Adware, malware, spyware, hijacker discussion and information

[Gain Knowledge]  [Install Prevention]  [Maintain Security]  [Spyware Removal Help]


It is currently Wed Sep 17, 2014 2:33 pm

All times are UTC - 7 hours




Post new topic Reply to topic  [ 51 posts ]  Go to page Previous  1, 2
Author Message
 Post subject: Re: Rogue\Suspect & Rogue Remover Anti-Spyware List Update
PostPosted: Sat Feb 09, 2008 2:17 pm 
Offline
Countermeasures Agent
Countermeasures Agent
User avatar

Joined: Tue Feb 22, 2005 7:53 pm
Posts: 15
Location: 127.00.00.1
boy have i been out of the loop!!
i d/led that will give it a run through!!

_________________
Image
http://www.spywarewarrior.com/
Donate Please to help the victims of tsunami http://www.redcross.ca/



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue\Suspect & Rogue Remover Anti-Spyware List Update
PostPosted: Sat Feb 09, 2008 7:45 pm 
Offline
Site Admin
Site Admin
User avatar

Joined: Fri Jan 28, 2005 5:16 pm
Posts: 15990
Location: PHX, AZ
wawadave wrote:
boy have i been out of the loop!!
i d/led that will give it a run through!!
Dave, Eric hasn't updated his rogues list since May of '07, making it nearly useless IMHO.

Marcin updates his RogueRemover very frequently and you can view his RogueNET forum and see what's being tested for inclusion to the db.

_________________
Image



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue\Suspect & Rogue Remover Anti-Spyware List Update
PostPosted: Sat Feb 09, 2008 8:41 pm 
Offline
Countermeasures Agent
Countermeasures Agent
User avatar

Joined: Tue Feb 22, 2005 7:53 pm
Posts: 15
Location: 127.00.00.1
well thats to long not to up date i will be recomending this app now!1
thx temerc

_________________
Image
http://www.spywarewarrior.com/
Donate Please to help the victims of tsunami http://www.redcross.ca/



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue\Suspect & Rogue Remover Anti-Spyware List Update
PostPosted: Tue Feb 26, 2008 4:24 pm 
Offline
Site Admin
Site Admin
User avatar

Joined: Fri Jan 28, 2005 5:16 pm
Posts: 15990
Location: PHX, AZ
Bakasoftware Expanding their List
Tuesday, February 26, 2008

Quote:
A month ago a new group called Bakasoftware (Bakasoftware.com) aka Pandora-Software released three Rogue security applications. The list of applications is as follows:
  • EasySpywareCleaner -.com
  • Spy-Rid -.com
  • InfeStop -.com
  • WinIFixer -.com
Tobesoftware.com and On-linelist.com but these two sites are not functional yet
0-= More w\Screen Shots @ Bharath's Security Blog

_________________
Image



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue\Suspect & Rogue Remover Anti-Spyware List Update
PostPosted: Sat Mar 01, 2008 2:37 pm 
Offline
Site Admin
Site Admin
User avatar

Joined: Fri Jan 28, 2005 5:16 pm
Posts: 15990
Location: PHX, AZ
Version 166 (2/19/08)

[Added]
EliteProtector, MalwareCore, SpyBurner, SpywareSolver, SysCleaner, WinReanimator, WinSpyKiller, WinXDefender, XPDefender

[Updated]
Rogue.Infector, VirusHeat

_________________
Image



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue\Suspect & Rogue Remover Anti-Spyware List Update
PostPosted: Sat Mar 01, 2008 2:38 pm 
Offline
Site Admin
Site Admin
User avatar

Joined: Fri Jan 28, 2005 5:16 pm
Posts: 15990
Location: PHX, AZ
Version 167 (3/1/08)

[Added]
Bug Doctor, DoctorVaccine, SpyWarp, VirusRanger, VsSpy

_________________
Image



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue Anti-Spyware List Update [Mar 7]
PostPosted: Fri Mar 07, 2008 4:29 pm 
Offline
Site Admin
Site Admin
User avatar

Joined: Fri Jan 28, 2005 5:16 pm
Posts: 15990
Location: PHX, AZ
A Crooked Review, or Creative Marketing?
Posted by John Park on March 7, 2008
Quote:
If you search for the word "antivirus" on major search engines like Google, Yahoo, or MSN there is a possibility you will end up with "6StarReview.com" or "StarReviews.com" with a link name like "Top 10 Antivirus for 2008" as one of top sponsored ads. The Star Reviews is basically a Web-only review site that covers everything from blog services to online banking. Perhaps the site is a bit heavy on affiliate links, but nothing out of the ordinary. No pop-ups. No browser exploits. All in all, it looks legit.

