Beware of fake PornTube sites

Seems the malware creeps are playing on the popularity of “PornTube” an adult type version of YouTube …

Notice the title of the page … and there are quite a few using the same title. Which is also a “Google.Warning” site …

Yikes! … accessing this site you not only get a typical (bogus) “you need to download …” prompt, but you get whacked in the background from an embedded page with “VBS/TrojanDownloader.Psyme.Gen trojan“.

3xmaster” is hosted at Upl Telecom S.r.o via ESTDOMAINS/PrivacyProtect. The Trojan.Codec download is from “avsmanufacture(dot)com” which is already included in the HOSTS file.

avsmanufacture” is hosted at Ukrtelegroup Ltd via ESTDOMAINS/PrivacyProtect = Ukrtelegroup Ltd … I would suggest adding that IP address to the “Restricted Zone

2 Responses to “Beware of fake PornTube sites”

  1. PrivacyProtect? You just need to learn how to have it opened. For example, there is privacy protection on’s registration right at the moment. And I will have it opened within several hours.

    Tom Bluewater

  2. Help!

    What should I do?

    I downloaded the ‘codec’ and ran it.

    silly me…