Coantivirus.com
Coantivirus.com (or Coantivirus.microsoft.com) hacks your browser and makes you hit a bad website that compels you to buy the rogue anti-spyware program Antivirus System PRO. Coantivirus.com changes the Hosts file and browser settings without asking for user permission. Coantivirus.com will lead the user to a fraudulent website that claims you have insecure Internet activity going on and insists that you purchase Antivirus System PRO licensed software. Once you get redirected to Coantivirus.com, you should be able to exit the web page - but it will keep coming back and the only way to stop Coantivirus.com from playing havoc is by removing the hijacker from the computer system.
File System Modifications
- The following files were created in the system:
# File Name 1 %WINDOWS%\sysguard.exe 2 %WINDOWS%\system32\iehelper.dll
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\AvScanHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "system tool"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\CLSID\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.