60+ rogue antivirus, fake security sites, asprox domains.
Sources: sunbeltblog.blogspot.com, ddanchev.blogspot.com, shadowserver.org, and others:
0scanner .com homesecuresite .com 1o0o1 .com hotfreexxx .info anti-spyware11 .com hotmovies69 .com anti-spyware4 .com ienewbar .com anti-spyware8 .com ilizium .com anti-virus-xp .net km31539 .keymachine .de krasotki .cn antimalwarewarrior2009 .com antispywareinc .org mega-drugstore .net antivirus-buy1 .com mega1search .com antivirus-cs1 .com mentoe .ru antivirus-cs14 .com mfads .com antivirus-cs15 .com mheop .ru antivirus-cs4 .com newwmpupdate .com antivirus-cs5 .com online-sex-video .com antivirus-cs8 .com openmenow .com ytgw123 .cn personalantispy .com seooss .info pestsweeper .com bestbloggin .com pormce .ru bestbookblog .com qwertypages .com besthostdot .com ratedcontentsite .com bettasearch .com realpicmov .com charitymob .com secureharley .com clearcontentsite .com antivirusfulldefence .com clearpornurlssite .com spysoap .com cnnworld .org uncensored-p0rn .info ctiry .ru ungds .com deryv .ru uniqueadult .com dnserrorview .com upgrade-your-software .com euroclubinfo .com viagrageneric .org freeantivirus-online .com west-video-ass .info xenbv .ru wmpware .com yrhfn .com antivirus2008exp .com
The Internet Storm Center has two important articles:
1. 10 signs you might be compromised, and don’t even know it
The asprox domain – ytgw123 (dot) cn is injected using a via a cookie.
A quick search on google (hxxp://www.google.com/search?q=ytgw123 – don’t click on any results!) reports New York Methodist Hospital, quicklogic, and others are infected.
Domain will be added on the next update, but you should not wait.
Some asprox, zlob, fake security pages, rogue antivirus domains to add to your blocklist.
Sources: www.matchent.com, sunbeltblog.blogspot.com, www.dynamoo.com, and others.
32ddk .name homesiteurls .com 3confirm .ws hqsextube08 .com 3cookie .tv ierenewals .com 4ssl .bz int3rn3t-d3f3ns3s .com 4ssl .ws mnbenio .ru 51com .ru mnicbre .ru 5jsp .bz movsdevices .com 64crypt .cc pkseio .ru 6usa .us protectnotice .com 73comm .asia prt3ctionactiv3scan .com 7confirm .gs secure4 .cc 9control .tk securealertbar .com aabb1122 .com add-block-plus .net ssl81 .in eantivirus-payments .com asp1tw .com total-secure2009 .com bank7 .name urlsofdnserrors .com conf68 .mobi user9 .bz vtg43 .ru vassariumpromo .com eufnt .com vjccc .com ss11qn .cn fastshortcuts .com xbstw .com wmptools .com
Updates are located at http://www.malwaredomains.com/updates
The full files are located at: http://www.malwaredomains.com/files
BOOT file is in MS DNS format
spywaredomains.zones file is in BIND format
Also available in AdBlock, ISA, and MaraDNS formats!
Now a trusted source on the WOT-the Web of Trust!
Used by SURBL, MOREnet, and others…
rogue antivirus domains, asprox, sql injection domains. Sources: malwaredatabase.net, www.emergingthreats.net, www.matchent.com, www.threatexpert.com, and more.
