Antivirus 2008 fake antivirus software
August 15, 2008 | Malware, Rogues
Antivirus 2008 is a fake antivirus software. Stay away from following domains and IPs of Antivirus 2008.
Host: fullscanner.com
IP: 66.232.126.192
Whois of IP 66.232.126.192 distributing fake antispyware Antivirus 2008 :
OrgName: NOC4Hosts Inc.
OrgID: NOC4H
Address: 400 N Tampa St
Address: #1025
City: Tampa
StateProv: FL
PostalCode: 33602
Country: USRAbuseHandle: NAA7-ARIN
RAbuseName: Noc4Hosts Abuse Admin
RAbusePhone: +1-877-801-1443
RAbuseEmail: abuse@noc4hosts.com
| File antivirus_1_.v.1.0.exe received on 08.15.2008 13:05:52 (CET) | |||
| Antivirus | Version | Last Update | Result |
| AhnLab-V3 | 2008.8.15.0 | 2008.08.14 | - |
| AntiVir | 7.8.1.19 | 2008.08.15 | - |
| Authentium | 5.1.0.4 | 2008.08.15 | - |
| Avast | 4.8.1195.0 | 2008.08.14 | - |
| AVG | 8.0.0.161 | 2008.08.15 | - |
| BitDefender | 7.2 | 2008.08.15 | - |
| CAT-QuickHeal | 9.50 | 2008.08.14 | - |
| ClamAV | 0.93.1 | 2008.08.15 | - |
| DrWeb | 4.44.0.09170 | 2008.08.15 | Trojan.DownLoad.3545 |
| eSafe | 7.0.17.0 | 2008.08.14 | - |
| eTrust-Vet | 31.6.6034 | 2008.08.15 | - |
| Ewido | 4.0 | 2008.08.15 | - |
| F-Prot | 4.4.4.56 | 2008.08.15 | - |
| F-Secure | 7.60.13501.0 | 2008.08.15 | - |
| Fortinet | 3.14.0.0 | 2008.08.15 | - |
| GData | 2.0.7306.1023 | 2008.08.15 | - |
| Ikarus | T3.1.1.34.0 | 2008.08.15 | - |
| K7AntiVirus | 7.10.415 | 2008.08.14 | - |
| Kaspersky | 7.0.0.125 | 2008.08.15 | - |
| McAfee | 5361 | 2008.08.14 | - |
| Microsoft | 1.3807 | 2008.08.15 | - |
| NOD32v2 | 3358 | 2008.08.15 | - |
| Norman | 5.80.02 | 2008.08.14 | - |
| Panda | 9.0.0.4 | 2008.08.15 | - |
| PCTools | 4.4.2.0 | 2008.08.14 | - |
| Prevx1 | V2 | 2008.08.15 | Suspicious |
| Rising | 20.57.42.00 | 2008.08.15 | - |
| Sophos | 4.32.0 | 2008.08.15 | - |
| Sunbelt | 3.1.1546.1 | 2008.08.15 | - |
| Symantec | 10 | 2008.08.15 | - |
| TheHacker | 6.3.0.3.046 | 2008.08.13 | - |
| TrendMicro | 8.700.0.1004 | 2008.08.15 | Possible_DLDER |
| VBA32 | 3.12.8.3 | 2008.08.14 | - |
| ViRobot | 2008.8.14.1337 | 2008.08.14 | - |
| VirusBuster | 4.5.11.0 | 2008.08.14 | - |
| Webwasher-Gateway | 6.6.2 | 2008.08.15 | - |
| Additional information | |||
| File size: 87044 bytes | |||
| MD5…: 26491d41d576f70d699b8346bd8281f9 | |||
| SHA1..: 29af79b3c4806cfa5272fe355c9f91eab550615e | |||
| SHA256: 0e00648b0c65bc2b98192ee4860e8e0fba9e7f99781e7f1f7ede65e55e5096a4 | |||
| SHA512: f164e7864f43945609826e92ea009afd7a08d8db30f4c515368d58637ff5e08e 6ac610f8d5eac4418d305ba3cc3370a4b29e367fbe13b01270c6a4171c9c3b33 |
|||
| PEiD..: Armadillo v1.71 | |||
| Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=22A0ACFD040AF20B547801AE21E81100EC6E6964 | |||
