domainwatch.org

Here is some general information on SearchEx:

Searchex is a homepage- and search-hijacker pointing at searchex.com refers to: http://www.doxdesk.com/parasite/Searchex.html

See also http://www.spywareinfo.com/articles/cws/

from: whois.enom.com

Registration Service Provided By: IMCO
Contact: info@imco.com
Visit: http://www.imco.com

Domain name: cantfind.com

Registrant Contact:
cantfind.com
cant find (mail@cantfind.com)
+967.-
Fax: -
cantfind.com
-, -
YE

Administrative Contact:

- - (mail@cantfind.com)
+967.-
Fax: -
-
-, -
YE

Technical Contact:
-
- - (mail@cantfind.com)
+1.-
Fax: none
-
-, -
YE

Billing Contact:
cantfind.com
cant find (mail@cantfind.com)
+967.-
Fax: -
cantfind.com
-, -
YE

Status: registrar-lock

Name Servers:
ns1.cantfind.com
ns2.cantfind.com

Creation date: 07 Jun 2002 01:59:55
Expiration date: 07 Jun 2004 01:59:55

The domain name “dig’s” below show that Craig Oehlers and his company, ProWeb Solutions, are the domain name contact for cantfind.com, imco.com, di.com.au and searchex.com. Bradley Norrish’s ns1.registrations.com.au is the authoritative domain name server for cantfind.com.

josh @ whim [~] > dig SOA cantfind.com

; < <>> DiG 8.2 < <>> SOA cantfind.com
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER< <- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUERY SECTION:
;; cantfind.com, type = SOA, class = IN

;; ANSWER SECTION:
cantfind.com. 4H IN SOA ns1.registrations.com.au. srv874.proweb.net.au. (
1043061938 ; serial
8H ; refresh
2H ; retry
5w6d16h ; expiry
1D ) ; minimum

;; AUTHORITY SECTION:
cantfind.com. 4H IN NS ns1.registrations.com.au.
cantfind.com. 4H IN NS ns2.registrations.com.au.

;; ADDITIONAL SECTION:
ns1.registrations.com.au. 4H IN A 66.78.1.51
ns2.registrations.com.au. 4H IN A 66.78.1.52

;; Total query time: 3447 msec
;; FROM: whim to SERVER: default -- 127.0.0.1
;; WHEN: Sat Jan 3 00:39:53 2004
;; MSG SIZE sent: 30 rcvd: 172

josh @ whim [~] > dig SOA imco.com

; < <>> DiG 8.2 < <>> SOA imco.com
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER< <- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUERY SECTION:
;; imco.com, type = SOA, class = IN

;; ANSWER SECTION:
imco.com. 3h56m51s IN SOA ns1.imco.com. craig.di.com.au. (
2003103004 ; serial
8H ; refresh
2H ; retry
5w6d16h ; expiry
1D ) ; minimum

;; AUTHORITY SECTION:
imco.com. 1d23h56m43s IN NS ns1.imco.com.
imco.com. 1d23h56m43s IN NS ns2.imco.com.

;; ADDITIONAL SECTION:
ns1.imco.com. 1d23h56m43s IN A 216.74.96.61
ns2.imco.com. 1d23h56m43s IN A 216.74.96.62

;; Total query time: 1 msec
;; FROM: whim to SERVER: default -- 127.0.0.1
;; WHEN: Sat Jan 3 00:44:56 2004
;; MSG SIZE sent: 26 rcvd: 145

josh @ whim [~] > dig SOA di.com.au

; < <>> DiG 8.2 < <>> SOA di.com.au
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER< <- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUERY SECTION:
;; di.com.au, type = SOA, class = IN

;; ANSWER SECTION:
di.com.au. 3h56m54s IN SOA ns1.imcoserv.com. craig.di.com.au. (
2003111000 ; serial
8H ; refresh
2H ; retry
5w6d16h ; expiry
1D ) ; minimum

;; AUTHORITY SECTION:
di.com.au. 56m50s IN NS ns1.imcoserv.com.
di.com.au. 56m50s IN NS ns2.imcoserv.com.

;; ADDITIONAL SECTION:
ns1.imcoserv.com. 1d19h15m34s IN A 216.74.96.2
ns2.imcoserv.com. 1d19h15m34s IN A 216.74.96.3

;; Total query time: 1 msec
;; FROM: whim to SERVER: default -- 127.0.0.1
;; WHEN: Sat Jan 3 00:45:22 2004
;; MSG SIZE sent: 27 rcvd: 149

josh @ whim [~] > dig SOA searchex.com

; < <>> DiG 8.2 < <>> SOA searchex.com
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER< <- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUERY SECTION:
;; searchex.com, type = SOA, class = IN

;; ANSWER SECTION:
searchex.com. 3h57m58s IN SOA ns1.dnsworldwide.com. srv874.proweb.net.au. (
1045740142 ; serial
8H ; refresh
2H ; retry
5w6d16h ; expiry
1D ) ; minimum

;; AUTHORITY SECTION:
searchex.com. 1d21h33m54s IN NS ns1.dnsworldwide.com.
searchex.com. 1d21h33m54s IN NS ns2.dnsworldwide.com.