However, while reading the rankings of "2008 Antivirus Review," I felt somewhat uncomfortable, to a similar degree as when I watched the episode of "Will It Blend: iPhone." The rankings show "The Shield Deluxe" as the best AV product. A product that I have never heard of before, beating all other major vendors like CA, BitDefender, Norton, Kaspersky, NOD32, Panda, McAfee, and TrendMicro. This was disturbing to me in two different ways at the same time:
    1) Is this product really that good? I usually keep up with the latest security technologies and products. So, if I have missed this dark horse until it has reached the number one in the ranking, then I have not done my due diligence of keeping up the market research.
    2) Is this review rigged? What's in it for the reviewer to place a no-name product on the top of the list? Is this product even a real product?
0-= More Details @ Symantec Security Response Blog

_________________
Image



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue Anti-Spyware List Update [Mar 7]
PostPosted: Fri Mar 07, 2008 4:32 pm 
Offline
Site Admin
Site Admin
User avatar

Joined: Fri Jan 28, 2005 5:16 pm
Posts: 15990
Location: PHX, AZ
The info below is all related to the site in question on the Symantec blog, except I've not blocked out the public information and included other IPs and domains associated.
TeMerc wrote:
Registrant:
Star Advertising, Inc.
150 West 25th Street
New York, New York 10001
United States

Registered through: GoDaddy.com, Inc. (godaddy.com)
Domain Name: STARREVIEWS.COM
Created on: 15-Jan-05
Expires on: 15-Jan-12
Last Updated on: 30-Oct-07

Administrative Contact:
frischman, arthur arthur[AT]6starreviews.com
Star Advertising, Inc.
150 West 25th Street
New York, New York 10001
United States
5612517198

Technical Contact:
frischman, arthur arthur[AT]6starreviews.com
Star Advertising, Inc.
150 West 25th Street
New York, New York 10001
United States
5612517198

Domain servers in listed order:
NS1.GEODNS.NET
NS2.GEODNS.NET


Other sites on same IP, listed in hpHOSTS:
    1 6starreviews.com 63.246.20.208
    2 hxxp://www.6starreviews.com 63.246.20.208
    3 medeox.com 64.34.180.202
    4 myfastsearch.com 64.34.180.202
    5 trafficdiscount.com 64.34.180.16
0-= hpHOSTSOnline

_________________
Image



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue Anti-Spyware List Update [Mar 7]
PostPosted: Fri Mar 07, 2008 4:52 pm 
Offline
Site Admin
Site Admin
User avatar

Joined: Sun May 15, 2005 12:42 pm
Posts: 3706
Location: Newcastle, UK
It actually gets alot worse ;)

http://hosts-file.net/pest.asp?show=63.246.20.

_________________
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

Keeping it FREE!



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue Anti-Spyware List Update [Mar 7]
PostPosted: Fri Mar 07, 2008 6:09 pm 
Offline
Site Admin
Site Admin
User avatar

Joined: Fri Jan 28, 2005 5:16 pm
Posts: 15990
Location: PHX, AZ
MysteryFCM wrote:
rofl

_________________
Image



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue Anti-Spyware List Update [Mar 7]
PostPosted: Mon Mar 17, 2008 7:53 pm 
Offline
Site Admin
Site Admin
User avatar

Joined: Fri Jan 28, 2005 5:16 pm
Posts: 15990
Location: PHX, AZ
Version 169 (3/17/08)
[Added]
SpyCatchE

[Updated]
SpywareIsolator

[Removed]
PCSleek Error Cleaner
====================================
Version 168 (3/16/08)
[Added]
SearchAndDestroy, SpyKillerPro, TheSpyBot, Unigray Antivirus, WinIFixer
No other updates, removals or notes
=======================
Version 167 (3/1/08)
[Added]
Bug Doctor, DoctorVaccine, SpyWarp, VirusRanger, VsSpy
No other updates, removals or notes

