I received a frantic message from a friend when she saw a message that “virus found” on her Mac. She then sent me a few photos of the message.
As it turns out, it is related to none other than MacKeeper. In January2014, a class action lawsuit was filed against ZeoBIT, the maker of MacKeeper.
“macoscheck.com” was registered on December 26, 2015.
Whois info on macoscheck.com:
Deus-ex-Mac:~ ultra-slacker$ whois macoscheck.com
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: MACOSCHECK.COM
Registrar: INTERNET DOMAIN SERVICE BS CORP
Sponsoring Registrar IANA ID: 2487
Whois Server: whois.internet.bs
Referral URL: http://www.internetbs.net
Name Server: NS1.SPEEDLOADINGSERVER.COM
Name Server: NS2.SPEEDLOADINGSERVER.COM
Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Updated Date: 26-dec-2015
Creation Date: 26-dec-2015
Expiration Date: 26-dec-2016
>>> Last update of whois database: Wed, 06 Jan 2016 11:49:01 GMT <<<
For more information on Whois status codes, please visit
https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.
NOTICE: The expiration date displayed in this record is the date the
registrar’s sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant’s agreement with the sponsoring
registrar. Users may consult the sponsoring registrar’s Whois database to
view the registrar’s reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services’ (“VeriSign”) Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain Name: MACOSCHECK.COM
Registry Domain ID: 1989721914_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.internet.bs
Registrar URL: http://www.internetbs.net
Updated Date: 2015-12-26T12:22:03Z
Creation Date: 2015-12-26T12:22:03Z
Registrar Registration Expiration Date: 2016-12-26T12:22:03Z
Registrar: Internet Domain Service BS Corp.
Registrar IANA ID: 2487
Registrar Abuse Contact Email: abuse@internet.bs
Registrar Abuse Contact Phone: +44.7546458118
Reseller:
Domain Status: clientTransferProhibited – http://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: Domain Admin
Registrant Organization: Whois Privacy Corp.
Registrant Street: Ocean Centre, Montagu Foreshore, East Bay Street
Registrant City: Nassau
Registrant State/Province: New Providence
Registrant Postal Code: 0000
Registrant Country: BS
Registrant Phone: +1.5163872248
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: macoscheck.com-owner@customers.whoisprivacycorp.com
Registry Admin ID:
Admin Name: Domain Admin
Admin Organization: Whois Privacy Corp.
Admin Street: Ocean Centre, Montagu Foreshore, East Bay Street
Admin City: Nassau
Admin State/Province: New Providence
Admin Postal Code: 0000
Admin Country: BS
Admin Phone: +1.5163872248
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: macoscheck.com-admin@customers.whoisprivacycorp.com
Registry Tech ID:
Tech Name: Domain Admin
Tech Organization: Whois Privacy Corp.
Tech Street: Ocean Centre, Montagu Foreshore, East Bay Street
Tech City: Nassau
Tech State/Province: New Providence
Tech Postal Code: 0000
Tech Country: BS
Tech Phone: +1.5163872248
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: macoscheck.com-tech@customers.whoisprivacycorp.com
Name Server: ns1.speedloadingserver.com
Name Server: ns2.speedloadingserver.com
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2016-01-06T11:49:10Z <<<
Whois info on speedloadingserver.com:
Deus-ex-Mac:~ ultra-slacker$ whois speedloadingserver.com
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: SPEEDLOADINGSERVER.COM
Registrar: TLD REGISTRAR SOLUTIONS LTD
Sponsoring Registrar IANA ID: 1564
Whois Server: whois.tldregistrarsolutions.com
Referral URL: http://www.tldregistrarsolutions.com
Name Server: NS-CANADA.TOPDNS.COM
Name Server: NS-UK.TOPDNS.COM
Name Server: NS-USA.TOPDNS.COM
Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Updated Date: 09-sep-2015
Creation Date: 03-sep-2015
Expiration Date: 03-sep-2016
>>> Last update of whois database: Wed, 06 Jan 2016 12:17:54 GMT <<<
For more information on Whois status codes, please visit
https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.
NOTICE: The expiration date displayed in this record is the date the
registrar’s sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant’s agreement with the sponsoring
registrar. Users may consult the sponsoring registrar’s Whois database to
view the registrar’s reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services’ (“VeriSign”) Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain Name: SPEEDLOADINGSERVER.COM
Registry Domain ID: 1957177560_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.tldregistrarsolutions.com
Registrar URL: http://www.tldregistrarsolutions.com
Updated Date: 2015-09-09T07:28:32Z
Creation Date: 2015-09-03T07:26:31Z
Registrar Registration Expiration Date: 2016-09-03T07:26:31Z
Registrar: TLD Registrar Solutions Ltd.
Registrar IANA ID: 1564
Registrar Abuse Contact Email: abuse@tldregistrarsolutions.com
Registrar Abuse Contact Phone: +44.2034357312
Reseller:
Domain Status: clientTransferProhibited – http://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: Domain Admin
Registrant Organization: Whois Privacy Corp.
Registrant Street: Ocean Centre, Montagu Foreshore, East Bay Street
Registrant City: Nassau
Registrant State/Province: New Providence
Registrant Postal Code: 0000
Registrant Country: BS
Registrant Phone: +1.5163872248
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: speedloadingserver.com-owner@customers.whoisprivacycorp.com
Registry Admin ID:
Admin Name: Domain Admin
Admin Organization: Whois Privacy Corp.
Admin Street: Ocean Centre, Montagu Foreshore, East Bay Street
Admin City: Nassau
Admin State/Province: New Providence
Admin Postal Code: 0000
Admin Country: BS
Admin Phone: +1.5163872248
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: speedloadingserver.com-admin@customers.whoisprivacycorp.com
Registry Tech ID:
Tech Name: Domain Admin
Tech Organization: Whois Privacy Corp.
Tech Street: Ocean Centre, Montagu Foreshore, East Bay Street
Tech City: Nassau
Tech State/Province: New Providence
Tech Postal Code: 0000
Tech Country: BS
Tech Phone: +1.5163872248
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: speedloadingserver.com-tech@customers.whoisprivacycorp.com
Name Server: ns-canada.topdns.com
Name Server: ns-uk.topdns.com
Name Server: ns-usa.topdns.com
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2016-01-06T12:16:03Z <<<