[Donna]

antivirus-xp-2008.net
2008antivirusxp.com





Another domain that offer rogue software, AdwareAlert is adware-download.com



The above is a report by Malware Database blog: http://malwaredatabase.net/blog/index.php/...not-equal-safe/ after searching using Google with the keyword "CNN Top 10 XP Antivirus"

Add them to your block list, hosts file or restricted sites.

Whois.. (whoare?)

Domain Name: antivirus-xp-2008.net
Registered at http://www.dynadot.com

Registrant:
Maks Maksimov
Benwell Road, 15-19 Flat 2
London, London N7 7BL
United Kingdom

Administrative Contact:
Maks Maksimov
Benwell Road, 15-19 Flat 2
London, London N7 7BL
United Kingdom
polikarpich@gmail.com
+44 7977484073

Technical Contact:
Maks Maksimov
Benwell Road, 15-19 Flat 2
London, London N7 7BL
United Kingdom
polikarpich@gmail.com
+44 7977484073

Record expires on 2009/08/03 UTC
Record created on 2008/08/03 UTC

Domain servers in listed order:
ns1.dynadot.com
ns2.dynadot.com

Referred to: whois.PublicDomainRegistry.com
By: whois.internic.net

Registration Service Provided By: VIVIDS MEDIA GMBH
Contact: +49.3094413291

Domain Name: 2008ANTIVIRUSXP.COM

Registrant:
PrivacyProtect.org
Domain Admin (contact@privacyprotect.org)
P.O. Box 97
Note - All Postal Mails Rejected, visit Privacyprotect.org
Moergestel
null,5066 ZH
NL
Tel. +45.36946676

Creation Date: 05-Aug-2008
Expiration Date: 05-Aug-2009

Domain servers in listed order:
ns2.pleohost.ru
ns1.pleohost.ru


Administrative Contact:
PrivacyProtect.org
Domain Admin (contact@privacyprotect.org)
P.O. Box 97
Note - All Postal Mails Rejected, visit Privacyprotect.org
Moergestel
null,5066 ZH
NL
Tel. +45.36946676

Technical Contact:
PrivacyProtect.org
Domain Admin (contact@privacyprotect.org)
P.O. Box 97
Note - All Postal Mails Rejected, visit Privacyprotect.org
Moergestel
null,5066 ZH
NL
Tel. +45.36946676

Billing Contact:
PrivacyProtect.org
Domain Admin (contact@privacyprotect.org)
P.O. Box 97
Note - All Postal Mails Rejected, visit Privacyprotect.org
Moergestel
null,5066 ZH
NL
Tel. +45.36946676

Status:ACTIVE

Registrant:
RegisterFly.com - Ref-A# 36971273
4th Floor
Boonton, New Jersey 07005
United States

Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
Domain Name: ADWARE-DOWNLOAD.COM
Created on: 05-Jun-06
Expires on: 05-Jun-10
Last Updated on: 05-Jun-08

Administrative Contact:
- ProtectFly.com, Whois Protection Service info@digitalstudios.com.au
404 Main Street
4th Floor
Boonton, New Jersey 07005
United States
+1.9737362545 Fax -- +1.9737361355

Technical Contact:
- ProtectFly.com, Whois Protection Service anthony@digitalstudios.com.au
404 Main Street
4th Floor
Boonton, New Jersey 07005
United States
+1.9737362545 Fax -- +1.9737361355

Domain servers in listed order:
NS163.WEBSITEWELCOME.COM
NS164.WEBSITEWELCOME.COM

[Donna]

Another one: xp-2008.com

Domain Name: xp-2008.com
Registered at http://www.dynadot.com

Registrant:
Maks Maksimov
Benwell Road, 15-19 Flat 2
London, London N7 7BL
United Kingdom

Administrative Contact:
Maks Maksimov
Benwell Road, 15-19 Flat 2
London, London N7 7BL
United Kingdom
polikarpich@gmail.com
+44 7977484073

Technical Contact:
Maks Maksimov
Benwell Road, 15-19 Flat 2
London, London N7 7BL
United Kingdom
polikarpich@gmail.com
+44 7977484073

Record expires on 2009/08/03 UTC
Record created on 2008/08/03 UTC

Domain servers in listed order:
ns1.dynadot.com
ns2.dynadot.com

[Donna]

And more!

