Rouge Security Tools

94.102.63.61

additional-guard.com

pay1.livepcguard.com

pay1.safeantivirus.net

pay2.additionalguard.net

pay2.windowsenterprisesuite.com

paymentsafety.net

safetypayment.net

systemmdefender.com

systemonlinepayment.com

windowspcdefender.net

your-securepayment.com

94.102.63.62

livepcguard.com

mypcdefender.net

pay1.enterprisedefender.net

safety-payment.net

safetypayments.net

windows-protectionsuite.net

windowsadditionalguard.net

windowsenterprisesuite.net

94.102.63.63

pay2.windowspcdefender.net

94.102.63.64

cleanupantivirus.com

payment-safety.net

systemmguard.com

windowssystemsuite.com

94.102.63.65

pay1.windowsadditionalguard.net

pay2.mypcdefender.net

pay2.windowsguard-pro.com

pcliveguard.com

ultimaguard.com

windowsenterprisesuite.com

windowspc-defender.com

94.102.63.66

enterprisedefender.net

pay2.protectionsuite.net

windowsmechanic.net

94.102.63.67

additionalguard.net

mysecuritywall.com

pay2.pcliveguard.com

securityantivirus.net

smartmechanic.net

update1.windowsenterprisesuite.net

windowssystemdefender.com

94.102.63.68

pay1.windowsenterprisedefender.net

pay2.enterprisedefender.net

pay2.ultimaguard.com

pay2.windowspc-defender.com

94.102.63.69

safeantivirus.net

94.102.63.131

godeepscan.com

goscandeep.com

goscanfew.com

woptimizer.com

www.woptimizer.com

94.102.63.132

hostmaster.lessecurepay.com

lessecurepay.com

AVG & Avast Rouge Antivirus

97.74.26.128

abengineers.net

agilist.net

airplanefood.net

alvinslaughter.net

ancoustics.com

angrylobster.net

appsight.net

arbiteronline.com

artrl.com

avast-downloads.com

bellaarte.net

bgav.net

biblestudyonline.net

bobsite.net

bourncreative.net

bradleyandco.net

brazilvisaservice.net

brianvastag.net

britishf3.net

cadastrar.net

camplakewood.net

carbonclothing.net

chattanoogapulse.com

chickflix.net

chrisnliz.com

cibernovios.net

clevercube.net

cocktailconfessions.com

corp8.net

cortesi.com

crimeinamerica.net

csscweb.com

cyberquill.com

dfwfanforce.net

diverticulitis.net

doublewdesigns.net

dtpnetwork.net

eastcoastvideo.net

eavey.com

eavey.net

eavey.org

ebayguides.net

ebusinesses.com

elev8.net

ericandemily.net

evliving.com

fourseasonsclub.net

freedomtodiffer.com

gaypatriot.net

geoffhuegill.com

getblog.net

ginkworld.net

grafxnerd.net

gravitydropper.net

happytribe.net

helotesherald.com

hispanic-advertising.net

houxi.net

hvammur.net

ilvicino.com

iotanusigma.com

jello-dashboard.net

juicycouturehandbags.net

justanotherwebsite.net

lakelandniles.net

learningoutloud.net

legacy-films.net

lenkaland.com

lifeisfucked.com

lifestorywriting.net

lifewithkids.net

logoworksonline.com

losttreasurefound.net

majormalfunction.net

mallabo.net

mcboy.net

medconnectusa.net

mobipro.net

myspacedomains.net

nancyawilliams.com

newgecko.net

othrwrld.net

platinumvoice.com

ppalaw.net

prescriptivefitness.net

r2-digital.com

ratliffdesign.net

realestatesmarts.net

reasons4faith.net

rebeccacarroll.net

redmondfundinc.com

remotegeeks.net

ronrevog.com

ronsplumbing.net

roxycreative.com

ryangreenawalt.net

ryanpatrick.net

salmela.com

satanya.net

scottdonaldson.net

secure-sys.net

siniglesia.net

softserveicecreammachine.net

solr.net

soundmachine.net

