Welcome to remove-malware.net

How to remove Antispy.microsoft.com hijacker

Malware Description:
Antispy.microsoft.com is an evidence of the fact that the SEO criminals who maintain the distribution campaign of Antivirus System PRO scareware are proceeding with their HOSTS file modification trickery. Here’s what happens to the PCs infected with Antivirus System PRO rogue anti-spyware. The malware changes the compromised computer’s HOSTS file to make the user keep hitting 209.44.111.62 IP. The trick consists in the fact that, when going to the above IP-address, the domain name displayed in the location bar of one’s browser is Antispy.microsoft.com which sounds more than legitimate. The preceding counterpart of Antispy.microsoft.com is the Itsecure.microsoft.com URL described on our blog earlier this month (please, follow the link to read more about Itsecure.microsoft.com). It may sound strange that such a trustworthy domain name as Antispy.microsoft.com could possibly serve the propagation purposes of Antivirus System PRO fake anti-spyware. The answer is – it doesn’t; Microsoft has absolutely nothing to do with Antispy.microsoft.com. It’s just the malware’s manipulation with your HOSTS file which results in matching a legit-looking domain name with the IP address involved in promoting badware. In any case, if you ever happen to hit, Antispy.microsoft.com, you should urgently remove the Trojans that constitute Antivirus System PRO trialware which is likely to be inside your system. Please, find out some additional details on Antispy.microsoft.com below.

Malware Type: Browser Hijackers

Malware Author: Magic software Inc

Threat Level: Critical

Advice: Immediately remove and scan for additional malware

Antispy.microsoft.com Hijacker Free Scanner and Remover: Download Now

Antispy.microsoft.com Screenshot:

Antispy.microsoft.com Bogus Warning Page Screenshot:

How to remove Antispy.microsoft.com hijacker and affiliated threats manually:
Manual removal of Antispy.microsoft.com hijacker is a feasible objective if you have sufficient expertise in dealing with program files, processes, .dll files and registry entries.

The files to be deleted are listed below:

• %WINDOWS%\sysguard.exe
• %WINDOWS%\system32\iehelper.dll

The registry entries that need to be removed are as follows:

• HKEY_CURRENT_USER\Software\AvScan
• HKEY_CLASSES_ROOT\CLSID\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “system tool”

Please, be aware that manual removal of Antispy.microsoft.com hijacker is a cumbersome process and does not always ensure complete deletion of the malware, due to the fact that some files might be hidden or may get reanimated automatically afterwards. Moreover, manual interference of this kind may cause damage to the system. That’s why we strongly recommend automatic removal of Antispy.microsoft.com hijacker, which will save your time and enable avoiding any system malfunctions and guarantee the needed result.