A list of Malicious sites
Zlob Trojan Distributing site:
Site Name: Releasedvideo.com
IP Address: 77.91.231.201
Site Name: Videoexternal.com
IP Address: 85.255.120.110
Zlob Component sites:
Site Name: Ihatemondayand.com
IP Address: 85.255.117.204
www.Ihatemondayand. com/get.php?partner= -> downloads Antispycheck Rogue security application
WinSpywareProtect rogue distributing sites:
Scare/Fake scanner page:
Site Name: Scan.Wsp2008scanner.com
IP Address: 85.255.119.146
The installer is downloaded from the following site:
Site Name: Dwl.getwsp.com
IP Address: 85.255.118.66
SpyShedder rogue distributing site
Site Name: Shredder-scan.com
IP Address: 91.208.0.243
WinXDefender rogue distributing site
Site Name: Win-x-defenders.com
IP Address: 91.208.0.243
The site Win-x-defender.com also shares the same IP Address.
Win Antivir 2008
Win Antivir 2008 is the latest rogue security application from SpywareNo/SpySheriff family. Its a near clone of WinXSecurityCenter rogue security application.
Site Name: Win-antivir-2008.com
IP Address: 91.208.0.234
Screenshot of Win Antivir 2008 site
Screenshot of Scare/Fake scanner page used by Win Antivir 2008
Screenshot of Win Antivir 2008 application
Win Antivirus 2008
Win Antivirus 2008 is a near clone of Win Antivir 2008 rogue security application.
Site Name: Win-antivirus-2008.com
IP Address: 91.208.0.253
Screenshot of Win Antivirus 2008 application
WinDefender 2008
WinDefender 2008 is a rogue security application.
Site Name: Win-defender.com
IP Address: 207.226.179.162
Screenshot of Scare/Fake scanner page used by WinDefender 2008
Screenshot of WinDefender 2008 application
Following are the sites involved in this scam
Site Name:
Trafficrotator.netIP Address: 207.226.179.165
Reference:
Trafficrotator. net/MTAwNg== which further redirects to one of the following Scare/Fake scanner sites
Site Name:
Internetscannerlive.comSite Name:
Netscannerlive.comSite Name:
Webscanneronline.comIP Address: 207.226.179.163
The following sites are also involved in distributing
WinDefender 2008 rogue security application
Site Name:
Dns-problem.comIP Address: 207.226.179.147
Dns-problem. com site is a fake DNS error page which redirects to
WinDefender 2008 registration page. Heads up to
Malekal for posting it
Site Name:
Registerwindefender.comIP Address: 207.226.179.148
Stay away from all these sites.
Bharath M N