_________________
Image



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue Anti-Spyware List Update [Mar 31]
PostPosted: Mon Mar 31, 2008 2:12 pm 
Offline
Site Admin
Site Admin
User avatar

Joined: Fri Jan 28, 2005 5:16 pm
Posts: 15990
Location: PHX, AZ
Version 170 (3/31/08)
[Added]
ProAntispy, ProtectingTool, XPCleaner

[Updated]
No applications were updated.

[Removed]
No applications were delisted.

[Notes]
No further comments.

_________________
Image



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue Anti-Spyware List Update [Apr 8]
PostPosted: Tue Apr 08, 2008 4:48 pm 
Offline
Site Admin
Site Admin
User avatar

Joined: Fri Jan 28, 2005 5:16 pm
Posts: 15990
Location: PHX, AZ
Version 171 (4/5/08)

[Added]
AdwareAlert, WinXProtector

[Updated]
No applications were updated.

[Removed]
No applications were delisted.

[Notes]
No further comments.

_________________
Image



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue Anti-Spyware List Update [Apr 14]
PostPosted: Mon Apr 14, 2008 7:47 am 
Offline
Site Admin
Site Admin
User avatar

Joined: Fri Jan 28, 2005 5:16 pm
Posts: 15990
Location: PHX, AZ
Localized Fake Security Software
Monday, April 14, 2008

Would you believe that in times when top tier antivirus vendors are feeling the heat from the malware authors' DoS attacks on their honeyfarms, and literally cannot keep up with their releases, someone out there is using an antivirus scanner that doesn't really exist? It's one thing to promote fake security software in a one-to-many communication channel by using a single language in a combination with cybersquatted domains, and entirely another to do the same in different languages. Localization for anything malicious is already taking place, as originally anticipated as an emerging trend back in 2006. The following currently active fake security software scams are promoted in Dutch, French, German, Italian, and you don't get to download them until you hand out your credit card details, and once you do so, you'll end up in the same situation just like many other people did in the past.

