Monday, February 20, 2012

Prizegiveaway.org

Prizegiveaway.org (http://www.prizegiveaway.org/winner) is the latest scam-website. It makes people believe that they won iPhone 4s. Trojan.Downloader malware generates ad's that leads users to Prizegiveaway.org or \ and redirects to this useles web-site. If your Mac (Safari browser) was infected - use this tool. For Internet Explorer \ Firefox\ Opera \ Chrome browsers - download and install Spyware Doctor.


Prizegiveaway.org snapshot:


Prizegiveaway.org domain and server details:
Domain ID:D163861032-LROR
Domain Name:PRIZEGIVEAWAY.ORG
Created On:14-Nov-2011 05:13:46 UTC
Last Updated On:14-Jan-2012 03:48:20 UTC
Expiration Date:14-Nov-2012 05:13:46 UTC
Sponsoring Registrar:eNom, Inc. (R39-LROR)
Status:CLIENT TRANSFER PROHIBITED
Registrant ID:46e2363440a6e2e1
Registrant Name:WhoisGuard  Protected
Registrant Organization:WhoisGuard
Registrant Street1:11400 W. Olympic Blvd. Suite 200
Registrant Street2:
Registrant Street3:
Registrant City:Los Angeles
Registrant State/Province:CA
Registrant Postal Code:90064
Registrant Country:US
Registrant Phone:+1.6613102107
Registrant Phone Ext.:
Registrant FAX:+1.6613102107
Registrant FAX Ext.:
Registrant Email:
Admin ID:c8e46449d151bbf4
Admin Name:WhoisGuard  Protected
Admin Organization:WhoisGuard
Admin Street1:11400 W. Olympic Blvd. Suite 200
Admin Street2:
Admin Street3:
Admin City:Los Angeles
Admin State/Province:CA
Admin Postal Code:90064
Admin Country:US
Admin Phone:+1.6613102107
Admin Phone Ext.:
Admin FAX:+1.6613102107
Admin FAX Ext.:
Admin Email:
Tech ID:31a6123440a6e2e1
Tech Name:WhoisGuard  Protected
Tech Organization:WhoisGuard
Tech Street1:11400 W. Olympic Blvd. Suite 200
Tech Street2:
Tech Street3:
Tech City:Los Angeles
Tech State/Province:CA
Tech Postal Code:90064
Tech Country:US
Tech Phone:+1.6613102107
Tech Phone Ext.:
Tech FAX:+1.6613102107
Tech FAX Ext.:
Tech Email:
Name Server:NS10.DNSMADEEASY.COM
Name Server:NS11.DNSMADEEASY.COM
Name Server:NS12.DNSMADEEASY.COM
Name Server:NS13.DNSMADEEASY.COM
Name Server:NS14.DNSMADEEASY.COM
Name Server:NS15.DNSMADEEASY.COM
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
DNSSEC:Unsigned
 Rename the remover to "explorer.exe" or try to install from Safe Mode if virus blocks download\installation

No comments: