Archive for September 16th, 2008

16
Sep

Virus Response Lab 2009

By stingner Comment
Categories: Database Update, MalSpam, Malicious Domains, Malware, Rogue Security Software and Rogue Software

Note: This site is distributing Rogue “Fake” Anti-Malware product. Do not visit, pay, or download the software discussed below.

Virus response Lab 2009

Site:

* hxxp://viruslabs2009.com/

File: virlab_install.exe
VirusTotal: Result: 9/36 (25%)
File size: 1579973 bytes
MD5…: 93fef280425ad6fb002430abb8cf216d
SHA1..: 766a414faa1e062c0ce40f1ede93a3d166902b6c
SHA256: 4346309f29aacf14cd0fc764ccac674572a498b7f80e1a4018265008cbf1ba4c
SHA512: 371d231b30c32756be1dbd5b50e26144d506abe895a6893fdcea866b8353e310
8548ded05366e25c2d968dffa506880e8729b7b8a6b4f4e06c3814d903eba37e
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)

MDB: /stingner-malware/

Removal:

Remove this threat with MalwareBytes!

16
Sep

Web Spy Shield – 1 file added – 2 domains added (1/36)

By lithium Comments
Categories: Database Update and Rogue Security Software

Note: This site is distributing Rogue “Fake” Anti-Malware product.  Do not visit, pay, or download the software discussed below.

Web Spy Shield

Sites:

  • hxxp://scan-em-now-xp-antivirus.com
  • hxxp://top-online-antivirus-xp.com

File: antivirus.v.1.exe
VirusTotal: Result: 1/36 (2.78%)
File size: 28164 bytes
MD5…: 0e019d642a39fa76ab381c17dec5b040
SHA1..: 0ababc80b7c05b6bbcd240c9b1c5a6b402b6e444
SHA256: d9a79ec9d1d03bc8be70ea47c3fe59894269334acdcc4a39d4593414f8dd6cfc
SHA512: a75cc344058a1612b70b8ad637c9c647fcfdd5268133883e7955c019bf27fb96
9b8478ca3c8fa58cca7cb3b80b5a1a030cba7a91c2b73a73fb5d7299e6b37d03
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
VXD Driver (0.1%)

16
Sep

Beware of System Cleaner and Hardware Doctor

By lithium Comments
Categories: Database Update

Note: This site is distributing Rogue “Fake” Anti-Malware product.  Do not visit, pay, or download the software discussed below.

Today we report suspicious rogue like activity coming from several websites pointing to the same System Cleaner and Hardware doctor purchase page.  The download, if it even exists, is only available after purchase.

System Cleaner

Sites:

  • hxxp://antivirus-cs1.com
  • hxxp://antivirus-cs2.com
  • hxxp://antivirus-cs3.com
  • hxxp://antivirus-cs4.com
  • hxxp://antivirus-cs5.com
  • hxxp://antivirus-cs6.com
  • hxxp://antivirus-cs7.com
  • hxxp://antivirus-cs8.com
  • hxxp://antivirus-cs9.com
  • hxxp://antivirus-cs10.com
  • hxxp://antivirus-cs11.com
  • hxxp://antivirus-cs12.com
  • hxxp://antivirus-cs13.com
  • hxxp://antivirus-cs14.com
  • hxxp://antivirus-cs15.com


 

September 2008
M T W T F S S
« Aug   Oct »
1234567
891011121314
15161718192021
22232425262728
2930