stockhelp.net

sutlej.net

talesofwoe.net

thebradley.net

thedanceman.net

theurbanprincess.net

torontodowntown.net

transportationins.net

trusoul.net

ulcerativecolitistreatment.net

vanbid.com

vegashomesandcondos.net

wayk.net

worldfamousrecipes.net

www.arbiteronline.com

xn--9dbaie5ab2d.net

62.213.100.40

2008ares.com

360-share-music.com

avast-fr.com

avgnow.net

bearshare-uk.com

bearshare-usa.com

download-it-free.com

earth2009.com

free-mp3-share.com

free-music-page.com

soft-download-area.com

www.2008ares.com

www.bearshare-uk.com

www.bearshare-usa.com

www.earth2009.com

www.free-mp3-share.com

www.free-music-page.com

www.soft-download-area.com

62.213.100.140

10xdownloads.com

360torrent.com

avast-online.com

get-idownload.com

idownloadall.com

idownloadunlimited.com

inowdownload.com

ipod-wizard.com

ltunes.net

musicsoftwaresite.com

nowdownloadall.com

nowfreedownloads.com

onlineccpay.com

rapid-downloads.com

summer-olympics-tv.com

tunes-pro.com

www-free-tunes.com

www.10xdownloads.com

www.get-idownload.com

www.idownloadall.com

www.idownloadunlimited.com

www.inowdownload.com

www.ipod-wizard.com

www.musicsoftwaresite.com

www.nowdownloadall.com

www.nowfreedownloads.com

www.rapid-downloads.com

www.summer-olympics-tv.com

www.www-free-tunes.com

www.your-tv-online.com

your-tv-online.com

12.97.188.51

avg-for-free.com

borderscrossing.net

dalecalvert.com

gvo18851.gvodatacenter.com

informatikstellen.net

ingenieur-im.net

mlmhelp.com

onlinedatingsecretfriends.com

scottishlists.com

solarpowerenergygeneration.net

stellenbeschreibung.net

stellenprofil.net

tarrytownaustinrealestate.com

topstellen.net

verlag.com

Blackhat SEO with BitDefender Trojan.FakeAlert.5, CleanUp Antivirus

BitDefender's False Alarm signature that released on last week, causing several Windows and BitDefender self files as infected as "Trojan.FakeAlert.5". Unfortunately, bad guys use this events to spread their malicious code by SEO-ing keywords related to "Trojan.FakeAlert.5".Without suprise, this SEO successfully gain first link of first page once user key-in the keyword from Google Search.

Screen shot showing the rogue antivirus.

The installer file (hash:a25c5edccb402b9f9421279b93b6229a) gain low detection according to VT

User need to pay if want to cleanup the malicious that displayed in rouge antivirus.

Related malicious link:

hxxp://whatchusay.com/presentation/trojan.fakealert.5.html

hxxp://www1.hir-tosafemypcnow.in/?uid=290&pid=3&ttl=4164d639601

hxxp://www1.nemo-cureforthispc.in/?p=p52dcWptaF%2FCj8bYbnOCdVik12qYVp%2FZatrau4FdlJ%2FJnsWYe3lvWqyopHaVXpqalWZgbWholVPVpJHaotahlFeob1zZytell3FfmqGgnXaHo83LqG1TnaJ1ll6aXmGXXpGamV9oY2iL08ifb5ytqKhuZ2jYpNuUmJ%2Bcm56dkpDRnV7TppLXyJKplZ6kyc92l6JflaWkc6zQotbJlm2VpFiZ0Z2doW26n9LOxJ9leJfQxqSll6atYm1amabRaNHLpZFqWpOl1GjDoW3MU8TR02yYo5%2BiyJRpWJWmpHOVqaWeU8XToWucpW9exZrSa5fZjNXKxJp0WKrYnpRraG1rZm5obW%2BHodeYbmFfamtqlmOWZWaMkMahsIo%3D

Rogue Security Tools - RegGenie Registry Cleaner

IP Address: 205.234.141.65

Hostnames: www.privacy-genie.com



IP Address: 205.234.141.66

Hostnames share same IP address:

reggenie.com
www.reggenie.com

Phishing -- MSN, Hotmail, Microsoft, xbox security

IP Address: 65.55.39.12

Hostnames sharing same IP address:

