Print the value of index0
  • Report:  #545102

Complaint Review: Antivirus Software (c)

Antivirus Software ,c Antivirus Live 2010 Sham anti virus software London, Other

  • Reported By:
    AlanM — Bellingham Washington USA
  • Submitted:
    Fri, December 25, 2009
  • Updated:
    Fri, December 25, 2009

This "business" claims to provide anti-virus software but so many things about this company simply are not right.

A windows XP computer was infected and damaged by the software downloaded from
http://www.winvantivirus.com/company.php

I similar report found here reported the web address of http://worldantispyware1.com.
Buy checking DNS Name server records I found that both address are being served by the same IP Address

Domain Name: WINVANTIVIRUS.COM
   Registrar: TODAYNIC.COM, INC.
   Whois Server: whois.todaynic.com
   Referral URL: http://www.NOW.CN
   Name Server: NS1.WINVANTIVIRUS.COM
   Name Server: NS2.WINVANTIVIRUS.COM
   Status: clientTransferProhibited
   Updated Date: 14-nov-2009
   Creation Date: 14-nov-2009
   Expiration Date: 14-nov-2010

IP Address     
193.104.22.50

 Domain Name: WORLDANTISPYWARE1.COM
   Registrar: TODAYNIC.COM, INC.
   Whois Server: whois.todaynic.com
   Referral URL: http://www.NOW.CN
   Name Server: NS1.WORLDANTISPYWARE1.COM
   Name Server: NS2.WORLDANTISPYWARE1.COM
   Status: clientTransferProhibited
   Updated Date: 14-nov-2009
   Creation Date: 14-nov-2009
   Expiration Date: 14-nov-2010

IP Address     
193.104.22.50

Both sites have a company page that cites flawed contact information.

Antivirus Software, Inc,


Great Marlborough Str. 72


London


SE12TU


GB

As far as I can determine using Google Earth this street in a Shopping District. And the address does not match to any building on the street.

The address of 193.104.22.50 of the server computer running these sites is reported to be at Latitude 23.1167 and Longitude 113.25 with corresponds to the island of Malta.
Why does a London business have multiple version of their own website coming from "Malta" - It much more likely the server hosting these sites is in China. That is where the DNS machine server the information about these web address is originating - and is much more difficult to falsify the location of DNS machines.

The IP Address of the DNS Machine is in China:

119.146.222.153
[admacbook:~] Alan% traceroute www.todaynic.com
traceroute to cdn10.todayisp.net (119.146.222.153), 64 hops max, 52 byte packets
 1  10.187.102.89 (10.187.102.89)  4.381 ms  1.667 ms  1.719 ms
 2  10.164.8.1 (10.164.8.1)  8.685 ms  8.410 ms  8.162 ms
 3  ws-osr2-vl10.zoomtown.com (216.68.212.3)  10.204 ms  10.362 ms  10.790 ms
 4  nhg-fuse24.zoomtown.com (216.68.212.100)  9.802 ms  9.704 ms  10.129 ms
 5  * * *
 6  unknownblockname046.wvfiber.net (66.216.1.46)  15.054 ms  12.195 ms  15.673 ms
 7  unknownblockname037.wvfiber.net (66.216.1.37)  22.036 ms  22.072 ms  22.031 ms
 8  dal-ten2-1-nsh-ten1-4.wvfiber.net (64.127.130.50)  38.322 ms  39.207 ms  38.788 ms
 9  la-ten3-8-dal-ten2-2.wvfiber.net (64.127.129.126)  67.698 ms  66.788 ms  66.450 ms
10  laiix.chinatelecomusa.net (198.32.146.42)  72.208 ms  73.493 ms  72.248 ms
11  202.97.51.89 (202.97.51.89)  431.268 ms  606.428 ms  235.254 ms
12  202.97.60.61 (202.97.60.61)  227.447 ms  412.435 ms  226.111 ms
13  202.97.34.202 (202.97.34.202)  226.493 ms  563.099 ms  226.930 ms
14  * * *
15  202.105.178.182 (202.105.178.182)  239.329 ms  238.606 ms  236.561 ms
16  * * *
17  119.146.222.153 (119.146.222.153)  497.204 ms  372.735 ms  238.112 ms

IP Address     
119.146.222.153

Provider            
ChinaNet Guangdong Province Network

State            
Guangdong

Latitude
23.1167

Longitude
113.25

I tried calling the phone number listed [ 1.800.221.72.19 ] and I listened to answering machine for a copier business in Oregon.

What amazes me is how these guys can keep getting Merchant Accounts to bill Credit Cards.
MasterCard, Visa, AmEx should really get better at tracking these sham businesses that are complete un-contactable.

---------------------------------

Here is the complete DNS Record for

Domain name: WINVANTIVIRUS.com

Status: Active

Protection Status: public
( make contact info private at http://www.now.cn/domain/domainPrivate.php )

Registrant: 
Name: private persone
Address: Moskow
City: Moskow
Province/state: MSK
Country: RU
Postal Code: 130610

Administrative Contact: 
Name: private persone
Organization: private persone
Address: Moskow
City: Moskow
Province/state: MSK
Country: RU
Postal Code: 130610
Phone: +7.9957737744
Fax: +7.9957737744
Email: admin@winvantivirus.com

Technical Contact:
Name: private persone
Organization: private persone
Address: Moskow
City: Moskow
Province/state: MSK
Country: RU
Postal Code: 130610


Nameserver Information:


ns1.winvantivirus.com


ns2.winvantivirus.com
When it comes to buying antivirus software,
go to real physical store to get it!
Or switch to a Mac, no more hassles.
Respond to this Report!