Website preview of below bad domains:


There's 1.25MB of PDF file without other pictures. If you have Noscript in FF, you will not see the photo album:


Better don't go since it's rogue domain



2008-antivirus-free.com
2008-antivirus-free.net
2008-antivirus-software.com
2008-antivirus-software.net
2008-antivirus.net
2008-free-antivirus.com
2008-free-antivirus.net
2008-software-antivirus.com
2008-software-antivirus.net
2008-xp-antivirus.com
2008antivirusfree.com
2008antivirusfree.net
2008antivirussoftware.com
2008antivirussoftware.net
2008antivirusxp.net
2008freeantivirus.com
2008freeantivirus.net
2008softwareantivirus.com
2008softwareantivirus.net
2008xpantivirus.com
2008xpantivirus.net
antivirus-2008-free.com
antivirus-2008-free.net
antivirus-2008-software.com
antivirus-2008-software.net
antivirus-free-2008.com
antivirus-free-2008.net
antivirus-software-2008.com
antivirus-software-2008.net
antivirus2008free.com
antivirus2008free.net
antivirus2008software.com
antivirus2008software.net
antivirus2008xp.net
antivirus2009-software.com
antivirusfree2008.com
antivirusfree2008.net
antivirusgl.com
antivirusprotection.us
free-2008-antivirus.com
free-2008-antivirus.net
free-antivirus-2008.com
free-antivirus-2008.net
free2008antivirus.com
free2008antivirus.net
freeantivirus2008.net
nowantivirus.com
software-2008-antivirus.com
software-2008-antivirus.net
software-antivirus-2008.com
software-antivirus-2008.net
software2008antivirus.com
software2008antivirus.net
softwareantivirus.net
softwareantivirus2008.com
softwareantivirus2008.net
testyourantivirus.com
xp2008antivirus.net

[Donna]

Another one as per one of the comment in my blog:

Quote

5.yxazomm.com/2r

but I visited that page and see nothing (yet)

[TeMerc]

Out of all those very few actually loaded for me. Most all had a simple couple of lines:

Quote

This IP is being shared among many domains.
To view the domain you are looking for, simply enter the domain name in the location bar of your web browser.

I was able to get one download out of about 4 that actually loaded content, and of course it was a malicious file.

There is no doubt that once these go 'live' all content will be malware.

Inexperienced users need to stay away from those sites. Even the ones that look innocent.

[Donna]

Another one:
antivirusxp-08.net

[Donna]

More rogue domain of above fake software as per MD

antivirus0003.com
antivirus0004.com
antivirus0005.com
antivirus0006.com
antivirus0007.com
antivirus0015.com
antivirus2009online.com
antivirusxp-pro.com
antivirusxp2009.com
pwrantivirus.com
theantivirusscan.com
wista-antivirus2009.com
xpertantivirus.com

Add the above in your blocklist, hosts file or restricted sites (if not listed yet)





Domain Name: ANTIVIRUS0003.COM
Reseller..............: Australian Websites
Created on............: 15 Aug 2008 02:14:23 EST
Expires on............: 15 Aug 2009 02:14:23 EST
Record last updated on: 15 Aug 2008 02:14:23 EST
Status................: ACTIVE

Owner, Administrative Contact, Technical Contact, Billing Contact:
Kyle BOXELL (ID00377853)
2a BENNERLEY ROAD
LONDON, LONDON SW11 6DS
United Kingdom (UK)
Phone: +44.7940441907
Email: garrettp73@yahoo.com

Domain servers in listed order:

NS1.DOMAIN.COM
NS2.DOMAIN.COM
NS3.DOMAIN.COM

[Donna]