| File AntvrsInstall.exe received on 08.15.2008 13:09:24 (CET) | |||
| Antivirus | Version | Last Update | Result |
| AhnLab-V3 | 2008.8.15.0 | 2008.08.14 | - |
| AntiVir | 7.8.1.19 | 2008.08.15 | - |
| Authentium | 5.1.0.4 | 2008.08.15 | - |
| Avast | 4.8.1195.0 | 2008.08.14 | - |
| AVG | 8.0.0.161 | 2008.08.15 | - |
| BitDefender | 7.2 | 2008.08.15 | MemScan:Adware.Winantivirus.Y |
| CAT-QuickHeal | 9.50 | 2008.08.14 | (Suspicious) - DNAScan |
| ClamAV | 0.93.1 | 2008.08.15 | - |
| DrWeb | 4.44.0.09170 | 2008.08.15 | - |
| eSafe | 7.0.17.0 | 2008.08.14 | - |
| eTrust-Vet | 31.6.6034 | 2008.08.15 | - |
| Ewido | 4.0 | 2008.08.15 | - |
| F-Prot | 4.4.4.56 | 2008.08.15 | - |
| F-Secure | 7.60.13501.0 | 2008.08.15 | - |
| Fortinet | 3.14.0.0 | 2008.08.15 | - |
| GData | 2.0.7306.1023 | 2008.08.15 | - |
| Ikarus | T3.1.1.34.0 | 2008.08.15 | - |
| K7AntiVirus | 7.10.415 | 2008.08.14 | - |
| Kaspersky | 7.0.0.125 | 2008.08.15 | - |
| McAfee | 5361 | 2008.08.14 | - |
| Microsoft | 1.3807 | 2008.08.15 | - |
| NOD32v2 | 3358 | 2008.08.15 | - |
| Norman | 5.80.02 | 2008.08.14 | - |
| Panda | 9.0.0.4 | 2008.08.15 | - |
| PCTools | 4.4.2.0 | 2008.08.14 | - |
| Prevx1 | V2 | 2008.08.15 | Fraudulent Security Program |
| Rising | 20.57.42.00 | 2008.08.15 | - |
| Sophos | 4.32.0 | 2008.08.15 | - |
| Sunbelt | 3.1.1546.1 | 2008.08.15 | - |
| Symantec | 10 | 2008.08.15 | - |
| TheHacker | 6.3.0.3.046 | 2008.08.13 | - |
| TrendMicro | 8.700.0.1004 | 2008.08.15 | - |
| VBA32 | 3.12.8.3 | 2008.08.14 | - |
| ViRobot | 2008.8.14.1337 | 2008.08.14 | - |
| VirusBuster | 4.5.11.0 | 2008.08.14 | - |
| Webwasher-Gateway | 6.6.2 | 2008.08.15 | - |
| Additional information | |||
| File size: 106496 bytes | |||
| MD5…: dd8eaa74ca6686b71c7852a775971d2c | |||
| SHA1..: 7b6cdab7dbc1f7db085a954b894a07f04c9f5f4a | |||
| SHA256: cbd654e6af9f8ac4dbdc92144115250c0fabcaec9bafdb90617ab30c2fbb6da7 | |||
| SHA512: 2cbfae09719c47a6c44b2fe50fdf8c2bad4378fe45ed598af2b941ed57a256dc f8460b64ee0aa8a6005aa152065f281c8273392b500f38b0a80236b56d8da4e4 |
|||
| PEiD..: - | |||
| ThreatExpert info: http://www.threatexpert.com/report.aspx?md5=dd8eaa74ca6686b71c7852a775971d2c | |||
| Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=33A92B9800F7683CA0D5013972894C00D5432BFE | |||
Host: download-base.com
IP: 66.232.126.193
Whois of IP 66.232.126.193 distributing fake antispyware Antivirus 2008:
OrgName: NOC4Hosts Inc.
OrgID: NOC4H
Address: 400 N Tampa St
Address: #1025
City: Tampa
StateProv: FL
PostalCode: 33602
Country: USRAbuseHandle: NAA7-ARIN
RAbuseName: Noc4Hosts Abuse Admin
RAbusePhone: +1-877-801-1443
RAbuseEmail: abuse@noc4hosts.com
Host: softupdat.com
IP: 74.50.117.84
Whois:
OrgName: NOC4Hosts Inc.