00001001.dk
00001001.org
70725-www.frxsoftware.com
aa-autoroute.com
ageofmythology.com.br
bk2-msv-ibox1.hmblack.com
bnexus.com.br
businessportal.com.br
buywindowsce.com
centrotecnologiamicrosoft.com.br
codeplex.net
counter-strick.com
counter-striker.com
counterstrikeplanet.com
ctxml.com.br
daxbox.com
desktopxp.com.br
directaccess.com.br
educadoresemrede.com.br
encarata.com
encardaencyclopedia.com
encartaenyclopedia.com
encartamsm.com
encataencyclopedia.com
excelmiel.com
exchange.net
fandjdesign.com
forefront.net
frxsoftware.com
geeksoft.com
halothehatgallery.com
hhotmail.com
hmblack.com
hmgold.com
hotmai.com
hotmail.ag
hotmail.biz
hotmail.cd
hotmail.hn
hotmail.ky
hotmail.nf
hotmail.sc
hotmail.tj
hotmeil.com
htomail.com
imagine-windowslive.com.br
imagine-wl.com.br
inovared.com.br
j2messenger.com
k52.daxbox.com
kampf-der-zettelwirtschaft.de
lawofficelive.com
lookupandsmile.com
macrosoft.com.br
mail.lawofficelive.com
mail.microsoftgovernment.com
mail.navision.fr
mappoint.de
mbn.com.br
mcse-certified.com
microsfot.com
microsoft-developer.com
microsoft-window.com
microsoftbusinessnetwork.com.br
microsoftbusinesssolution.com.br
microsoftbusinesssolutions.com.br
microsoftcertified.com
microsoftexplorer.com
microsoftgovernment.com
microsoftpassport.net
micrsoft.com
mikerowesoft.com
mircrosoft.com
miscrosoft.com
msdnflash.com
msnmoney.de
msplanning.ru
navision-1.navision.fr
navision-2.navision.fr
navision-4.navision.fr
navision-5.navision.fr
navision-broad.navision.fr
navision-nat.navision.fr
navision-net.navision.fr
navision.fr
newmsn.com
ns.forefront.net
ns1.xbox360-ireland.com
ns2.xbox360-ireland.com
outlookexpres.com
parceirosnaaprendizagem.com.br
performatix.com
playmsn.com.br
programmieren-fuer-alle.de
replawindows.com
startsomething.com
thespoke.net
threedegrees-hmopslab.com
threedegrees.com
threedegrees.de
updates-microsoft.com
vertigles.com
vhive.com
vxtreme.com
windows-help.com
windows.mobi
windows07.com.br
windowsonline.com.br
windowsupdate.com.br
www.htomail.com
www.microsoft-developer.com
www.msdnflash.com
www.newmsn.com
www.replawindows.com
www.threedegrees-hmopslab.com
www.threedegrees.de
www.vxtreme.com
www.windows-help.com
www2.threedegrees.com
www2.threedegrees.de
wwwhotmail.com
xbox360-ireland.com

WoW Phishing

IP Address: 173.224.208.13

Hostnames:
game.worldofwarcraft-llc.com
worldofwarcraft-ll.com

Spam ** 07-March-10

Spams that flooded in my daily Inbox.

