Note: The sites we talk about in this post distribute Rogue “Fake” Anti-Malware product. Do not visit, pay, or download the software discussed below.
Here is a newer rogue threat we found to be active today. The files are not available yet.
Whois:
ICANN Registrar: ONLINENIC, INC.
Created: 2008-09-29
Expires: 2009-09-29
Updated: 2008-11-05
Registrar Status: ok
Name Server: NS1.FREEFASTDNS.COM (has 135 domains)
Name Server: NS2.FREEFASTDNS.COM
Whois Server: whois.onlinenic.com
Server Data
IP Address: 89.149.255.190
IP Location – Germany – Netdirekt E.k
Response Code: 200
Domain Status: Registered And No Website
DomainTools Exclusive
Registrant Search: “Shestakov Yuriy” owns about 4,332 other domains
Terse Summary:
GET hxxp://adserver.eosads.com/redirect3/traf.php?id=454 200 OK
GET hxxp://adserver.eosads.com/redirect3/scr.php?a=754739&lang=en-us&id=454&ref=http://spyware-protector.com/ 200 OK
GET hxxp://spyware-protector.com/in.php 404 Not Found
GET hxxp://spyware-protector.com/install.php 200 OK
GET hxxp://spyware-protector.com/favicon.ico 404 Not Found
0 Responses to “Spyware Protector”
Leave a Reply
You must login to post a comment.