Application Data\\[random]shdw.exe N/A
2 %UserProfile%\Local Settings\Application Data\[random] N/A

Registry Details

Antivirspace.com creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter ?Enabled? = ?0″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations ?LowRiskFileTypes? = ?.exe?
HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache ?%UserProfile%\Desktop\flash_player_installer\flash_player_installer.exe?
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings ?ProxyEnable? =?1″
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download ?RunInvalidSignatures? = ?1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings ?ProxyServer? = ?http=127.0.0.1:6522″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ?[random]?
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download ?CheckExeSignatures? = ?no?
HKEY_CURRENT_USER\Software\wnxmal
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings ?ProxyOverride? = ??
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments ?SaveZoneInformation? = ?1″
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?[random]?