Aug 25

Remove Antivirdom.com hijacker – Antivirdom.com removal guide

Hijackers Add comments

Malware Analysis:

Unfortunately, the expansive list of Security Suite rogueware’s browser hijackers keeps on getting replenished. This time, it’s Antivirdom.com – a new misleading domain you will go to if the corresponding pseudo antivirus takes over your system. This hijacker is being used for promotional purposes in favor of Security Suite. This scareware tool manages to be stealthy enough to compromise computers remaining undetected. After the silent intrusion, it will perform a few actions on your system which will result in you being unable to surf the Internet, not to mention the obnoxious popup alerts and alleged security scanners that will be appearing over and over preventing you from working with your PC like you used to. When Security Suite redirects you to Antivirdom.com, you will see a bunch of prompts all of which lure you into installing and purchasing the full commercial version of the program. Well, we hope you are sane enough to abstain from paying money for fake anti-spyware. If so, please spare a few minutes to study our cleaning tutorial and stick to it for Antivirdom.com bug removal. One last thing – you might need to enter Safe Mode with Networking before removal (just hit F8 key repeatedly during startup). This way, you will be able to bypass Security Suite interference with the deletion activity.

Determine if your PC is infected with Antivirdom.com hijacker and affiliated malware (Security Suite scareware):

Download Antivirdom.com Hijacker Free Scanner with Remover

Antivirdom.com Screenshot:

Antivirdom.com Screenshot

Security Suite Counterfeit Warning Page Screenshot:

Antivirdom.com/block.php

How to remove Antivirdom.com hijacker manually:

To perform manual removal of Antivirdom.com hijacker and related rogue trialware, you should do the following:

Delete the following corrupt files:

  • %UserProfile%\Local Settings\Application Data\[random]
  • %UserProfile%\Local Settings\Application Data\\[random]shdw.exe

Remove Antivirdom.com related registry entries:

  • HKEY_CURRENT_USER\Software\wnxmal
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = “1″
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter “Enabled” = “0″
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyOverride” = “”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyServer” = “http=127.0.0.1:6522″
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations “LowRiskFileTypes” = “.exe”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments “SaveZoneInformation” = “1″
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “[random]“
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache “%UserProfile%\Desktop\flash_player_installer\flash_player_installer.exe”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “[random]“
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = “no”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyEnable” =”1″

Please, note that manual removal of Antivirdom.com hijacker is a procedure of high complexity and should be performed with extreme caution. Lack of the required skills and even the slightest deviation from the instructions may lead to irreparable system damage. To ensure trouble-free deletion, it is recommended to use the automatic removal tool below:

Download Antivirdom.com Hijacker Removal Tool

Leave a Reply