2bank .su com62 .gen .in 2online .su dll82 .biz 5asp .su do18 .mobi 5aspx .ws enhancedie .com 5bank .su ex6 .ru 5cfm .cc getoutdoors .net .au 64asp .ru hfnvp .com 7asp .su id92 .bz 800mg .cn jjyyzmj .cn 8aspx .su jsp25 .mobi 8com .name jsp27 .co .uk aijingru .com jsp51 .mobi juc8 .ru amistypedurl .com antivironline .com linkfordesktop .com zmjjjyy .cn antivirus-xp-08 .net asp24 .su classicmediapl .com asp28 .eu observesecure .com asp62 .biz pagesuploader .net asp62 .mobi prtectionactivescan .com aspx12 .su santa-inbox .com aspx46 .com smart-antivirus2009v2buy .com aspx56 .biz smartantivirus-2009v2buy .com aspx8 .biz smartantivirus2009v2-buy .com bank19 .mobi smartantivirus2009v2 .com check9 .biz smartantivirusv2 .com locm .ru spyrix .ru com45 .su spyware-quickscan-2008 .com com51 .su sweathomepage .com com52 .co .uk turkonz .com net83 .ru yuiqd .com gcodecadult2008-17 .com codec-portal08 .com
Over 75 new domains. Sql Injection, asprox, fake security pages, rogue antivirus. Sources: sunbeltblog.blogspot.com, malwaredatabase.net, www.dynamoo.com, and others:
19ssl .net alldiskscheck300 .com 22net .ru altawebgl-500 .com 24aspx .com antispyware-free-scanner .com 2aspx .net antivirussecurity-solution .com 4net9 .ru aprotectionhelp .com 56ssl .com as-pro-xp-download .com 58ssl .com masterspitetds09 .com 64asp .ru brokenurls .com 64do .com cusln .com 6aspx .com dailyhomesite .com 74asp .net desklinks .com 81ssl .com directrevisions .com 83asp .co doups .cn 8ssl .net download-base .com 92prt .ru download-soft-4free .com 9aspx .net download-soft-basez .com 9ssl .net online-security-systems .com acr34 .ru filescheck-list303 .com jzm013 .cn firstaidclicks .com jzm014 .cn freeonlinescanner9 .com jzm015 .cn seamastersoft .com asl39 .ru googlescanners-360 .com eufks .com homepagetoday .com fst9 .ru xp-licensingpages .com ms-avc .com protectionpurchase .com hs7yue .cn xpprotector .com net83 .ru immediallc .com nowherepage .com intervidd .com ok2bstr8 .com msantivirus-xp .com on1000000 .cn pcsdefender .com hxg008 .cn safensecurebar .com oryfn .com soft-upgrade-network .com ieextend .com softlayerdll .com slivtraf1 .com software-downloadz .com pwrware .com spypreventers .com qingfeng01 .cn webprobar .com rycsp .com windows-av .com sel92 .ru winsecuritydl .com minimal345 .com >winxp-antivir-on-line-scan .com
Updates are located at http://www.malwaredomains.com/updates
The full files are located at: http://www.malwaredomains.com/files
BOOT file is in MS DNS format
spywaredomains.zones file is in BIND format
Also available in AdBlock and ISA formats!
Now a trusted source on the WOT-the Web of Trust!
Used by SURBL, MOREnet, and others…
Lots of rogue security domains, some asprox, some zlob. Sources: sunbeltblog.blogspot.com, ddanchev.blogspot.com, malwaredatabase.net, and others:
1000ylc .cn codecservice1 .com 2008antivirus .net codecservice6 .com 2008antivirusxp .com antivirus-noadware-2008 .com 2antivirus2008 .com encountertracker .ws 3antivirus2008 .com expressantivirus2009 .com 5antivirus2008 .com faunarium .net 6antivirus2008 .com antispyware2008sales .com 8antivirus2008 .com freeantivirus2009 .com adult-s-portal .com freevidshardcore .com adult-x2008 .com thefunny-08 .com firstblu .cn fwlprocedure .com gnaa .us antispydeluxe2009 .com antitrojan-2008 .com hotadulttube08 .com antivir-64 .com moyapodruzhka .com antivir2008 .us mpegadaptationcom antivir2009 .com msantivirusxp .com antivirus-2008-xp .com msscanner .com antivirus-2008 .org myantivirusprotection2009 .com antivirus-best-2008 .com newcontent-s2008a .com crklab .us newfunnyvideo .com antivirus-pro-2008 .com norton-antivirus-2007 .com funny-08 .com norton2009antivirus .com antivirus2008-pro .com nortons2009antivirus .com antivirus2008-pro .name nortonsantivirus2009 .com antivirus2008-pro .org porndebug .com antivirus2008b .net pornmoviestube .net antivirus2008m .net realonlinevideo-2008 .com antivirus2008n .net antivirus-protection2008 .com retoneva .com scanner-prot .com antivirus2008pro .name secure-online-antivirus .com antivirus2008v .net sexlookupworld .com siteresults1 .com sfwinstrument .com antivirus2009free .com antivirus2008pro-download .org antivirus777 .com spywarepreventer .com stars-08 .com starfeed1 .com antivirusonline-2009 .com antivirus2009-freeverscan .com antivirusq .net thebigstars-08 .com antivirusr .net thebigstars2008 .com antivirussofware2008 .com yourfavoritetube .com antivirussolution2008 .com themusic-08portal .com antivirusu .net thestars-08 .com antivirusw .net thestars08 .com antivirusxp2008 .org thestars2008 .com bestcelebs .ru topdirectdownload .com bestfunnyvids .com topsoftupdate .com beyru .ru win-antivirus-protect .com celebs69 .com windows-antispyware-2008 .com celebsnofake .com worldstars2008 .com celebstape .com antivirusfreescan2009 .com celebsvidsonline .com xp-2008-antivirus .com wwvyoutube .com xp-antivirus-2008 .com
BOOT file is in MS DNS format
spywaredomains.zones file is in BIND format
Also available in AdBlock and ISA formats!
Now a trusted source on the WOT-the Web of Trust!
Used by SURBL, MOREnet, and others…
asprox, storm worm, rogue antivirus domains, and more domains to add to your domain blacklist.
Sources: www.matchent.com, www.sudosecure.net, www.abuse.ch,ddanchev.blogspot.com, and others:
2000y .net flashbill .netrbn aaszxe .ru freepostcardonline .com aaszxi .ru g26 .su aaszxo .ru harrowonthehillsfk .info aaszxp .ru hassomeonelostininter .net aaszxq .ru antivirusxp-08 .net aaszxr .ru yourlettercard .com aaszxt .ru jetp6 .ru aaszxu .ru loginconfirm .su aaszxw .ru loginupdate .su aaszxy .ru loginverify .su n73 .su loopk .ru avalonpay .com digitalaudiopostcard .com b8c .su netr2 .ru bankconfirm .su nucop .ru bankupdate .su oldpostcardshop .com bankverify .su port04 .ru iopoe .ru supergreetingcard .com beyry .ru superlettercard .com biblegateway .com ueur3 .ru blatundalqik .ru userconfirm .su brprbgok6 .com userupdate .su c6c .su userverify .su c75 .su v95 .su che .js verifybank .su confirm .su vj64 .ru wk8 .su vvb .su econfirm .su wfrules .ru f38 .su bestlettercard .com f48 .su worldpostcardart .com iopc4 .ru
domains.txt file is the complete list along with original reference.
Updates are located at http://www.malwaredomains.com/updates
The full files are located at: http://www.malwaredomains.com/files
BOOT file is in MS DNS format
spywaredomains.zones file is in BIND format
Also available in AdBlock and ISA formats!
Now a trusted source on the WOT-the Web of Trust!
Rogue antivirus, asprox, rbn domains to add to your blocklist. Sources:
blogs.zdnet.com, rbnexploit.blogspot.com, safeweb.norton.com, and others:
3gigabytes .com googlecomaolcomyahoocomaboutcom .net 3njx .ru guagaga .net ujnc .ru hirza .net a814 .cn i56web .org acs86 .com idolhotels .com okcd .ru jckxjcux .com adwarealert .com a-nahui-vse-zaebalo-v-pizdu .com nbh3 .ru mgconstrucoes .com bcus2 .ru adware-download .com bluexzz .cn windows-scanner2009 .com paiuuag .net byronadvertising .eu cb3f .ru antivirus-2009-pro .com ccuuuag .biz pizdos .net cnld .ru registryupdate .org cv34 .co .uk scforum .info db23 .co .uk stopgeorgia .info ewwxbhdh .com stopgeorgia .ru favoredtube .com toksikoza .net givuifib .com google-analysis .com ohueli .net vavscan .com killgay .com yandexshit .com yuku .com worknssrv .cn
Contact us if you want to help us keep the Malware Blocklist current.
domains.txt file is the complete list along with original reference.
