tubeloyaln.com Fake Codec and RogueAV Revisited

tubeloyaln.com Fake Codec and Rogue Antivirus revisited The previous page which include 14 domain (10 active) is here READ THIS page if you need more information Fake codec and fake scanner page: hxxp://tubeloyaln.com/scan/?id=.. hxxp://tubeloyaln.com/tube/?id=197&title=adult+movie win-pc-defender.com hxxp://winpcdown09.com/file.exe VirusTotal: 14/40 Anubis File size: 71680 bytes MD5...: ac10a8c9d0e7508beafa6f61c1af44bc Alias: Win32/Insebro.A - Adware.WinPCDefender hxxp://winpcdown09.com/file.exe VirusTotal: 10/39 Anubis Prevx File size: 1022464 bytes MD5...: 34e1cd77554c06f9d24a6857f702b4fd Alias: FakeAlert.IM - Win32/FakeRean - WinPCDefender ThreatExpert (other file) Fraudulent payment system: hxxp://billingpayment.net/pp/?id= winpcdown09.com winpcdown99.com VirusTotal: 21/40 Prevx Anubis File size: 98304 bytes MD5...: d15e5bb28d5e4c31651efb32e000397f Alias: Trojan:Win32/Alureon - Win32.Tdss - DNSChanger.r Associated website: trafficstatic.com [92.48.91.144] statsanalist.cn [72.233.114.126] livefind1blogging.com [72.233.115.169] The new list is as follow (including sub-domains): iloveyourbrain.com loyal-tube.com loyaldown99.com loyaltube.com loyaltube09.com loyaltube10.com rakompoporyadkunazaryadku.com ruler-domains.com setupdatdownload.com tube-loyal.com tubeloyal.com tubeloyaln.com billingpayment.netcodecs.tubeloyaln.com lamer.tubeloyaln.com videosz.tubeloyaln.com wedare.tubeloyaln.com velzevuladmin.com win-pc-defender.com winpcdown09.com winpcdown99.com xp-police-09.com xp-police-2009.com xp-police-antivirus.com xp-police-av.com xp-police-engine.com xp-police.com gofuckbiz.xp-police.com lamer.xp-police.com suckmydick.xp-police.com rulerteam.xp-police.com sigurd.xp-police.com DNS: ns1.loyaltube10.com ns1.tube-loyal.com ns1.tubeloyal.com ns1.winpcdown09.com ns1.winpcdown99.com ns1.xp-police.com ns2.loyaltube10.com ns2.tube-loyal.com ns2.tubeloyal.com ns2.winpcdown09.com ns2.winpcdown99.com ns2.xp-police.com ns3.xp-police.com ns4.xp-police.com ns5.xp-police.com IP: 213.163.65.10 Reverse: mail.l1ght.net Route: 213.163.64.0/19 AS:AS20495 - WEDARE We Dare BV Autonomous System
Analysis:
	Site URLs: hxxp://tubeloyaln.com/scan/?id=..       hxxp://tubeloyaln.com/tube/?id=197&title=adult+movie       hxxp://tubeloyaln.com/codec/.exe               hxxp://wincodecupdate.com/codec/.exe                     File info: codec.exe             File size 107010 bytes     MD5 e66fb67721bcb6a6b47879e451ce905b                     ThreatExpert: Report     VirusTotal: Report     Anubis: Report             First received 04.05.2009 06:39:41 (CET)     Results 6/40 (15%)             Alias: FakeAlert.IR AVG       (Suspicious) - DNAScan CAT-QuickHeal       Suspicious File eSafe       Downloader-BON McAfee       Downloader-BON McAfee+Artemis       TrojanDropper:Win32/Insebro.A Microsoft       Malware-Cryptor.Win32.Zorq VBA32
Network graph