Oemantivir.microsoft.com Oemantivir.microsoft.com
By GoldSparrow in Rogue Websites |
3 views
Rate it: 
(No Ratings Yet)
Loading ...
(No Ratings Yet) Loading ...Translate To: 
Português
Português
Oemantivir.microsoft.com Description
Oemantivir.microsoft.com is a browser hijacker promoting the distribution of the rogue anti-spyware application known as Antivirus System PRO. Due to affiliated trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activities are redirected to the Oemantivir.microsoft.com domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate the user into purchasing and downloading the fake spyware remover Antivirus System PRO.
Type: Rogue Websites
How Can You Detect Oemantivir.microsoft.com?
Oemantivir.microsoft.com has typically the following processes in memory:
- %WINDOWS%\system32\iehelper.dll
- %WINDOWS%\sysguard.exe
Oemantivir.microsoft.com creates the following registry entries:
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}
- HKEY_CLASSES_ROOT\CLSID\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}
- HKEY_CURRENT_USER\Software\AvScan
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “system tool”
Important Article Disclaimer
This entry was posted on 08/17/09 and is filed under Rogue Websites.
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
