best-click-scanner.info Antivirus 2010 Rogue AntiSpyware

best-click-scanner.info Antivirus 2010 Rogue AntiSpyware best-click-scanner.info, av1-click-download.info and av-click-site.info are site that distribute Antivirus 2010 a new rogue antivirus application Site screenshot: hxxp://best-click-scanner.info/scan.php [67.205.75.14] Fake Microsoft Security Warning Message: Trojan.Mytob Trojan.Zlob.z Worm.Apache.x Spyware.IEMonster.b Zlob.PornAdvertiser.Xplisit Trojan.InfoStealer.Banker.s Fake messages: Harmful and malicious software detected. These programs may damage your computer and steal your private information. Online Security Scanner requires Antivirus 2010 components to protect your computer. Please click OK to download and install Antivirus 2010 components. Associated website [70.38.19.206] av1-click-download.info av-click-site.info
Analysis:
	Site URLs: hxxp://av1-click-download.info/install.php?campaign=&country=                     File info: AntiVirusInstaller.exe             File size 45588 bytes     MD5 4b28cc4e75b9f7d38725e76d05ffdea3                     ThreatExpert: Report     VirusTotal: Report     Sunbelt: Report     Prevx: Report             First received 03.23.2009 17:33:31 (CET)     Results 14/39 (35.90%)             Alias: Trojan.Win32.Tibs!IK a-squared       HEUR/Crypted Antivir       Trojan.DownLoad.33135 DrWeb       Suspicious File eSafe       Trojan.Win32.Tibs Ikraus       Trojan-Downloader.Win32.FraudLoad.vmza Kaspersky       Generic!Artemis McAfee+Artemis       Heuristic.Crypted McAfee-GW-Edition       Trojan:Win32/Tibs.IT Microsoft       Suspicious File Panda       Medium Risk Malware Prevx1       Trojan.DL.Win32.Mnless.cok Rising       Trojan.Fakeavalert Symantec       Cryp_FakeAV-11 TrendMicro
Analysis of av1-click-download.info/en/PE/svchost.exe:
	Site URLs: hxxp://av1-click-download.info/en/PE/svchost.exe                     File info: svchost.exe             File size 80896 Bytes     MD5 9ce49f6f3b41260def0a53a85d95f0d3                     ThreatExpert: Report     Anubis: Report     VirusTotal: Report - Reanalysed     Sunbelt: Malware Report for ID: 8064472             First received 03.24.2009 06:11:38 (CET)     Results Result: 8/38 (21.05%)             Alias: TR/Fakealert.WW.2 Antivir       Suspicious file eSafe       Suspicious:W32/Malware!Gemini F-Secure       Trojan:Win32/Tibs.IT Microsoft       Suspicious file Panda       AdWare.Win32.FakeAV.q Rising       Trojan.Fakeavalert Symantec       PAK_Generic.001 TrendMicro
Result when running:
	Display fake BlueScreen "MALWARE.MONSTER.DX_NEW_0xA21518F0"
Analysis of av1-click-download.info/en/PE/install.exe:
	Site URLs: hxxp://av1-click-download.info/en/PE/install.exe                     File info: install.exe             File size 45568 Bytes     MD5 e079854d56607f16fb0d5db3b724c0de                      ThreatExpert: Report     Anubis: Report     VirusTotal: Report             First received 03.21.2009 16:00:04 (CET)     Results 12/39 (66.67%)             Alias: W32/FakeAV.8074!tr       Trojan-Downloader.Win32.FraudLoad.vmtk       SHeur2.WXJ       TR/Crypt.XPACK.Gen       Sus/FakeAV-A       Trojan.Win32.Tibs (Sig-Id:470535) [Ikarus Virus Scanner]
Result when running: