Week End Updates
Zlob Trojan Distributing site
Site Name: Mpegaddons.com
IP Address: 85.255.118.181
Registrar: ESTDOMAINS, INC.
IP Address: 85.255.118.181
Registrar: ESTDOMAINS, INC.
The installer from the site was scanned and the detections are fairly poor.
Virus total Scan Result: 6/31 (19.36%)
AntiVir 7.6.0.81 2008.04.05 TR/Dldr.Zlob.12800
Authentium 4.93.8 2008.04.05 W32/Downldr2.BMKO
eSafe 7.0.15.0 2008.04.01 suspicious Trojan/Worm
F-Prot 4.4.2.54 2008.04.05 W32/Downldr2.BMKO
Microsoft 1.3408 2008.04.05 TrojanDownloader:Win32/Zlob.AMP
Webwasher-Gateway 6.6.2 2008.04.05 Trojan.Dldr.Zlob.12800
Virus total Scan Result: 6/31 (19.36%)
AntiVir 7.6.0.81 2008.04.05 TR/Dldr.Zlob.12800
Authentium 4.93.8 2008.04.05 W32/Downldr2.BMKO
eSafe 7.0.15.0 2008.04.01 suspicious Trojan/Worm
F-Prot 4.4.2.54 2008.04.05 W32/Downldr2.BMKO
Microsoft 1.3408 2008.04.05 TrojanDownloader:Win32/Zlob.AMP
Webwasher-Gateway 6.6.2 2008.04.05 Trojan.Dldr.Zlob.12800
Update on XP AntiSpyware /XP AntiVirus Scam
The scam group has started two new sites for distributing the rogue security application.
Site Name: XPEnprotect.com
IP Address: 67.228.137.29
Site Name: Onlinexpscanner.com
IP Address: 67.228.137.29
The site XPEnprotect.com redirects the user to Onlinexpscanner.com site which is a new fake/scare scan scam page trying to push push XPAntiVirus Rogue Security application.
[Edited on 13th April]
A new Fake/scare site pushing XPAntiVirus Rogue Security application.
Stay away from these sites.
Bharath M N
Site Name: XPEnprotect.com
IP Address: 67.228.137.29
Site Name: Onlinexpscanner.com
IP Address: 67.228.137.29
The site XPEnprotect.com redirects the user to Onlinexpscanner.com site which is a new fake/scare scan scam page trying to push push XPAntiVirus Rogue Security application.
[Edited on 13th April]
A new Fake/scare site pushing XPAntiVirus Rogue Security application.
Site Name: WindowZScanner.com
IP Address: 58.65.238.122
Registrar: ESTDOMAINS, INC.
IP Address: 58.65.238.122
Registrar: ESTDOMAINS, INC.
Stay away from these sites.
Bharath M N
