Beware of Antispymv.com a Malicious Website

by on 07/23/2010 in Fake Antivirus, Scams & Hoaxes, Security

Antispymv.com is a browser hijacker that distributes Antivir Solution Pro program and other fake antivirus solutions. This rogue software spreads from a Trojan and is installed automatically without user’s knowledge and consent.

Type: Misleading Application / Browser Hijacker
Publisher: Antispymv.com
Risk Impact: Medium
Systems Affected: Windows 2000, Windows Server 2003, Windows Vista, Windows XP
Behavior: Antivir Solution Pro is a misleading application that may give exaggerated reports of threats on the computer.

Antivir Solution Pro Removal

How to remove Antivir Solution Pro:

Download a free copy of Malwarebytes’ Anti-Malware to remove this software.

How to manually remove Antivir Solution Pro registry values:

Note: The manual removal of files and registries should be performed by experienced users.

  • HKEY_CURRENT_USER\Software\AvSuite
  • HKEY_LOCAL_MACHINE\Software\AvSuite
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” =”1″
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyOverride” = “”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyServer” = “http=127.0.0.1:5555″
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations “LowRiskFileTypes” = “.exe”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments “SaveZoneInformation” = “1″
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “{random string}”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “{random string}”

Other malicious files:

  • %Documents and Settings%\[UserName]\Local Settings\Application Data\{random string}\{random string}.exe

See more rogue software removal instructions here.

If you have the WOT add-on installed for Firefox or IE, you will now get a warning for this malicious website.

Related Articles
How to Remove Antivirus GT
How to Remove MedicCop Rogue AntiSpyware
Beware of this Fake Antivirus Program AV Security Suite

11 Responses to “Beware of Antispymv.com a Malicious Website”

  1. Jonathan - Advanced Life Skills

    Jul 23rd, 2010

    Just shows that we need to stick with well known brands (or at least Tech Jaws approved) when it comes to anti-virus, anti-spyware and anti-malware programs.

    • Frank Jovine

      Jul 23rd, 2010

      Jonathan,

      You are too kind and it’s all about the brands. If you never heard of it, move on.

  2. Michel

    Jul 25th, 2010

    Well,
    Thanks a lot, a few minutes and everything seems to be fine so far

    • Frank Jovine

      Jul 25th, 2010

      Michel,

      I am glad the removal instructions helped!

  3. Andrew @ Blogging Guide

    Jul 25th, 2010

    I agree with Jonathan. use only tech-jaws approved brands. You’ll be safer that way.

  4. Josh

    Jul 26th, 2010

    Nice post Frank, its good to see that you are warning people about such horrible scams.

    I have fallen victim to a spyware infection before, all of the drives on my PC showed warnings. An anti-spyware was suggested by this program that had infected my PC, which lead to me pulling out my credit card where an deduction is made each month!

    Luckily I cancelled my credit card account and was refunded for the second hit.

  5. Toby

    Jul 27th, 2010

    Hi Frank,

    Fell victim to this pile and thank you for the help. The only files that can’t be found are:

    * HKEY_CURRENT_USER\Software\AvSuite
    * HKEY_LOCAL_MACHINE\Software\AvSuite

    * HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “{random string}”
    * HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “{random string}”

    Have you seen this attack change or is it my lack of IT skills?

    Thanks,

    -Toby

    • Frank Jovine

      Jul 28th, 2010

      Toby,

      Did you perform a search in the registry for AVSuite? If so and you didn’t find the file, you should be good.

  6. Andy

    Jul 28th, 2010

    Hi, I just got rid of one problem to get this one. I am no expert ad running Windows Vista on a laptop. Can’t access internet to download file and no idea how to search registries etc so please help. Andy UK

    • Frank Jovine

      Jul 28th, 2010

      Andy,

      I updated the article with F-Secure which has an update to remove and defend against Security Tool Virus.