Some sample fake brands:
  • SpyGuardPro
  • PCSecureSystem
  • AntiWorm2008
  • WinSecureAv
  • MenaceRescue
  • PCVirusless
  • LifeLongPC
  • NoChanceForVirus
  • MenaceMonitor
  • TrojansFilter
  • TrojansFilter
  • LongLifePC
  • KnowHowProtection
  • BestsellerAntivirus
  • PCVirusSweeper
  • AVSystemCare
  • AVSecurityPlus
  • AVSecurityPlus
  • PCAssertor
  • PoseidonAntivirus
  • TrustedAntivirus
  • PCBoosterPro
  • DefensiveSystem
  • GoldenAntiSpy
  • AntiSpywareSuite
  • AntiMalwareShield
  • AntivirusPCSuite
  • AntivirusForAll
  • TrustedProtection
  • NoWayVirus
  • AntiSpywareConductor
  • AntiSpywareMaster
  • TurnkeyAntiVirus
  • YourSystemGuard
    Portfolio one:
    • alfaantivirus.com
    • antivirusalmassimo.com
    • farrevirus.com
    • fomputervagt.com
    • figitalerschutz.com
    • flmejorcuidado.com
    • ferramentantivirus.com
    • filterprogram.com
    • filtredevirus.com
    • geeninfectie.com
    • harddrivefilter.com
    • keineinfektionen.com
    • longueviepc.com
    • maseg.net
    • nonstopantivirus.com
    • pcantivirenloesung.com
    • pcsystemschutz.com
    • plutoantivirus.com
    • psbeveiligingssysteem.com
    • riendevirus.com
    • securepcguard.com
    • sekyuritikojo.com
    • sistemadedefensa.com
    • sumejorantivirus.com
    • totaltrygghet.com
    • viruscontrolleuer.com
    • viruswacht.com
    • votremeilleurantivirus.com
    • zeusantivirus.com
    Portfolio two:
    • advancedcleaner.com
    • alltiettantivirus.com
    • antispionage.com
    • antispionagepro.com
    • antispypremium.com
    • antispywarecontrol.com
    • antispywaresuite.com
    • antiver2008.com
    • antivirusaskeladd.com
    • antivirusfiable.com
    • antivirusforall.com
    • antivirusforalla.com
    • antivirusfueralle.com
    • antivirusgenial.com
    • antivirusmagique.com
    • antivirusordi.com
    • antivirusparatodos.com
    • antiviruspcpakke.com
    • antiviruspcsuite.com
    • antiviruspertutti.com
    • antivirusscherm.com
    • antiworm2008.com
    • antiwurm2008.com
    • archivoprotector.com
    • avsystemcare.com
    • avsystemshield.com
    • barrevirus.com
    • bastioneantivirus.com
    • bestsellerantivirus.com
    • bortmedvirus.com
    • cerovirus.com
    • debellaworm2008.com
    • defensaantimalware.com
    • defensaantivirus.com
    • drivedefender.com
    • exterminadordevirus.com
    • fiksdinpc.com
    • mijnantivirus.com
    • mobileantiviruspro.com
    • norwayvirus.com
    • nowayvirus.com
    • pcantivirenloesung.com
    • plutoantivirus.com
    • viruscontrolleuer.com
    • zebraantivirus.com
    • zeusantivirus.com
    Portfolio three:
    • pcsecuresystem.com
    • antiworm2008.com
    • winsecureav.com
    • menacerescue.com
    • pcvirusless.com
    • lifelongpc.com
    • nochanceforvirus.com
    • menacemonitor.com
    • trojansfilter.com
    • longlifepc.com
    • knowhowprotection.com
    • bestsellerantivirus.com
    • pcvirussweeper.com
    • antiespiadorado.com
    • avsecurityplus.com
    • apolloantivirus.com
    • pcassertor.com
    • menacesecure.com
    • poseidonantivirus.com
    • trustedantivirus.net
    • pcboosterpro.com
    • defensivesystem.com
    • goldenantispy.com
    • avsystemcare.com
    • trustedantivirus.com
    • antimalwareshield.com
    • avsystemcare.com
    • antiviruspcsuite.com
    • antivirusforall.com
    • trustedprotection.com
    • nowayvirus.com
    • pcantiviruspro.com
    • antispywareconductor.com
    • antispywaremaster.com
    • turnkeyantivirus.com
    • yoursystemguard.com
0-= Continued @ DDanchev Blog

_________________
Image



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue Anti-Spyware List Update [Apr 14]
PostPosted: Thu May 15, 2008 9:56 am 
Offline
Site Admin
Site Admin
User avatar

Joined: Fri Jan 28, 2005 5:16 pm
Posts: 15990
Location: PHX, AZ
Bakasoftware’s saga continues
Thursday, May 15, 2008
Quote:
Bakasoftware (Bakasoftware.com) aka Pandora-Software is again busy releasing new rogue applications.

Advanced XP Defender is the new rogue from this group.

Site Name: Advancedxpdefender.com
IP Address: 216.240.138.207

Advanced XP Defender is a clone of WinIFixer application the scammers are so lazy that they even have left the traces of WinIFixer name in Advanced XP Defender application.

The group also uses many sites to push WinIFixer another rogue from the same group. Following are the different sites that are used for advertising WinIFixer.

Site Name: Winifixer.net
Site Name: Winifixer.org
Site Name: Winqfixer.com
IP Address: 216.240.138.207

The following is the affiliate program site

Site Name: Bakasoftware.net
IP Address: 216.240.138.206

Stay away from these sites.
0-= See Screenshots @ Bharath's Security Blog

_________________
Image



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue Anti-Spyware List Update [May 15]
PostPosted: Thu May 22, 2008 8:19 am 
Offline
Site Admin
Site Admin
User avatar

Joined: Fri Jan 28, 2005 5:16 pm
Posts: 15990
Location: PHX, AZ
Advanced XP Fixer
Quote:
Advanced XP Fixer is yet another Rogue from Bakasoftware (Bakasoftware.com) aka Pandora-Software. The application is a clone of WinIFixer application.

