Archive for January, 2007

HOSTS file update 01-31-07

I’ve updated the HOSTS file today … you may notice a bigger than normal increase in the file size. This is due to the tremendous explosion of these Trojan.Codec related sites. It must be profitable or they wouldn’t be registering so many new sites … Download: (133 kb) How To: Download and Extract […]

Google adds new Warning to harmful sites

If a users search results from Google happens to turn up a known harmful site, the user will see the following: Notice the new “This site may harm your computer” warning (view here) … so what happens if you ignore this warning and proceed anyway? … duh! Don’t do it! As you can see above […]

Oh what a nasty place

Landing on xmoviesportal(dot)com results in the below prompt which is another IFrame Exploit from And if that’s not enough, clicking a link redirects you to videoaxobject(dot)com which is yet another Trojan.Zlob infection … nice place huh? I would recommend adding to your IE Restricted Zone, the other sites mentioned will be added to […]

Same scam different approach

Landing on an adult site and clicking a link results in the below bogus message … “Special media software” is required … yeah right … it’s nothing more than another Trojan.Zlob infection. However the “codec” file (videosaccess.exe) that tries to install is coming from an IP address:, since you can not add IP addresses […]

Bogus ActiveX Error

Looks like the Trojan.Codec guys have come up with a new scam … trying to make you believe that an error has occured. I’ve found two different type error boxes from two different culprits. Even if you click Cancel, you guessed it you can’t get out … another box appears prompting you to install “Image […]

Selected best of the best in Freeware

 For the 2nd year in a row the MVPS HOSTS file has been selected “best of the best in Freeware” by Pricelessware

When Sites are Hacked visitors get whacked

It looks like another Game site got hacked and one line of HTML code was added to their site, which will infect unsuspecting visitors that are not using the latest versions and updates of Windows and Internet Explorer. As you can see in the image IE7 stopped the infection and prompts the user via the […]

How Spamdexing works

As you can see in the below image below a seemly harmless “.edu” link from a Google search, can result in the user being redirected to a unwanted website that attempts to install a Trojan Codec. The “.edu” link automatically redirects to “xxxvideossite(dot)com” site. (displayed in red = already blocked in the HOSTS file) Which […]

Another bogus Codec site

It seems like these guys setup a new bogus “codec” site every few days … however these new versions try to install themselves automatically … luckly IE7 stops this action, for now until they figure a way around it. This new culprit is registered thru who else? … EstDomains/InterCagetvscodec(dot)com = which is registered to […]

When Adult Webmasters complain

When Adult webmasters complain about the tactics of other adult webmasters, they must be really bad. They have even compiled lists of the culprits, which I went thru especially the ones marked as exploits. Many of these exploit sites were related to Trojan.Zlob, or Trojan.Codec infections, however many others had multiple exploits. What I found […]