Antivirus 2008 fake antivirus software
August 15, 2008 | Malware, Rogues
Antivirus 2008 is a fake antivirus software. Stay away from following domains and IPs of Antivirus 2008.
Host: fullscanner.com
IP: 66.232.126.192
Whois of IP 66.232.126.192 distributing fake antispyware Antivirus 2008 :
OrgName: NOC4Hosts Inc.
OrgID: NOC4H
Address: 400 N Tampa St
Address: #1025
City: Tampa
StateProv: FL
PostalCode: 33602
Country: USRAbuseHandle: NAA7-ARIN
RAbuseName: Noc4Hosts Abuse Admin
RAbusePhone: +1-877-801-1443
RAbuseEmail: abuse@noc4hosts.com
| File antivirus_1_.v.1.0.exe received on 08.15.2008 13:05:52 (CET) | |||
| Antivirus | Version | Last Update | Result |
| AhnLab-V3 | 2008.8.15.0 | 2008.08.14 | - |
| AntiVir | 7.8.1.19 | 2008.08.15 | - |
| Authentium | 5.1.0.4 | 2008.08.15 | - |
| Avast | 4.8.1195.0 | 2008.08.14 | - |
| AVG | 8.0.0.161 | 2008.08.15 | - |
| BitDefender | 7.2 | 2008.08.15 | - |
| CAT-QuickHeal | 9.50 | 2008.08.14 | - |
| ClamAV | 0.93.1 | 2008.08.15 | - |
| DrWeb | 4.44.0.09170 | 2008.08.15 | Trojan.DownLoad.3545 |
| eSafe | 7.0.17.0 | 2008.08.14 | - |
| eTrust-Vet | 31.6.6034 | 2008.08.15 | - |
| Ewido | 4.0 | 2008.08.15 | - |
| F-Prot | 4.4.4.56 | 2008.08.15 | - |
| F-Secure | 7.60.13501.0 | 2008.08.15 | - |
| Fortinet | 3.14.0.0 | 2008.08.15 | - |
| GData | 2.0.7306.1023 | 2008.08.15 | - |
| Ikarus | T3.1.1.34.0 | 2008.08.15 | - |
| K7AntiVirus | 7.10.415 | 2008.08.14 | - |
| Kaspersky | 7.0.0.125 | 2008.08.15 | - |
| McAfee | 5361 | 2008.08.14 | - |
| Microsoft | 1.3807 | 2008.08.15 | - |
| NOD32v2 | 3358 | 2008.08.15 | - |
| Norman | 5.80.02 | 2008.08.14 | - |
| Panda | 9.0.0.4 | 2008.08.15 | - |
| PCTools | 4.4.2.0 | 2008.08.14 | - |
| Prevx1 | V2 | 2008.08.15 | Suspicious |
| Rising | 20.57.42.00 | 2008.08.15 | - |
| Sophos | 4.32.0 | 2008.08.15 | - |
| Sunbelt | 3.1.1546.1 | 2008.08.15 | - |
| Symantec | 10 | 2008.08.15 | - |
| TheHacker | 6.3.0.3.046 | 2008.08.13 | - |
| TrendMicro | 8.700.0.1004 | 2008.08.15 | Possible_DLDER |
| VBA32 | 3.12.8.3 | 2008.08.14 | - |
| ViRobot | 2008.8.14.1337 | 2008.08.14 | - |
| VirusBuster | 4.5.11.0 | 2008.08.14 | - |
| Webwasher-Gateway | 6.6.2 | 2008.08.15 | - |
| Additional information | |||
| File size: 87044 bytes | |||
| MD5…: 26491d41d576f70d699b8346bd8281f9 | |||
| SHA1..: 29af79b3c4806cfa5272fe355c9f91eab550615e | |||
| SHA256: 0e00648b0c65bc2b98192ee4860e8e0fba9e7f99781e7f1f7ede65e55e5096a4 | |||
| SHA512: f164e7864f43945609826e92ea009afd7a08d8db30f4c515368d58637ff5e08e 6ac610f8d5eac4418d305ba3cc3370a4b29e367fbe13b01270c6a4171c9c3b33 |
|||
| PEiD..: Armadillo v1.71 | |||
| Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=22A0ACFD040AF20B547801AE21E81100EC6E6964 | |||
