A recent tour of scareware XIII

More domains, IP addresses and related hosting malicious code type scareware (rogue) that during this month are spreading threats. As always, the recommendation is to block these addresses and domains.

Antivirus Security
MD5: db924706a824c5c43feebbe6a781d1ba
IP: 84.16.237.52
Germany Berlin Netdirekt E.k
Domains associated
best-antivirus-security .com

Result: 29/41 (70.73%)



Malware Remobal Tool
MD5: 72b06c550ccbd110be2a4ce66b7bd7c1
IP: 174.132.250.194
United States Dallas Theplanet.com Internet Services Inc
Domains associated
malwarebot.org
malwaree.com
malwaree.org
remove-a360.com
remove-antivirus-360.com
remove-antivirus-system-pro.com
remove-antivirusbest.com
remove-av360.com, remove-ie-security.com, remove-malware-defender.com, remove-malware-doctor.com, remove-ms-antispyware.com, remove-personal-antivirus.com, remove-personal-defender.com, remove-spyware-guard.com, remove-spyware-protect-2009.com, remove-spyware-protect.com, remove-system-guard.com, remove-ultra-antivir-2009.com, remove-ultra-antivirus-2009.com, remove-virus-alarm.com, remove-virus-melt.com, remove, winpc-antivirus.com, remove-winpc-defender.com, smitfraudfixtool.com, vundofix.org, vundofixtool.com, www-malware.org, www.av360removaltool.com, www.malwarebot.org, www.malwaree.com, www.malwaree.org, www.remove-ms-antispyware.com, antivirus360remover.com, av360removaltool.com

Result: 9/41 (21.95%)

akaysu.cn, ajowah.cn/installer_1.exe, atiqad.cn/video.php?wm=70157&n=15, atiqad.cn/installer_70157.exe, akaysu.cn/video.php?wm=70157&n=15 (195.95.151.174), getavplusnow .com/se.exe, antivirusplus-ok.com/redirect.php, getavplusnow .com/install/InternetExplorer.dll (195.95.151.176) - Ukraine Kiev Eastnet-ua-net
mirmuzappar .net/setup.exe (210.51.181.129) - China Beijing Cnc Idc Customer
rondo-trips.cn/go.php?id=2010-10&key=b8c7c33ca&p=1 (83.133.123.113) - Germany Lncde-greatnet-newmedia
kahold.info/download/install.php (204.27.57.227) - United States Kansas City Aarons.net
downloadxxtube .com/download/setup.exe (78.159.98.70) - Germany Berlin Netdirekt E.k
www.antispyware.com, adwarealert.com/install.php (75.125.200.226), regsweep.com/install.php (75.125.241.58) - United States Dallas Theplanet.com Internet Services Inc
pluspromooffer.com/srm/adv/142, showpromooffer.com/srm/adv/142 (212.95.53.143) - Lithuania Kaunas Netdirect-uab-retrogarsas
microwaresoftware.com/download.php (89.149.207.120) - Germany Berlin Netdirekt E.k
guardlab2009 .net/InstallerWF.exe (76.76.103.164) - Malaysia Ronn Chang
online-defenderv9.com (94.102.51.26) - Netherlands Amsterdam As29073 Ecatel Ltd

Error Repair Tool
IP: 75.125.61.163
United States Dallas Theplanet.com Internet Services Inc
Domains associated
errorrepairtool .com, errorsrepair .com
errorstool .com, www.errorstool .com


Antivirus System Pro = System Guard 2009
IP: 91.206.201.8
Ukraine Pe Sergey Demin
Domains associated
oemantivir.com
avir-guardian.com
avir-protect.com
aviremover.com, aviremover2009.com, avirguardian.com, avirprotect.com, avremoverpro.com, awareprotect.com, esysprotect.com, esysprotector.com, intsecurepro.com, intsecureprof.com, osguardpro.com, ossecure2009.com, scanforspywarenow.com, www.avir-guardian.com, www.avir-protect.com, www.esysprotector.com

Save Soldier
MD5: 71f3f5fa2d4d5a48aaecde6cc926c28a
IP: 194.54.81.18
Ukraine Realon Service Llc
Domains associated
savesoldier .com
wersincast .com
winbluesoft.net
winishield .com

Result: 6/41 (14.64%)

Related information this Blog
Una recorrida por los últimos scareware XII
Una recorrida por los últimos scareware XI
Una recorrida por los últimos scareware X
Una recorrida por los últimos scareware IX
Una recorrida por los últimos scareware VIII
Una recorrida por los últimos scareware VII
Una recorrida por los últimos scareware VI
Una recorrida por los últimos scareware V
Una recorrida por los últimos scareware IV
Una recorrida por los últimos scareware III
Una recorrida por los últimos scareware II
Una recorrida por los últimos scareware

Jorge Mieres