OrgID: NOC4H
Address: 400 N Tampa St
Address: #1025
City: Tampa
StateProv: FL
PostalCode: 33602
Country: USRAbuseHandle: NAA7-ARIN
RAbuseName: Noc4Hosts Abuse Admin
RAbusePhone: +1-877-801-1443
RAbuseEmail: abuse@noc4hosts.com
Other sites:
1. 1st-tube.com
2. Best-cracks.com
3. Codechost.com
4. Codecupgrade.com
5. Crack-all.com
6. Crack-expert.com
7. Crack-land.com
8. Freemoviesdb.net
9. Just-tube.com
10. Karachun.net
11. Megasoftportal.net
12. Muzdownload.com
13. Porntubev20.com
14. Pro-scanner.com
15. Scanner-pro.com
16. Scanner-tool.com
17. Showconz.com
18. Softupdat.com
19. Stopbadware2008.com
20. Surf-scanner.com
21. Unlimdownloads.com
22. Updatehost.com
23. Winantivirus2008.org
24. Celebs-on-video.com
Host: top-pc-scanner.com
IP: 91.203.92.49
Whois:
organisation: ORG-TG39-RIPE
org-name: UATELECOM LLC
org-type: OTHER
address: Ukraine
address: Voznesensk
address: Lenina 52
phone: +380963801321
phone: +380963801326
fax-no: +380963801326
abuse-mailbox: abuse@uatelecom.com.ua
Host: beststatistic.com
IP: 216.255.186.82
Whois:
OrgName: InterCage, Inc.
OrgID: INTER-359
Address: 810 Oak Grove Road #86
City: Concord
StateProv: CA
PostalCode: 94518
Country: US
OrgAbuseHandle: ABUSE735-ARIN
OrgAbuseName: Abuse Department
OrgAbusePhone: +1-925-550-3947
OrgAbuseEmail: abuse@intercage.com
Other sites on this IP:
1. Beststatistic.com
2. Rareporn.net
Host: secure.billingware.net
IP: 84.243.253.220
Whois of IP 84.243.253.220 of domain secure.billingware.net selling pseudo antivirus Antivirus 2008 :
netname: GFX-CUST-WORLDSTREAM
descr: WorldStream ip-block 3
org: ORG-WS14-RIPE
country: NL
admin-c: GFX-RIPE
tech-c: GFX-RIPE
status: ASSIGNED PA
mnt-by: GFX-MNT
source: RIPE # Filteredorganisation: ORG-WS14-RIPE
org-name: WorldStream2
org-type: OTHER
address: Dijkweg 127c
address: 2675 AC Honselersdijk
address: The Netherlands
phone: +31 70 755 1131
abuse-mailbox: abuse@worldstream.nl
mnt-ref: GFX-MNT
mnt-by: GFX-MNT
source: RIPE # Filteredrole: GrafiX NOC
org: ORG-GIB1-RIPE
address: GrafiX Internet B.V.
address: Stationsplein 20
address: 2907 MJ Capelle aan den IJssel
phone: +31 10 2640210
fax-no: +31 10 2640211
abuse-mailbox: abuse@grafix.nl
Other sites on IP 84.243.253.220 of domain secure.billingware.net selling fake antivirus Antivirus 2008:
1. Anonymbrowser.com
2. Best-payments.net
3. Bestpaymentsolution.net
4. Billingbit.com
5. Billingbridge.com
6. Billinghlp.com
7. Billingware.net
8. Blablahost.com
9. Direct-billing.com
10. Errordigger.com
11. Errorinspector.com
12. Internetsupernanny.com
13. Passwordinspector.com
14. Pctotaldefender.com
15. Sellmosoft.net
16. Softwarepayments.net
17. Statsgod.com
18. Winbugfixer.com
Related Posts :
CleanThe.Net Recommends - Kaspersky Antivirus. Remove Virus Now!
One Response to “Antivirus 2008 fake antivirus software”
someone said on Aug 19, 2008:
MESSAGE to the one who created the spyware ,the programs VirusRemover2008 ,,Internet Antivirus,XP-Guard, Power Antivirus 2009 etc.the fake companies Enigma Software Group inc, City Loan inc. ,eSafeBill,GeoTrust etc. and other websites like SuperAntiSpyware.com,Malwarebytes.org,2-spyware.com,xp-vista.com etc.:
Your spyware infected to many computers(mine was infected 6 times by it) and to many people got ripped-of by you.
By the end of this month (august 2008) I will make a website dedicated to inform people about your “business”.
I will post in every major forum , smaller forums , other websites and I will make a video and post it on youTube ,metacafe and others.
The website will also contain a list of people who were ripped-of by you.When the list will be long enough we will contact the police,and they will track you down.
P.S. I’m serious about this and I will invest time and money and I want to see you in jail.
If you want to contact me for some reason here is my e-mail address: amentis100@gmail.com, if you want to hack into my computer and have revenge here is my IP address : 192.168.27.223 ,subnet mask 225.225.225.224 ,hardware adress 00:01:09:C1:12:DC (oh..and I have Linux now and dynamic IP,this will be challenging for you,from what I”ve saw you must be a very clever)