| File AntvrsInstall.exe received on 08.15.2008 13:09:24 (CET) | |||
| Antivirus | Version | Last Update | Result |
| AhnLab-V3 | 2008.8.15.0 | 2008.08.14 | - |
| AntiVir | 7.8.1.19 | 2008.08.15 | - |
| Authentium | 5.1.0.4 | 2008.08.15 | - |
| Avast | 4.8.1195.0 | 2008.08.14 | - |
| AVG | 8.0.0.161 | 2008.08.15 | - |
| BitDefender | 7.2 | 2008.08.15 | MemScan:Adware.Winantivirus.Y |
| CAT-QuickHeal | 9.50 | 2008.08.14 | (Suspicious) - DNAScan |
| ClamAV | 0.93.1 | 2008.08.15 | - |
| DrWeb | 4.44.0.09170 | 2008.08.15 | - |
| eSafe | 7.0.17.0 | 2008.08.14 | - |
| eTrust-Vet | 31.6.6034 | 2008.08.15 | - |
| Ewido | 4.0 | 2008.08.15 | - |
| F-Prot | 4.4.4.56 | 2008.08.15 | - |
| F-Secure | 7.60.13501.0 | 2008.08.15 | - |
| Fortinet | 3.14.0.0 | 2008.08.15 | - |
| GData | 2.0.7306.1023 | 2008.08.15 | - |
| Ikarus | T3.1.1.34.0 | 2008.08.15 | - |
| K7AntiVirus | 7.10.415 | 2008.08.14 | - |
| Kaspersky | 7.0.0.125 | 2008.08.15 | - |
| McAfee | 5361 | 2008.08.14 | - |
| Microsoft | 1.3807 | 2008.08.15 | - |
| NOD32v2 | 3358 | 2008.08.15 | - |
| Norman | 5.80.02 | 2008.08.14 | - |
| Panda | 9.0.0.4 | 2008.08.15 | - |
| PCTools | 4.4.2.0 | 2008.08.14 | - |
| Prevx1 | V2 | 2008.08.15 | Fraudulent Security Program |
| Rising | 20.57.42.00 | 2008.08.15 | - |
| Sophos | 4.32.0 | 2008.08.15 | - |
| Sunbelt | 3.1.1546.1 | 2008.08.15 | - |
| Symantec | 10 | 2008.08.15 | - |
| TheHacker | 6.3.0.3.046 | 2008.08.13 | - |
| TrendMicro | 8.700.0.1004 | 2008.08.15 | - |
| VBA32 | 3.12.8.3 | 2008.08.14 | - |
| ViRobot | 2008.8.14.1337 | 2008.08.14 | - |
| VirusBuster | 4.5.11.0 | 2008.08.14 | - |
| Webwasher-Gateway | 6.6.2 | 2008.08.15 | - |
| Additional information | |||
| File size: 106496 bytes | |||
| MD5…: dd8eaa74ca6686b71c7852a775971d2c | |||
| SHA1..: 7b6cdab7dbc1f7db085a954b894a07f04c9f5f4a | |||
| SHA256: cbd654e6af9f8ac4dbdc92144115250c0fabcaec9bafdb90617ab30c2fbb6da7 | |||
| SHA512: 2cbfae09719c47a6c44b2fe50fdf8c2bad4378fe45ed598af2b941ed57a256dc f8460b64ee0aa8a6005aa152065f281c8273392b500f38b0a80236b56d8da4e4 |
|||
| PEiD..: - | |||
| ThreatExpert info: http://www.threatexpert.com/report.aspx?md5=dd8eaa74ca6686b71c7852a775971d2c | |||
| Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=33A92B9800F7683CA0D5013972894C00D5432BFE | |||
Host: download-base.com
IP: 66.232.126.193
Whois of IP 66.232.126.193 distributing fake antispyware Antivirus 2008:
OrgName: NOC4Hosts Inc.
OrgID: NOC4H
Address: 400 N Tampa St
Address: #1025
City: Tampa
StateProv: FL
PostalCode: 33602
Country: USRAbuseHandle: NAA7-ARIN
RAbuseName: Noc4Hosts Abuse Admin
RAbusePhone: +1-877-801-1443
RAbuseEmail: abuse@noc4hosts.com
Host: softupdat.com
IP: 74.50.117.84
Whois:
OrgName: NOC4Hosts Inc.
