Multi-Device Licenses (Volume Discounts)

Change Region

English Español Português
Threat Database Rogue Websites Coantivirus.com

Coantivirus.com

By GoldSparrow in Rogue Websites
Translate To:
English

Coantivirus.com also known as Coantivirus.microsoft.com is a malicious domain that advises unsuspecting users to purchase Antivirus System PRO. Users that encounter Coantivirus.com have already been infected with a Trojan that helps distribute the misleading webpage. The Trojan sneakily enters a user's system and modifies the registry and hosts file, causing a victim to be frequently redirected to Coantivirus.com.

Once a victim has hit Coantivirus.com a fake system scan will be conducted. The scan will claim that the victim's computer is seriously infected and then persuade the victim to purchase the "licensed version" of Antivirus System PRO in order to remove the detected malware. Users are advised to ignore all fake security alerts displayed on Coantivirus.com and never purchase the rogueware Antivirus System PRO.

File System Details

Coantivirus.com may create the following file(s):
Expand All | Collapse All
# File Name Detections
1. %WINDOWS%\system32\iehelper.dll
2. %WINDOWS%\sysguard.exe

Registry Details

Coantivirus.com may create the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}
HKEY_CLASSES_ROOT\CLSID\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}
HKEY_CURRENT_USER\Software\AvScan
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "system tool"

Trending

Most Viewed

Loading...