More as per MD blog:

antivirusq.net
antivirus2008b.net
antivirus2008m.net
antivirus2008n.net
antivirus2008v.net
antivirus777.com
antivirusq.net
antivirusr.net
antivirust.net
antivirusw.net
antivirusu.net
expressantivirus2009.com
main-scanner.com
antivirusfreescan2009.com
antivirus-2008-noadware.com
antivirusonline-2009.com
antispydeluxe2009.com
antivirus-noadware-2008.com
antivirus-2008.org
antivirus2009online.com
antivirusxp2009.com
wista-antivirus2009.com
powerantivirus-2009.com
antivir2008.us
antivirus-2009-pro.com
antivirus2009free.com
xp-2008-antivirus.com
xp-2008-antivirus.net
2antivirus2008.com
3antivirus2008.com
5antivirus2008.com
6antivirus2008.com
8antivirus2008.com
antivirussolution2008.com
antispyware2008sales.com
antivir2009.com
antivirus-best-2008.com
antivirusxp-2008.net
antivirus-download-2008.net
antivirusxp2008.org
norton-antivirus-2007.com
powerantivirus2009.com
2008-antivirus-free.com
2008-antivirus-free.net
2008-antivirus-software.com
2008-antivirus-software.net
2008-antivirus.net
2008-free-antivirus.com
2008-free-antivirus.net
2008-software-antivirus.com
2008-software-antivirus.net
2008-xp-antivirus.com
2008antivirusfree.com
2008antivirusfree.net
2008antivirussoftware.com
2008antivirussoftware.net
2008antivirusxp.net
2008freeantivirus.com
2008freeantivirus.net
2008softwareantivirus.com
2008softwareantivirus.net
2008xpantivirus.com
2008xpantivirus.net
antivirus-2008-free.com
antivirus-2008-free.net
antivirus-2008-software.com
antivirus-2008-software.net
antivirus-free-2008.com
antivirus-free-2008.net
antivirus-software-2008.com
antivirus-software-2008.net
antivirus2008free.com
antivirus2008free.net
antivirus2008software.com
antivirus2008software.net
antivirus2008xp.net
antivirus2009-software.com
antivirusfree2008.com
antivirusfree2008.net
free-2008-antivirus.com
free-2008-antivirus.net
free-antivirus-2008.com
free-antivirus-2008.net
free2008antivirus.com
free2008antivirus.net
freeantivirus2008.net
software-2008-antivirus.com
software-2008-antivirus.net
software-antivirus-2008.com
software-antivirus-2008.net
software2008antivirus.com
software2008antivirus.net
softwareantivirus2008.com
softwareantivirus2008.net
xp2008antivirus.net
2008antivirusxp.com
2008antivirus.net
antivirus-2008-xp.com
antivirus-xp-2008.net
antivirussoftware2008.net
antivirussofware2008.com
antivirusxp2008.net
xp-2008-antivirus.com
xp-antivirus-2008.com
xp2008antivirus.com
xpantivirus2008.net
antitrojan-2008.com
antivirus-pro-2008.com
antivirus-protection2008.com
windows-antispyware-2008.com
antivirus2009-freeverscan.com
freeantivirus2009.com
norton2009antivirus.com
nortons2009antivirus.com
nortonsantivirus2009.com
antispyware2008scanner.com
antivirus-2009pro.com
myantivirusprotection2009.com
power-antivirus-2009.com

antivirusq.net
antivirus2008b.net
antivirus2008m.net
antivirus2008n.net
antivirus2008v.net
antivirus777.com
antivirusq.net
antivirusr.net
antivirust.net
antivirusw.net
antivirusu.net
expressantivirus2009.com

http://malwaredatabase.net/blog/index.php/...22/dotm-update/

main-scanner.com
http://malwaredatabase.net/blog/index.php/...antivirus-2009/

WinSpywareProtect:

antivirus777.com
antivir-online-scan.com
http://malwaredatabase.net/blog/index.php/...ntivirusv10exe/