Versionantispy.com
Versionantispy.com is a malicious domain that promotes the fake program called Antivirus IS. Versionantispy.com will also run a fake scan which will claim to detect malware on the system. Antivirus IS will be presented as the only solution to remove the malware and the user will be prompted to purchase it. Remove Versionantispy.com and associated rogueware with an updated malware remover.
File System Modifications
- The following files were created in the system:
# File Name 1 %UserProfile%\Local Settings\Application Data\{random}\ 2 %UserProfile%\Local Settings\Application Data\{random}\{random}.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter "Enabled" = "0"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = "1"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = "{local}"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5643"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "{random}"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "{random}"
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.