MalwareCrush.com

MalwareCrush.com

MalwareCrush is a Rogue Security application. From the SSH Family (As termed by Webhelper). Well a bit late on writing about this Rogue security application :-)

Does this icon look familiar, Bingo!!! yes this is the same old icon used by the predecessor of MalwareCrush. The application is a clone of VirusBurst, SpywareQuake, SpyAxe, and so on.

Screenshot of MalwareCrush Website:

Fake Scan Page

Fake Scan Page

Screenshot of MalwareCrush Application

Site name: malwarecrush.com
IP Address: 207.226.175.54
Name Servers:
ns2.malwarecrush.com
ns1.malwarecrush.com
Registrant: Hidden behind PrivacyProtect.org

I scanned the setup file from MalwareCrush.com

VirusTotal Scan Result: 1/32 (3.13%)
Kaspersky - -not-a-virus:FraudTool.Win32.MalwareCrush.a

I also scanned the Installer file from Scan.MawareCrush.com (fake scan page)

VirusTotal Scan Result: 14/32 (43.75%)

AntiVir - - DR/FakeAlert.PG.4
AVG - - SHeur.AKJJ
BitDefender - - Dropped:Trojan.FakeAlert.PG
ClamAV - - Trojan.Downloader-19777
Ewido - - Downloader.Agent.eyv
Fortinet - - Misc/Renos
F-Prot - - W32/Downldr2.AUXO
Ikarus - - Trojan.Fakealert.PG
Kaspersky - - Trojan-Downloader.Win32.Agent.hat
Prevx1 - - Heuristic: Suspicious Self Modifying File
Sunbelt - - ContraVirus (v)
Symantec - - ExpertAntiVirus
VBA32 - - Trojan-Downloader.Win32.Agent.gyl
Webwasher-Gateway - - Trojan.Dropper.FakeAlert.PG.4

Stay away from this rogue security application.

Bharath M N