New Rogue – AntiVirGear!
Wow, it seems that the last time I reported a new rogue was forever! I’m now back in business after a period of time away with other matters!
And to break the ice gently, let’s welcome a new rogue into the database. AntiVirGear!
First reported by Nick Skrepetos (SUPERAntiSpyware.com) this rogue looks all to familiar to older rogues. Like VirusProtectPro, SpyLocked and others.
(Click to Enlarge)
The details of who it belongs to hasen’t changed either. It’s still an Estdomains Inc piece of junk like the whois shows:
Registration Service Provided By: ESTDOMAINS INC
Contact: +1.3027224217
Website: hxxp://www.estdomains.comDomain Name: ANTIVIRGEAR.COM
Registrant:
PrivacyProtect.org
Domain Admin (contact@privacyprotect.org)
P.O. Box 65
All Postal Mails Rejected, visit Privacyprotect.org
Monster
null,2680 AB
NL
Tel. +45.36946676Creation Date: 14-Aug-2007
Expiration Date: 14-Aug-2008Domain servers in listed order:
ns4.sigmacode.biz
ns3.sigmacode.biz
ns2.sigmacode.biz
ns1.sigmacode.biz
It’s IP, 64.28.186.68, is blacklisted.
The interesting thing to point out is that the install file is named as avg_install.exe. Do not get confused with that install being anything from AVG Grisoft. As silly as it sounds, people do trip up on things like this.
This rogue needs to be avoided at all costs. Obviously in some cases it will be hard to avoid. But do not purchase it. It’s fake. Instead get help in our malware removal forum.
Simple steps will make sure this is removed and advice is given to avoid getting it again. You can also join the debate about this in our forum. Give us your opinion on this.
Update – 15th of Sept – Automated Removal Guide <–Click there
Hi Andy,really its a very good plan to remove the viruses like spyware,malware but can you please tell me how it will works automatically without any installation….
I’m not sure I understand your question.