A recent tour of scareware V
More and more malware flow rate scareware, or rogue, that plague Internet deplegable strategies increasingly elaborate deception, and which code is constantly subject to manipulation by their creators entorpedecer detection by companies AV.
Some of the scareware who met during the last month are:
Antivirus 2009 Protection
MD5: fc6d3c36579907e3234d11e45aaff32eIP: 91.211.64.47
Russian Federation Ural Industrial Company Limited Platform: Windows
Domain Associates
bestantcomputerprotection. com
VT Report: 30/ 39 (76.93%)
Filter Spyware
MD5: 43aab2992405b0aefd7f895ceb3051b6IP: 92.62.101.123
Tallinn Estonia Starline Web Services Platform: Windows
Domain Associates
spw-fighter.com, spwfighter.com, spyware-fighter.com, spyware-fight.com, spywarefighter2009. com, swwfight.com, swwfight.net, scandalmature.com, searchmysites. com, sexdvds.ru, spylee. com
VT Report: 3/ 39 (7.7%)
Malware Defender 2009
MD5: afdff49097316d0a3e1b5c518c308f84 IP: 67.43.237.75
Ukraine Olexij Khrenov Platform: Windows
Domain Associates
malwaredefender2009.com, systemguard2009. com, systemguard2009m. com
VT Report: 32/ 40 (80.00%)
Win PC Defender
(Cloning of Police XP Antivirus)
MD5: b6bc68b2343669779ac8097b8ab1fd21
IP: 213.163.65.10
Netherlands Rotterdam Interactive 3d
Platform: Windows
Domain Associates
win-pc-defense.com, loyaltube.com, msjoinpayment.com, rakompoporyadkunazaryadku. com, iloveyourbrain. com, loyaltube. com, loyaltube09. com, loyaltube10. com, setupdatdownload. com, velzevuladmin. com, xp-police-09. com, xp-police-2009. com, xp-antivirus-police. com, xp-police-av. com, xp-police-engine. com
VT Report: 18/ 39 (46.15%)
(Cloning of Police XP Antivirus)
MD5: b6bc68b2343669779ac8097b8ab1fd21IP: 213.163.65.10
Netherlands Rotterdam Interactive 3d Platform: Windows
Domain Associates
win-pc-defense.com, loyaltube.com, msjoinpayment.com, rakompoporyadkunazaryadku. com, iloveyourbrain. com, loyaltube. com, loyaltube09. com, loyaltube10. com, setupdatdownload. com, velzevuladmin. com, xp-police-09. com, xp-police-2009. com, xp-antivirus-police. com, xp-police-av. com, xp-police-engine. com
VT Report: 18/ 39 (46.15%)
Search and Destroy
MD5: 8fb526b68a826cd3c87f0bf39a22c8df IP: 68,178,212,133
United States Scottsdale Godaddy.com Inc Platform: Windows
Domain Associates
search-and-destroy. com
SysCleaner Pro
MD5: 243062dfaaa21513cee37d14351b4644 IP: 64.191.12.38
United States Scranton Network Operations Center Inc Platform: Windows
Domain Associates
syscleanerpro. com, system-cleanerpro. com, totalantispyware.com, totalantispyware. net, totalantispyware2009. com
VT Report: 1/ 39 (2.57%)
Spy Fighter
IP: 74.52.155.194 Texas - Dallas - Theplanet.com Internet Services Inc Platform: Windows
Domain Associates
spy-fighter. com
11ox. Com
1getcarinsurance. Info
Renus 2008
MD5: da071a820af815e85ddded315d5cd919IP: 88.214.202.5
United Kingdom Real International Business Corp Platform: Windows
Domain Associates
renus2008. com, byboard. com, Intop. name, katorga. com, rudvd.com. ru
VT Report: 23/ 39 (58.97%)
Antivirus Agent Pro
MD5: ddf7db23b6f4b4db13cfd07da733a7e7IP: 82.146.49.35
Florida - Crystal River - Ispsystem At Birth Platform: Windows
Domain Associates
avagentpro. com
VT Report: 19/ 39 (48.72%)
In each of the cases submitted, add the respective domains associated with each scareware. This information is useful for blocking malicious domains.
Related information
A recent tour of scareware IV
A recent tour of scareware III
A recent tour of scareware II
A recent tour of scareware
Jorge Mieres
0 comentarios:
Post a Comment