Updates are located at http://www.malwaredomains.com/updates
The full files are located at: http://www.malwaredomains.com/files
BOOT file is in MS DNS format
spywaredomains.zones file is in BIND format
Also available in AdBlock and ISA formats!
Now a trusted source on the WOT-the Web of Trust!
Malicious domains include lots of rogue antivirus, fake antimalware, and asprox domains.
Sources: www.shadowserver.org, www.matchent.com, sunbeltblog.blogspot.com, malwaredatabase.net, and others:
sss0 .co .uk antispyware2008scanner .com sss2 .co .uk softwareantivirus2008 .com ter2 .co .uk free-2008-antivirus .com testyourantivirus .com free-2008-antivirus .net ticketlight .com free-antivirus-2008 .com xp2008antivirus .net free2008antivirus .com ysh2 .co .uk free2008antivirus .net zirvehit .com getas2008xp .com ds12 .co .uk software-2008-antivirus .com ds92 .co .uk software-2008-antivirus .net ia-license com software-antivirus-2008 .com ia-payment com software2008antivirus .com ia-scanner com software2008antivirus .net ia-support com softwareantivirus .net Internet-antivirus .com 2008-software-antivirus .net internetsecuritydeluxe .com 2008-xp-antivirus .com nowantivirus .com 2008antivirusfree .com rr3 .co .uk 2008antivirusfree .net as2008dl .com 2008antivirussoftware .com dfs3 .co .uk 2008antivirussoftware .net antivirus2008free .com 2008antivirusxp .net antivirus2008free .net 2008freeantivirus .com antivirus2008software .com 2008freeantivirus .net antivirus2008software .net 2008softwareantivirus .com antivirus2008xp .net 2008softwareantivirus .net antivirus2009-software .com 2008xpantivirus .net antivirusfree2008 .com antivirus-2008-free .com antivirusgl .com antivirus-2008-free .net antivirusprotection .us antivirus-2008-software .com 2008-antivirus-free .com antivirus-2008-software .net 2008-antivirus-free .net antivirus-free-2008 .com 2008-antivirus-software .com antivirus-software-2008 .com 2008-antivirus-software .net 2008-free-antivirus .com 2008-antivirus .net 2008-free-antivirus .net
Contact us if you want to help us keep the Malware Blocklist current.
domains.txt file is the complete list along with original reference.
Updates are located at http://www.malwaredomains.com/updates
The full files are located at: http://www.malwaredomains.com/files
BOOT file is in MS DNS format
spywaredomains.zones file is in BIND format
Also available in AdBlock and ISA formats!
Now a trusted source on the WOT-the Web of Trust!
malicious domains include asprox, malspam, rogue codecs, fake antivirus.
Sources: garwarner.blogspot.com, safeweb.norton.com, www.matchent.com, bharath-m-narayan.blogspot.com, and others:
1000mg .cn op21 .co .uk arjahevif .com plgou .com attomega .com mpegutility .com aykjfgves .com pressdownloadtostart .com ba1do .com red-codec .net bardaue .com .br renderize .net bkgpfgves .com sdo .1000mg .cn busyfgves .com sibercar-card .com dmiafgves .com sol .innopulse .es faj4ehght .com squinento96 .com famoutoito .net ticketmoon .net pov .ru tm19 .co .uk nitrocodec .net ui27 .co .uk gfdpves .com wr28 .co .uk . hhr2ehght .com xxkk .net hwh2ght .com flwinstrument .com iwi5fgves .com megabestsoftnah08 .com o23 .co .uk gabfundopv .com
Contact us if you want to help us keep the Malware Blocklist current.
domains.txt file is the complete list along with original reference.
Updates are located at http://www.malwaredomains.com/updates
The full files are located at: http://www.malwaredomains.com/files
BOOT file is in MS DNS format
spywaredomains.zones file is in BIND format
Also available in AdBlock and ISA formats!
Now a trusted source on the WOT-the Web of Trust!