;; ADDITIONAL SECTION:
ns1.dnsworldwide.com. 1d23h57m54s IN A 66.78.1.81
ns2.dnsworldwide.com. 1d23h57m54s IN A 66.78.1.82

;; Total query time: 1 msec
;; FROM: whim to SERVER: default -- 127.0.0.1
;; WHEN: Sat Jan 3 00:45:42 2004
;; MSG SIZE sent: 30 rcvd: 170

from: whois.enom.com

Registration Service Provided By: Internet Registrations Worldwide
Contact: info@irww.com
Visit: http://www.irww.com

Domain name: system-update.net

Administrative Contact:
Internet Registrations Worldwide
Peter Jacobs (info@irww.com)
+61.892257278
Fax: +61.892257276
Level 2
East Perth, WA 6004
AU

Billing Contact:
Internet Registrations Worldwide
Peter Jacobs (info@irww.com)
+61.892257278
Fax: +61.892257276
Level 2
East Perth, WA 6004
AU

Technical Contact:
Internet Registrations Worldwide
Peter Jacobs (info@irww.com)
+61.892257278
Fax: +61.892257276
Level 2
East Perth, WA 6004
AU

Registrant Contact:
Internet Registrations Worldwide
Peter Jacobs (info@irww.com)
+61.892257278
Fax: +61.892257276
Level 2
East Perth, WA 6004
AU

Status: registrar-lock

Name Servers:
dns1.name-services.com
dns2.name-services.com
dns3.name-services.com
dns4.name-services.com
dns5.name-services.com

Creation date: 12 Mar 2003 20:36:05
Expiration date: 12 Mar 2004 20:36:05

from: http://www.cantfind.com/

lists the next URL:

from: http://www.cantfind.com/clubdicecasino_popup.htm

” …

<a xhref=”http://banner.clubdicecasino.com/cgi-bin/redir.cgi?norrish” target=”_blank”>

… “

http://groups.google.com.au/groups?selm=034344033200a23FE5%40mail5.sc.rr.com&oe=UTF-8

from: whois.enom.com

Registration Service Provided By: Internet Registrations Worldwide
Contact: info@irww.com
Visit: http://www.irww.com

Domain name: valentines-ecard.com

Administrative Contact:
Internet Registrations Worldwide
Peter Jacobs (info@irww.com)
+61.892257278
Fax: +61.892257276
Level 2
East Perth, WA 6004
AU

Billing Contact:
Internet Registrations Worldwide
Peter Jacobs (info@irww.com)
+61.892257278
Fax: +61.892257276
Level 2
East Perth, WA 6004
AU

Technical Contact:
Internet Registrations Worldwide
Peter Jacobs (info@irww.com)
+61.892257278
Fax: +61.892257276
Level 2
East Perth, WA 6004
AU

Registrant Contact:
Internet Registrations Worldwide
Peter Jacobs (info@irww.com)
+61.892257278
Fax: +61.892257276
Level 2
East Perth, WA 6004
AU

Status: registrar-lock

Name Servers:
ns1.dnsworldwide.com
ns2.dnsworldwide.com

Creation date: 06 Feb 2003 01:29:46
Expiration date: 06 Feb 2004 01:29:46

Note below that “PO Box 360 Osborne Park WA 6917″ appears in the AUNIC contact details for Jason Namour, Wilson Young and now this searchex.com whois information:

from: http://groups.google.com.au/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=off&selm=v3br4voom89879d844eat5nl33k5s1pp5a%404ax.com

” …

Registration Service Provided By: Internet Registrations Worldwide
Contact: info@irww.com
Visit: http://www.irww.com

Domain name- searchex.com

Nameservers-
NS1.REGISTRATIONS.COM.AU
NS2.REGISTRATIONS.COM.AU

Start of registration- 11/08/01 14:21:14
Registered through- 11/08/05 14:21:14

Registrant Contact-
Searchex.com
Domain Admin (mail@searchex.com)
+61.892252115
FAX- -
PO BOX 360
OSBORNE PARK, 6917
AU

Administrative Contact-
Searchex.com
Domain Admin (mail@searchex.com)
+61.892252115
FAX- -
PO BOX 360
OSBORNE PARK, 6917
AU

Billing Contact-
Searchex.com
Domain Admin (mail@searchex.com)
+61.892252115
FAX- -
PO BOX 360
OSBORNE PARK, 6917
AU

Technical Contact-
Searchex.com
Domain Admin (mail@searchex.com)
+61.892252115
FAX- -
PO BOX 360
OSBORNE PARK, 6917
AU

… “

http://www.sophos.com/virusinfo/articles/cupid.html

http://vil.nai.com/vil/content/v_100052.htm

alt.comp.virus - Valentines-ecard.com (127 articles)