A recent tour of scareware III

Malicious code scareware type (or rogue) will not cease to methodologies of infection. Every day I find new malicious programs of this type, and many of them are clones of other not limited to the most widely used platform (Windows) but many of them are focusing their efforts on attacking other platforms like Mac every time earn more fans.

In recent days have reported many cases, including:

Cleaner 2009
MD5: 58f4cae88de364d7a16d43f123d13cf8
IP: 89.18.181.9
- Netherlands - Ion
Platform: Windows
Associated domains:
cleaner2009solution. com
Antimalwaresuite2009. Com
VT Report: 9/ 38 (23.69%)

Antivirus 2009 Sys
MD5: 29c306e8b9791a919d6ccdd4d67b483b
IP: 94.247.2.75
Latvia - Zlkon
Platform: Windows
Associated domains:
sysantivirus2009. com
Antivirusnano. Com
VT Report: 19/ 39 (48.72%)

System Guard 2009
MD5: b32d763e5885a2d8520a47985a38dd8c
IP: 78.26.179.253
Odessa Ukraine Renome-Service: Joint Multimedia Cable Network
Platform: Windows
Associated domains:
systemguard2009m. com
systemguard2009. com sgviralscan. com sgproduct. com sgproductm. com getsgd3. com getsysgd09. com sg10scanner com sg11scanner. com sg12scanner. com sg9scanner. com sgonlinescan. com
VT Report: 8/ 39 (20.51%)

AntiSpyware Bot
MD5: caed5dde32e78f4e86792fe830ac1f6e
IP: 75.125.61.162
United States - Dallas - Theplanet.com Internet Services Inc
Platform: Windows
Associated domains:

2Square. Com
errorsweeper. com
privacycontrol. com
regclean. com www.antispywarebot. com

VT Report: 13/ 39 (33.34%)

Antivirus XP Pro
MD5: 161e8f7aac8c7ffb9f94dba38125bd75
IP: 77.91.225.235
Russian Federation - Netplace
Platform: Windows
Associated domains:
Allsupertubesonl. Com
Antivirusxppro2008. Com
Antivirusxppro2009. Com
VT Report: 19/ 37 (51.36%)


IE Security
MD5: c2c79c4dbcda629f6422623a4e334840
IP: 216,240,151,135
United States - Los Angeles - Atmlink Inc
Platform: Windows
Associated domains:
ie-security. com
Megavidon. Cn
Secured-software-order. Com
ie-security-config. com
webfreescan. cn
VT Report: 22/ 39 (56.42%)

WinDefender 2009
MD5: e3940a9e664dd80428803a09b27d3c0e
IP: 78.157.141.6
Latvia Ultranet
Platform: Windows
Associated domains:
77,244,220,156
119.47.81.151
VT Report: 18/ 39 (46.16%)
WinDefender 2009 is a clone of IE Security.

Internet Smart Security
MD5: 597d74008fbf3540649a71415f719c73
IP: 199,238,181,161
Colorado - Englewood - Ntt America Inc
Platform: Windows
Associated domains:
Intelinet-global. net
www.intelinet-global. net
VT Report: 17/ 39 (43.59%)

Total Defender
MD5: 8bcb981220d0145621a88c4881a6d2d2
IP: 94.247.2.41
Latvia - Zlkon
Platform: Windows
Associated domains:
rusexportal. com
total-defense. com
Webfreefind. com
VT Report: 23/ 39 (58.98%)



Police Antivirus XP
MD5: 8b4e351b819eacf152938cf3f58b5c43
IP: 216,240,151,134
California - Los Angeles - Atmlink Inc
Platform: Windows
Associated domains:
asvpay. com
configupdatestart. com lickmydicktube. com mybestelitemovies. com ruler-cash. com ruler-stat. com spy-partners. com xp-police. com
VT report: 28/ 39 (71.8%)

XP Protection Center
MD5: cab283aab0df5d0b102a41a5c42317d5
IP: 206.161.126.43
United States - Beyond The Network America Inc
Platform: Windows
Associated domains:
xp-protection-center. com
xpp-center. com
xppcenter. com
VT Report: 37/ 39 (94.88%)

iMunizator
MD5: 02175c605820cffa4c2fdf8a162e7300
IP: 67.205.75.10
Ukraine - Individual
Platform: Mac
Associated domains:
imunizator. net
VT Report: 3/ 39 (7.7%)
More in attacking Mac systems through security tool falas

Antispy Knight
MD5: ef7e0a364cb352a9d9aa5a3b83e2ad51
IP: 193.138.172.5
Latvia - Baltconn-net
Platform: Windows
Associated domains:
antispyknight. biz
VT Report: 11/ 39 (28.21%)

Related information
A recent tour of scareware II
A recent tour of scareware

Jorge Mieres