OrgID: NOC4H
Address: 400 N Tampa St
Address: #1025
City: Tampa
StateProv: FL
PostalCode: 33602
Country: USRAbuseHandle: NAA7-ARIN
RAbuseName: Noc4Hosts Abuse Admin
RAbusePhone: +1-877-801-1443
RAbuseEmail: abuse@noc4hosts.com
Other sites:
1. 1st-tube.com
2. Best-cracks.com
3. Codechost.com
4. Codecupgrade.com
5. Crack-all.com
6. Crack-expert.com
7. Crack-land.com
8. Freemoviesdb.net
9. Just-tube.com
10. Karachun.net
11. Megasoftportal.net
12. Muzdownload.com
13. Porntubev20.com
14. Pro-scanner.com
15. Scanner-pro.com
16. Scanner-tool.com
17. Showconz.com
18. Softupdat.com
19. Stopbadware2008.com
20. Surf-scanner.com
21. Unlimdownloads.com
22. Updatehost.com
23. Winantivirus2008.org
24. Celebs-on-video.com
Host: top-pc-scanner.com
IP: 91.203.92.49
Whois:
organisation: ORG-TG39-RIPE
org-name: UATELECOM LLC
org-type: OTHER
address: Ukraine
address: Voznesensk
address: Lenina 52
phone: +380963801321
phone: +380963801326
fax-no: +380963801326
abuse-mailbox: abuse@uatelecom.com.ua
Host: beststatistic.com
IP: 216.255.186.82
Whois:
OrgName: InterCage, Inc.
OrgID: INTER-359
Address: 810 Oak Grove Road #86
City: Concord
StateProv: CA
PostalCode: 94518
Country: US
OrgAbuseHandle: ABUSE735-ARIN
OrgAbuseName: Abuse Department
OrgAbusePhone: +1-925-550-3947
OrgAbuseEmail: abuse@intercage.com
Other sites on this IP:
1. Beststatistic.com
2. Rareporn.net
Host: secure.billingware.net
IP: 84.243.253.220
Whois of IP 84.243.253.220 of domain secure.billingware.net selling pseudo antivirus Antivirus 2008 :
netname: GFX-CUST-WORLDSTREAM
descr: WorldStream ip-block 3
org: ORG-WS14-RIPE
country: NL
admin-c: GFX-RIPE
tech-c: GFX-RIPE
status: ASSIGNED PA
mnt-by: GFX-MNT
source: RIPE # Filteredorganisation: ORG-WS14-RIPE
org-name: WorldStream2
org-type: OTHER
address: Dijkweg 127c
address: 2675 AC Honselersdijk
address: The Netherlands
phone: +31 70 755 1131
abuse-mailbox: abuse@worldstream.nl
mnt-ref: GFX-MNT
mnt-by: GFX-MNT
source: RIPE # Filteredrole: GrafiX NOC
org: ORG-GIB1-RIPE
address: GrafiX Internet B.V.
address: Stationsplein 20
address: 2907 MJ Capelle aan den IJssel
phone: +31 10 2640210
fax-no: +31 10 2640211
abuse-mailbox: abuse@grafix.nl
Other sites on IP 84.243.253.220 of domain secure.billingware.net selling fake antivirus Antivirus 2008:
1. Anonymbrowser.com
2. Best-payments.net
3. Bestpaymentsolution.net
4. Billingbit.com
5. Billingbridge.com
6. Billinghlp.com
7. Billingware.net
8. Blablahost.com
9. Direct-billing.com
10. Errordigger.com
11. Errorinspector.com
12. Internetsupernanny.com
13. Passwordinspector.com
14. Pctotaldefender.com
15. Sellmosoft.net
16. Softwarepayments.net
17. Statsgod.com
18. Winbugfixer.com
One Response to “Antivirus 2008 fake antivirus software”
someone said on Aug 19, 2008:
MESSAGE to the one who created the spyware ,the programs VirusRemover2008 ,,Internet Antivirus,XP-Guard, Power Antivirus 2009 etc.the fake companies Enigma Software Group inc, City Loan inc. ,eSafeBill,GeoTrust etc. and other websites like SuperAntiSpyware.com,Malwarebytes.org,2-spyware.com,xp-vista.com etc.:
Your spyware infected to many computers(mine was infected 6 times by it) and to many people got ripped-of by you.
By the end of this month (august 2008) I will make a website dedicated to inform people about your “business”.
I will post in every major forum , smaller forums , other websites and I will make a video and post it on youTube ,metacafe and others.
The website will also contain a list of people who were ripped-of by you.When the list will be long enough we will contact the police,and they will track you down.
P.S. I’m serious about this and I will invest time and money and I want to see you in jail.
If you want to contact me for some reason here is my e-mail address: amentis100@gmail.com, if you want to hack into my computer and have revenge here is my IP address : 192.168.27.223 ,subnet mask 225.225.225.224 ,hardware adress 00:01:09:C1:12:DC (oh..and I have Linux now and dynamic IP,this will be challenging for you,from what I”ve saw you must be a very clever)