Same scam different approach

Landing on an adult site and clicking a link results in the below bogus message … “Special media software” is required … yeah right … it’s nothing more than another Trojan.Zlob infection.



However the “codec” file (videosaccess.exe) that tries to install is coming from an IP address: 205.252.48.12, since you can not add IP addresses to a HOSTS file, I would suggest adding that address to your IE Restricted Zone. Once you have done that and if the above occurs, you’ll see the following prompt which effectively blocks that address from downloading the malware file.



I scanned the file at VirusTotal and it is not very well detected yet … you can see the SunBelt Research results here … notice at the bottom of the report that Ultimate Cleaner also gets installed. Ultimate Cleaner is a Rogue/Suspect product that is already included in the HOSTS file …


 



Leave a Reply

*