Antiviran.com is a malicious website. If you find that your browser is redirecting you to Antiviran.com, do not purchase anything on the site, and do not trust anything that Antiviran.com may tell you about your computer's security. If you aren't being redirected to Antiviran.com, do not attempt to visit the site. There is nothing real or useful on Antiviran.com.
The name "Antiviran.com" refers to two things: a browser hijacker, and a malicious website that the hijacker redirects to (and which is also a payment site for a scam). Both the hijacker and the website Antiviran.com support the rogue anti-virus software Antivirus Monitor. In other words, both of them exist in order to trick you into thinking that Antivirus Monitor is real anti-virus software, so that you will pay for it and download Antivirus Monitor. However, Antivirus Monitor is malware, and although Antivirus Monitor pretends to be a security application, Antivirus Monitor is completely useless for scanning for or removing threats.
Table of Contents
The Hijacker Antiviran.com
The browser hijacker Antiviran.com typically downloads itself to the affected computer via Trojans. What happens is that while you are online, you click on a link in a fake or malicious advertisement that initiates the download, or you download a file or program update (from a site other than that of the program's publisher), and the Trojan is secretly bundled with the download. Either way, you will not notice that something has occurred until the hijacker Antiviran.com starts causing problems.
The symptoms of an infection with the hijacker Antiviran.com are easy to spot. As the name implies, the hijacker Antiviran.com will hijack your web browser, and cause it to navigate to the website Antiviran.com. Whenever you try to view another site, your browser will go to Antiviran.com instead. Furthermore, the hijacker Antiviran.com may change your home page, and Antiviran.com may cause pop-up advertisements and alerts to appear while you are online. Generally, these advertisements and alerts will warn that your computer may be insecure, and they will recommend a download of Antivirus Monitor. (Obviously, you shouldn't download Antivirus Monitor for any reason!)
Analyses of the actual files created by the hijacker Antiviran.com reveal that once Antiviran.com is installed, the hijacker tries to contact a remote host. However, it seems to be the case that the remote host is the website Antiviran.com, so there is not enough evidence to say that the hijacker Antiviran.com is used for spying on the user of the infected computer, or for stealing private information. It may be the case that the hijacker is capable of spying on or manipulating the affected computer in other ways, but at present, there are insufficient data to support that theory.
The Website Antiviran.com
The website Antiviran.com is a clone of every other website that promotes Antivirus Monitor, and Antiviran.com uses the same minimalistic design, bland yellow color scheme and blue shield logo, and a handful of definitions of malware terminology that appear in several places in order to fill space. The website Antiviran.com has fake testimonials about how great Antivirus Monitor is, along with a fake company address, and a completely phony customer support email form. Of course, all of this lame, low-quality content is only present in order to make Antiviran.com appear to be a legitimate website. It's all set dressing for the star of the site, which is the payment page – the only page that the crooks behind Antiviran.com and Antivirus Monitor really care about anyone visiting. If you enter your credit card information into Antiviran.com's payment page, you are paying into a scam and giving criminals everything they need in order to make fraudulent charges to your card.
The most public layer of the registration information for the website Antiviran.com shows that the site is registered to someone in California. Look a little deeper, however, and you will find that the IP address for Antiviran.com is currently 184.108.40.206, which points to a location in Ukraine, and which belongs to Tirexhost. Even that is a misdirection, since Tirexhost isn't even actually operated out of Ukraine. Tirexhost is operated out of St. Petersburg, Russia; therefore, Antiviran.com ultimately can be traced to an origin in Russia. Also, although Tirexhost hosts several hundred websites, detailed examination of its sites has yet to reveal a single website that is not malicious. Antiviran.com ought to be treated with suspicion just for being a Tirexhost site, not to mention the huge Antivirus Monitor scam that Antiviran.com promotes.
File System Details
Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
|1.||%TempDir%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe|