Bogus Video Player Error

Landing on “pornflash(dot)tv” the viewer will see the following bogus error …



Simply visiting this page with olders Windows versions you will get whacked automatically from “zerocodec(dot)com” which is detected as another varient of Trojan.Win32.DNSChanger. Matter of fact “zerocodec(dot)com” is registered to the same person, (although the Whois info is most likely bogus also) as in my previous blog (vivacodec(dot)net).


Vivacodec has been in the news lately as the Codec gang has finally made the leap to infecting MAC machines also …


Both sites are hosted at Cernel which seems to be home of the majority of the Codec infections … lately these codec sites only seem to last a few days (until someone reports them) then they simply register a new site and start all over again. I suspect this gives Cernel the chance to state … “see we are shutting them down” … but then why does Cernel allow the same person to register another site and continue operations? …



Comments are closed.