Computer Tips -Tech Info

To follow up the last post about watching google hot trends….

I noticed an unusual search in the trends for rootscan.info. It currently seems to redirect to a site talking about rogue antivirus removal so it might not be anything, but the related searches for virus doctor, virus doctor removal, windows pc defender removal make me wonder if we’ve got another wave of rogue applications. Everything I see referenced is older though with the possible exception of Windows PC Defender.

I found this listing of domains that should be blocked related to Windows PC Defender:

74.125.45.100 4-open-davinci.com
74.125.45.100 securitysoftwarepayments.com
74.125.45.100 privatesecuredpayments.com
74.125.45.100 secure.privatesecuredpayments.com
74.125.45.100 getantivirusplusnow.com
74.125.45.100 secure-plus-payments.com
74.125.45.100 www.getantivirusplusnow.com
74.125.45.100 www.secure-plus-payments.com
74.125.45.100 www.getavplusnow.com
74.125.45.100 www.securesoftwarebill.com
74.125.45.100 secure.paysecuresystem.com
74.125.45.100 paysoftbillsolution.com

–Update–

Now I’ve had a chance to take a look at the site further that rootscan.info is redirecting to. It’s cgidoctor.com

I see reports over at McAfee’s siteadvisor that some users are claiming there is spyware/adware being pushed from that site. I’m visiting it via firefox/linux and am not seeing anything overtly suspicious. It looks as though the download that is in each of the posts is for an installer for spyware doctor. (PCTools Spyware Doctor is a legitimate piece of software assuming that they are one and the same. (It’s Starter Edition is included in the Google Pack.) Mcafee’s scan of cgidoctor.com claims that it’s clear however many users have complaints about the site hosting dubious rogue downloads. There is also a site that has covered the rogue software groups does list cgidoctor.com as a blackhat SEO farm site for pushing software to remove the infections. By the way this site ddanchev.blogspot.com has some good info on the scareware groups and some of the domains that are being used to push the stuff.

Popularity: 1% [?]

   Send article as PDF   

• How to Remove Windows Enterprise Defender (Removal Guide) Windows Enterprise Defender is a rogue antivirus application that uses the name of Windows Defender and the similarities of their name to appear as an official product or add on to windows. Of course, the real Windows Defender is a legitimate application, but Windows Enterprise Defender is a rogue antivirus......
• How to Remove Control Center | Control Center Removal Guide Control Center is a Rogue Security application that is designed to scare people into paying for it. It is a scam. All of it's claims about compromised system security are falsified and it really doesn't do anything outside of promote itself. It would be best if you were to avoid......
• Modern Computer Viruses are almost NEVER from whom they claim to be from This is one that I've probably talked about before, but it's worth rehashing because of a call I had this afternoon. A customer had been receiving phone calls and email messages from folks asking that he stop sending them a virus. Essentially all of the viruses were claiming to be......

• Myrtle Creek Golf Course, Myrtle Creek, OR Myrtle Creek Golf Course is located in: Myrtle Creek, OR Phone: 888-T-MYRTLE Website: http://www.myrtlecreekgolf.com/ Course History: This is a terrific course that offers a wonderful traditional experience with just the right mix of challenge and fun. The course was first opened with 9 holes in 1997, and the back nine......
• Are You Putting The Cart Before The Horse? (function() {var s = document.createElement('SCRIPT'), s1 = document.getElementsByTagName('SCRIPT')[0];s.type = 'text/javascript';s.async = true;s.src = 'http://widgets.digg.com/buttons.js';s1.parentNode.insertBefore(s, s1);})(); 3Digg Digg (function() {var s = document.createElement(‘SCRIPT’), s1 = document.getElementsByTagName(‘SCRIPT’)[0];s.type = ‘text/javascript’;s.async = true;s.src = ‘http://widgets.digg.com/buttons.js’;s1.parentNode.insertBefore(s, s1);})(); 3 Digg Digg (function() {var s = document.createElement(‘SCRIPT’), s1 = document.getElementsByTagName(‘SCRIPT’)[0];s.type = ‘text/javascript’;s.async = true;s.src = ‘http://widgets.digg.com/buttons.js’;s1.parentNode.insertBefore(s, s1);})();......
• Start Investing P2P Lending I have been investing in p2p lending on Prosper since July 06. I consider it an alternative asset class and orthgonal to the stock market.  I am regularly asked if someone should invest in p2p lending... I think the answer is a loud and clear yes! But before you rush......

Similar Posts

• How to Remove Virus Doctor (or Remove VirusDoctor) | Virus Doctor Removal
• Antivirus Removal Tools
• Remove Proof Defender | Proof Defender Removal
• How to Remove Windows Enterprise Defender (Removal Guide)
• How to Remove Windows PC Defender | Windows PC Defender Removal

This entry was posted on Saturday, September 19th, 2009 at 2:01 am and is filed under antivirus, Rogue Security Software. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.