Bogus Video Decryption Tool

Landing on the following site the visitor is presented with a (bogus) message:
These Malware writers sure have a vivid imagination when it comes to messages to fool the public …

As you can see you are redirected to “xp-police-09” for the download … which my AV (NOD32) blocked …

Also on the same IP block … we find yet another bogus prompt … look close it’s an image not a prompt … anyway this one falsely shows it from Microsoft. Yeah right! … Microsoft’s install prompts certainly do not look like that … but I imagine some people will fall for this trick …

However the download (DivX.Codec.8.0.beta.exe) is from “titmix. net
The Google Diagnostic reports: “Malicious software includes 63 trojan(s)”

The Google Diagnostic report for “0dax” = “Malicious software includes 50 trojan(s)”



2 Responses to “Bogus Video Decryption Tool”

  1. It would be nice if you could post the HOSTS file additions that we need to add in plain text format instead of an image ? 🙂

  2. Toppy,
    I make hundreds of changes in the HOSTS file between updates … so it would be a bit much to post additions all the time. As for the “image” … people just can’t help themselves and would end up copying the entries and visiting these malware sites … thus infecting themselves.

    If really needed you could copy the sites listed by hand, but these are just a few of the hundreds of changes made between updates …