Bogus Video Decryption Tool
Landing on the following site the visitor is presented with a (bogus) message:
These Malware writers sure have a vivid imagination when it comes to messages to fool the public …
As you can see you are redirected to “xp-police-09” for the download … which my AV (NOD32) blocked …
Also on the same IP block … we find yet another bogus prompt … look close it’s an image not a prompt … anyway this one falsely shows it from Microsoft. Yeah right! … Microsoft’s install prompts certainly do not look like that … but I imagine some people will fall for this trick …
However the download (DivX.Codec.8.0.beta.exe) is from “titmix. net“
The Google Diagnostic reports: “Malicious software includes 63 trojan(s)”
The Google Diagnostic report for “0dax” = “Malicious software includes 50 trojan(s)”
2 Comments »
Filed under: Uncategorized
February 26th, 2009 at 2:27 pm
It would be nice if you could post the HOSTS file additions that we need to add in plain text format instead of an image ? 🙂
February 27th, 2009 at 5:54 am
Toppy,
I make hundreds of changes in the HOSTS file between updates … so it would be a bit much to post additions all the time. As for the “image” … people just can’t help themselves and would end up copying the entries and visiting these malware sites … thus infecting themselves.
If really needed you could copy the sites listed by hand, but these are just a few of the hundreds of changes made between updates …