www.localactiondating.com
www.grefills7.com
www.vorkelni.com
www.znaijdexo.com
fukin4fun.net
mkl.placepillsjob.com?zk
canadapharmacyonline.com.cn
www.aredirect.ru
www.onudkulti.com
www.jaypeyvve.com
ijs.rxonline24.com?ojq
www.solvetruck.com
www.solvewhite.com
www.viagrow-sale.com
www.brefills2.com
www.rxrefill-07.com
f161891.duckminute.ru
7d316.liquidwhile.ru
7c0e3a8fb357.solvefizz.ru
b2d7665eddd120c.trainfound.ru
b3e0917d8c.cellhard.ru
fccd4baffbbdb8.sayeager.ru
76015329d314.hugeraise.ru
f885a61073.cleanmodest.ru
c73aabf2.handboat.ru
c72bb1111e6.socell.ru
tre.emv3.comHS?
9f9a9f.paintride.ru
290aa344cb8379d.ledeast.ru
d16f1687705fb.inventhow.ru
e10ada.dresstable.ru
8e134c4b4ecc467.gardenspoke.ru
50ede4c6b70e2.storysay.ru
d193c300ea906b0.quzixenov.cn
07c83.peakrenown.ru
7a5cfd32dc274e.theremove.ru
389b5ee9feaaa17.landfire.ru
58418dc23f3bd.sincesolve.ru
8e3e64f2dd981.railpose.ru
2b08130d0c.hascity.ru
fyad.org10hre
b7644f.tinyroot.ru
f9edc657fb9d.endthink.ru
04f16fc1a0bf72e.heartbits.ru
df7bdb6.choosetingle.ru
e66f62d2e4cdf.yibohidum.cn
8ddaa8.puporodat.cn
c72da9ecd0.zoriduwaq.cn
www.jackpotspree.net
a07a339acf88c.bibigemos.cn
352caff98.desertgreat.ru
29f174354f53f.relaxfinest.ru
c76b4a2c918a.cornseed.ru
88712.ohbeauty.ru
gkh.fafuseqiq.cn
5d67c3b9acaff3.wifelook.ru
02505.waitwhose.ru
c268c.samerange.ru
1da38cba1322d.chairrange.ru
0b3aa64.prizeprove.ru
073401fda70d.shoeswell.ru
b8b68b4a30.actalive.ru
75b6a75f.guidepure.ru
8188164f89.richcell.ru
0ad50d1812.groupplane.ru
831b1944241.flowguide.ru
9bf3dd25eb7.cuddlymeek.ru
be9791dd3f68.southsuperb.ru
b491cdba4edb066.valleyfound.ru
8f448f3e7bd.poundanswer.ru
23c21095ce49cd.hearspread.ru
8109fbda833303.famousdoor.ru
330cf5d214bd3.poemfoot.ru
164ac.chordwait.ru
c0af17.chordlate.ru
dc581406.yulestreet.ru
85b439de60c49.cottonorgan.ru
75130dcf.sensecolor.ru
3508ae.quietlevel.ru
846a88.kecejazos.cn
hrz.ultimatepharmdrive.com
f58a6fc2e472.wuzagutok.cn
8ea660659942a6.demuqoxim.cn
9a7d028caf52.teachwall.ru
6087781d9e5e.thelate.ru
18a335065bae4.threeglad.ru
ireporters.keyringl.net
e55eab.majornew.ru
61cfe24faf79a4b.squaretingle.ru
764db.thingtiny.ru
b72987832.loftygather.ru
3d8784b608f26f.causewell.ru
5636e549f53.thingstood.ru
76d67.thanmeet.ru
b58b85c978d7aa.politecotton.ru
free-bizzz.comindex.php
22696541099b9b7.studybeat.ru
3c813edb0.coursestood.ru
a62c76edfcddc06.classeach.ru
529e965c9d43a.dimplemuch.ru
16cb7cc.lookfriend.ru
51c0f1c10a85.creasesexy.ru
97142.supplyperson.ru
ac844465ee7.jewelband.ru
7169d.lakereach.ru
61e85d2.helpparent.ru
ad5c53c9453731a.pullfinish.ru
9d02fc69b734f88.smoothjoin.ru
c8786521f53f178.meantdrink.ru
4d129fc1997.gigglespruce.ru
c1f3d8ce084df1.didschool.ru
2cb911c30.deluxequart.ru
6fb7aa6dc3385d.settlesudden.ru
8ce06af668e3bb.loftyflower.ru
b2b8fec4529ef.aglowdecide.ru
b3013932.behindby.ru
5b753b.oilraise.ru
fc571ee6cda5.mayfeed.ru
f767b848319.rosewill.ru
91a6a820850c891.rangetoward.ru
638c9a120.salttop.ru
15d2b3d41020d17.breakrenown.ru
eed6644ecd.renownverb.ru
cf36912.boardmove.ru
235811.wintermonth.ru
e5f7322d89.nowgentle.ru
d7f5ce46a7.fizzable.ru
163dfc11a91.factpalate.ru
9e030191b.multimakey.ru
4626bb00fec37.marketrace.ru
cb9060e65.inventbroad.ru
4fbff46f6547.piecedrop.ru
aae19734f.rubgolden.ru
760000ef9c4d.exoticswell.ru
b23588b9dd4dd43.lucidtrain.ru
ca35dd3efce.pearlput.ru
dab256de9d11.caretop.ru
27459fded1668.ropespace.ru
2f4057da.backson.ru
85464d2.designwow.ru
a9fc169.werise.ru