Author Topic: German Rogue Antivirus  (Read 4696 times)

0 Members and 1 Guest are viewing this topic.

August 28, 2009, 11:57:31 am
Read 4696 times

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Code: [Select]
hxxp://trojaner-doktor-2009.com/index-trojaner.html
hxxp://download.antivirusdoktor.com/antivirusdoktor_v08.exe

http://www.virustotal.com/analisis/5919d3e331200383842c3e81c623a724836f0dc0e40292286c0d6b95125e699e-1251459812 15/41


Code: [Select]
hxxp://download.antivirusdoktor2009.info/antivirus-doktor-v04de.exehttp://www.virustotal.com/de/analisis/ffc07a8b9bd72600ef9b6c0acdd1c3e0b2ac015d8fc0f63080f0004f5ba84c9e-1251460216 2/41

Ruining the bad guy's day

August 28, 2009, 12:40:25 pm
Reply #1

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Code: [Select]
hxxp://download.antivirusdoktor2009.info/
 hxxp://download.antivirusdoktor2009.info/registrydoktor_v08.exe
 hxxp://download.antivirusdoktor2009.info/registry-doktor-v03fr.exe
 hxxp://download.antivirusdoktor2009.info/registry-doktor-v03de.exe
 hxxp://download.antivirusdoktor2009.info/regisrty-doktor-v06.exe
 hxxp://download.antivirusdoktor2009.info/antivirusdoktor_v08.exe
 hxxp://download.antivirusdoktor2009.info/antivirusdoktor_v06.exe
 hxxp://download.antivirusdoktor2009.info/antivirus-doktor-v04fr.exe
 hxxp://download.antivirusdoktor2009.info/antivirus-doktor-v04de.exe
 
hxxp://download.antivirusdoktor2009.info/1.1%20-%20registry-doktor-v04fr.exe
 
hxxp://download.antivirusdoktor2009.info/1.1%20-%20registry-doktor-v04de.exe
 
hxxp://download.antivirusdoktor2009.info/1.1%20-%20antivirus-doktor-v04de.exe


Statistics:
http://download.antivirusdoktor2009.info/astats/

Thanks, Martin !!!
Ruining the bad guy's day

August 28, 2009, 12:46:00 pm
Reply #2

RS-232

  • Special Access
  • Sr. Member

  • Offline
  • *

  • 165
Excellent work...couple of mirrors /open dirs:
Quote
hxxp://doktor.fileburst.com/
hxxp://download.registrydoktor2009.net/
hxxp://download.registry-cleaner-doktor.com/
Only for the "fun" of it...rs-232 aka sowhat-x aka younameit ;-)
http://www.youtube.com/watch?v=fADjY97_KTw

August 28, 2009, 01:43:41 pm
Reply #3

kurzpc

  • Newbie

  • Offline
  • *

  • 8
Here are some websites that also belong Rogue AV.

Code: [Select]
http://97.74.181.55/rd/fr/index-top.html
http://97.74.181.55/rd/fr/index-vista.html
http://97.74.181.55/rd/fr/index-ie.html
http://97.74.181.55/rd/fr/index-windows.html
http://97.74.181.55/rd/de/index-ie.html
http://97.74.181.55/rd/de/index-top.html
http://97.74.181.55/rd/fr/index-xp.html
http://97.74.181.55/rd/de/index-xp.html
http://www.antivirusdoktor.com/index.html
http://trojaner-doktor-2009.com/index-trojaner.html

August 28, 2009, 03:18:14 pm
Reply #4

leegraves

  • Newbie

  • Offline
  • *

  • 3
    • eSoft ThreatCenter
At eSoft we found the following domains and IPs associated with this scam on Monday. There may have been more registered since...

72.167.232.198
------
antivirusdoktor.com
antivirus-doktor.com
antivirusdoktor2009.com
antivirusdoktor-2009.com
antivirus-koktor-2009.com
malwaredoktor.com
malware-doktor-2009.com

97.74.144.150
------
registrydoktor.com
registry-doktor.com
registrydoktor2009.com
registry-doktor-2009.com
windowsxp-reparieren.com

97.74.144.146
------
reparer-internet-explorer.com
repare-windows.com
reparation-windows-xp.com
reparer-windows-vista.com

72.167.232.198
-------
trojaner-doktor.com
trojaner-doktor-2009.com

74.204.161.50
-------
download.registrydoktor2009.info
download.antivirusdoktor.com