Site Name: Advancedxpfixer.com
IP Address: 216.240.139.169
0-= Screenshots @ Bharath's Security Blog

=======================================================

SpyGuarder
Quote:
SpyGuarder is a new Rogue security application currently advertised/pushed by Trojan horse.

Site Name: SpyGuarder.com
IP Address: 208.85.178.132

SpyGuarder uses Software-payment.com site for payment processing. Beware that this site is also used by many other rogue security applications for payment processing.
0-= Screenshots @ Bharath's Securty Blog

_________________
Image



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue Anti-Spyware List Update [May 25]
PostPosted: Mon May 26, 2008 9:55 am 
Offline
Site Admin
Site Admin
User avatar

Joined: Fri Jan 28, 2005 5:16 pm
Posts: 15990
Location: PHX, AZ
Recent Rogue Applications advertised by MediaTubeCodec Trojans
Monday May 26, 2008


Quote:
Here is a list of new rogue Security applications that was advertised by MediaTubeCodec Trojans on infected systems.

Site Name: Antispywareexpert.com
IP Address: 92.62.100.64

Site Name: Antimalwareguard.com
Site Name: Antispywareexpertpro.com
IP Address: 195.5.117.248

The above mentioned sites distribute similar rogue security application. These applications are from AntiSpywareSolutionPro Inc. group (aka Winfixer).

Site Name: Pcprivacycleaner.com
IP Address: 92.62.100.64

Pcprivacycleaner is bogus/rogue privacy protection application by MediaTubeCodec Trojans.

Antivirus-2008-pro is a new rogue security application. Its an clone of Kvmsecure rogue application.
0-= More @ Bhrath's Security Blog

_________________
Image



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue Anti-Spyware List Update [May 25]
PostPosted: Fri May 30, 2008 10:21 am 
Offline
Site Admin
Site Admin
User avatar

Joined: Fri Jan 28, 2005 5:16 pm
Posts: 15990
Location: PHX, AZ
Quote:
MalwarePatrolPro is a new rogue security application from WinIFixer family of Rogue security applications. As usual this rogue is pushed by Fake codecs.

Site Name: Malwarepatrolpro.com
IP address: 216.240.139.169
0-= Screenshots @ Bharath's Security Blog

_________________
Image



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue Anti-Spyware List Update [May 30]
PostPosted: Fri May 30, 2008 10:40 am 
Offline
Site Admin
Site Admin
User avatar

Joined: Fri Jan 28, 2005 5:16 pm
Posts: 15990
Location: PHX, AZ
Another rogue: PCPrivacy Cleaner @ Malwarebytes Blog

MBAM targets this infection

_________________
Image



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue Anti-Spyware List Update [May 30]
PostPosted: Tue Jul 01, 2008 4:43 pm 
Offline
Site Admin
Site Admin
User avatar

Joined: Fri Jan 28, 2005 5:16 pm
Posts: 15990
Location: PHX, AZ
Malwarebytes Anti-Malware Version 175 (7/1/08)

[Added]
AdvancedAntivirus, Antivirus2008, MalwarePatrolPro, MalwareProtector2008, SpyGuarder, System Antivirus, Ultimate Antivirus, Windows Antivirus, XPSecurityCenter

[Updated]
WinSpywareProtect

[Removed]
No applications were delisted.

[Notes]
No further comments.

_________________
Image



IP:
top
Top
 Profile Send private message  
 
 Post subject: Re: Rogue Anti-Spyware List Update [July 1]
PostPosted: Wed Jul 02, 2008 7:29 pm 
Offline
Moderators
Moderators
User avatar

Joined: Tue Jul 01, 2008 11:11 am
Posts: 203
Location: USA
Thanks for the info TeMerc. :)

-eXaByTe

_________________
secur3d TIC Moderator



IP:
top
Top
 Profile Send private message  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 51 posts ]  Go to page Previous  1, 2

All times are UTC - 7 hours


Who is online

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  

Who is online

Who is online In total there are 0 users online :: 0 registered, 0 hidden and 0 guests (based on users active over the past 5 minutes)
Most users ever online was 282 on Tue Sep 25, 2012 11:30 am

Users browsing this forum: No registered users and 0 guests

New posts    No new posts    Forum locked
cron
Powered by phpBB