Skip to main content

Security Tidbits : XP AntiSpyware 2009, Antivirus 2010 and SSH Scam sites update

New rogue: XP AntiSpyware 2009

Thanks to Patrick Jordan for the Rogue update.

XP AntiSpyware 2009 is a clone ofWinReanimator (opens in new tab)andXPSecurityCenter (opens in new tab)rogues.

This group ofrogue security products are usually pushed throughTrojan-Downloader.braviax (opens in new tab)orTrojan.fakealert (opens in new tab)Trojan.

XP Antispyware 2009

(opens in new tab)

Fake Windows security Center

Windows Security Center

(opens in new tab)

206.161.120.20 Xp-antispyware2009. com

206.161.120.21 Xp-antispyware-2009. com

206.161.120.22 Xpantispyware-2009. com

206.161.120.23 Xpas2009. com

206.161.120.24 Xp-as-2009. com

New rogue: Antivirus 2010

Antivirus 2010 is a new rogue security product. This rogue is a clone evolved from IEdefender that begat XP Antivirus, that begat Antivirus 2008, that then begat Antispyware 2009.

Thanks to Patrick Jordan for the detailed historical information about this rogue family.

Antivirus 2010

(opens in new tab)

217.20.175.74 Av2010. net

AV2010

(opens in new tab)

The rogue application uses the same old tricks to lure users into purchasing their worthless application.

AV2010 scare block

(opens in new tab)

Fake Windows Security Center

Fake WSC AV2010

(opens in new tab)

Fake BSOD

Av1

Av2

(opens in new tab)

SSH Scam sites update

Zlob (opens in new tab)Trojan Distributing site:

91.203.92.11 Movsmedia. com

Scam Internet Security Page:

91.203.92.12 Homepageonweb. com

404ErrorpageScam:

91.203.92.12 Misdnspage. com

Security Guide Scam Page:

91.203.92.12 Websclinks. com

Ad-Server-Gate Pages:

91.203.92.12 Qpwoi. com

91.203.92.12 Ghjfd. com

Protection Center Scam Page:

91.203.92.11 Securefires. com

Scam Security Toolbar site:

91.203.92.11 Safetybargoal. com

IE AntiSpywareStore site:

208.72.168.84 Ietoolsupdate. com

As we always say please stay clear of these sites.

Alex is a technology CEO, with leadership, operating partner, investor, and board member roles at security firms including AutoLoop, Borland, Quarterdeck (now Symantec and Cisco WebEx), GFI/TeamViewer, Sunbelt Software (now ThreatTrack Security), BlueStripe Software, StopBadware, Knowbe4, Malwarebytes, and Runaware Holding AB. When CEO of Sunbelt he ran a security blog, and he still writes on security.