(The quickest way to register)

Forum

Dear visitor! The webpage is only available in English. We're sorry for the inconvenience.
  1. User picture
    • Nigel-Lew on Sun 18 Oct 2009
    • 08:34:24 PM UTC

    http://www.updatecp.org/

    Didn't see this on the board so I posted it. Same crap as I posted last time, different domain :)

    Another drive by on SKYPE. I am vaguely curious as to how I get these as a system message. At any rate.....

    Nigel

    http://www.updatecp.org/

Comments:

  2. User picture
    • xxcxme on Sun 18 Oct 2009
    • 11:07:33 PM UTC

    I GOT THAT WEBSITE TOO FROM SKYPE!

    that http://www.updatecp.org/ thing looks like it's a spammer!!!! i got a notification on my skype!!! yikes! i hope i didn't get infected
  3. User picture
    • ProphetofSins on Sun 18 Oct 2009
    • 11:22:37 PM UTC

    I too got that message from

    I too got that message from Skype. I'm not even going to bother going there. Watch out people, this is malicious!
  4. User picture
    • jpvip on Sun 18 Oct 2009
    • 11:56:32 PM UTC

    Rated red

    Bad news.

    Here is a screenshot of the site: http://img4.imageshack.us/img4/6672/updatecporg.pn...

    Asks you to pay for Repair Registry 2008 rogue.

    ~DragonMaster Jay, malware researcher,
    Admin, helpmyos.com
  5. User picture
    • g7w on Mon 19 Oct 2009
    • 04:57:31 AM UTC

    re:updatecp.org

    Interesting paths...

    updatecp.org is hosted on IP: 208.110.88.94
    with the PTR being: fingoods02.fortnex.com

    You get the rogue scanner alert, fake scan and then a link to "erase threats"
    Clicking on the link displays a popup for pay to download.
    Clilcking on the checkout button you now enter:
    hxxps://cart.secureorderstore.com/secureorder/ordertp.php
    The Store shopping cart / checkout has the following hidden link:
    hxxps://usd.swreg.org/cgi-bin/s.cgi

    The footer of the store page states:
    ©2009 DR globalDirect, Inc.
    DR is abbreviation for Digital River
    The product you are to purchase is: Repair Registry 2008 <- hey! that's expired! this is 2009, LOL.
    FYI a registry cleaner does NOT remove malicious content, it is NOT AV security software.

    fortnex.com advertises:
    Imagine a Business Opportunity that offers you a way to earn unlimited income without handling any inventory, selling anything or even communicating with your own customers! A business that's so easy that it doesn't require learning anything technical and provides extensive support that Gets YOU Started Making Money Right Away!

    Every year, millions of dollars are paid to individuals, companies and cyber-preneurs for simply referring Internet visitors to the most popular websites. Now, thanks to the World Systems program, literally anyone can start making money the same way - and FAST!

    The form at the bottom of the page requests:


    Request Your FREE Information Below

    All Information is REQUIRED
    First Name: Last Name:
    Street Address: Apt/Suite #:
    Country: State/Province:
    Other State: City:
    Zip/Postal Code: Email:
    Primary Phone: Alternate Phone:
    Gender: Male Female
    Do you have home business experience? [Yes No]
    How soon could you start?
    How much time could you invest weekly?
    Extra monthly income that you desire?
    Investment to earn that income?
    Why are you interested in
    starting a home business?

    At the footer it states:
    Powered By TopAdMarket 2007 - 2008 All Rights Reserved | Advertising Affiliates |

    Links to:
    hxxp://topadmarket.com/
    hxxps://partners.topadmarket.com/affiliate_signup.html

    Currently all IP's and domain names are unrated:

    DIG:

    absolutecents.com
    bestermo.com
    bestshoppingdirectory.com
    faith-shopping.com
    flexinz.com
    funshoppingonline.com
    homeincs.com
    kalderan.com
    maddmail.com
    mousetrade.com
    mumento.com
    onezman.com
    servitro.com
    wowextramoney.com

    Name servers:
    ns1.thunderoffers.com
    ns2.thunderoffers.com

    ip numbers of nameservers
    69.50.212.19

    reverse names of the nameservers
    announceman.com

    domains sharing nameservers
    existomass.com
    flexinz.com
    growinz.com
    kalderan.com
    toedstool.com
    tophomeu.com
    wheelum.com
    fortnex.com subdomains:
    fingoods02.fortnex.com
    land.fortnex.com
    largefingoods.fortnex.com
    link2.fortnex.com
    myvir.fortnex.com
    tek.fortnex.com
    tek2.fortnex.com
    tek3.fortnex.com
    vps.fortnex.com
    vps2.fortnex.com

    thunderoffers.com
    no info just a page that states, "IT WORKS!"

    topadmarket.com
    The executive management team at TopAdMarket.com possesses years of direct-response marketing experience across variety of media arenas. Because of this, we are unique in our understanding of the dynamics involved in producing quality traffic that will result in consistent sales conversions for the end customer. We understand the needs of high-volume customers.

    Certain of our individual clients consume in excess of 50k real-time prospect leads from us per month. As an emerging network powerhouse, we are continually seeking relationships with key Internet publishers and affiliates to serve our clients. You can count on us to be a reliable partner with a focus upon working hard every day to earn your business. We diligently screen and qualify our applications to add only the best traffic and partnerships available. If you would like to become an advertiser with our network of websites and affiliates, or - if you are interested in publishing offers coming to our door every day, please take a moment to complete our application so that we can get acquainted.

    To Your Future Successes, TopAdMarket.com Executive Team

    topadmarket.com resides on IP: 65.23.159.186 reverse PTR is: rm-002-12.serve.com
    nameservers used by this domain:
    ns1.teknama.com
    ns2.teknama.com

    domains sharing nameservers
    absolutecents.com
    absotal.com
    advantagewebsales.com
    affiliategoldminepackage.com
    bbillyd.com
    bestshoppingdirectory.com
    blozi.com
    bossfreedom.com
    boydsonlineshopping.com
    dastinct.com
    deanwebmail.com
    discountwebsales.com
    easyjohn.com
    easymaine.com
    everlastingshop.com
    expertshoppingonline.com
    faith-shopping.com
    ftrap.com
    funshoppingonline.com
    happyclicking.com
    instrud.com
    justmatts.com
    loonieplanet.com
    metrogenious.com
    myhomebusinesscenter.com
    opimas.com
    pikfirst.com
    prosperityprofile.com
    sacrato.com
    savoyshoppingcenter.com
    scenterline.com
    schroedershoppingcenter.net
    sdfdsfds.com
    selfimagestore.com
    topenda.com
    ultimatewebmall.com
    weirock.com
    winterdrift.com
    wowextramoney.com

    ip numbers of nameservers
    66.197.177.21
    69.50.210.160

    Incoming mail for topadmarket.com is handled by six mailservers having a total of 20 IP numbers. AKA: Google mail.

    *******
    Before rating these... the dig needs to be completed and the domains sorted as to what they offer; ie, phish, scam, malicious content, etc.
    Before examining these domain, ensure you have your AV up to date and preferably use sandboxie or other form of sandbox/VM.
    -------
    WOT Services Ltd. - gives us safety through Web of Trust.
    WOT Community - gives us security through unity.
    Thank you all
    - G7W
  6. User picture
    • sneaky89 on Wed 21 Oct 2009
    • 10:17:09 PM UTC

    Thanks

    Thanks everyone (especially "g7w") for the reviews. I just got the alert on Skype also. I was about to go to the site. But now that I know its a scam, I'm NOT gunna fall for it. Thanks to all who have spoken out on this. Its greatly appriciated. You guys rock!