DNS Changer Trojan distributing Site
Site Name: Lightticket.net
IP Address: 64.28.184.163
Registrar: ESTDOMAINS, INC.
Name Servers:
ns1.lightticket.net [64.28.184.162]
ns2.lightticket.net [64.28.184.166]
The installers from these two sites were scanned and here are the results:
VirusTotal Scan Result: 11/31 (35.48%)
AntiVir 7.6.0.78 2008.03.28 TR/Zlob.72484
Avast 4.7.1098.0 2008.03.29 Win32:Zlob-ARJ
AVG 7.5.0.516 2008.03.28 Downloader.Zlob.TSF
BitDefender 7.2 2008.03.29 DeepScan:Generic.Zlob.7.1FED44BB
CAT-QuickHeal 9.50 2008.03.28 Win32.Trojan.DNSChanger.jc
FileAdvisor 1 2008.03.29 High threat detected
F-Prot 4.4.2.54 2008.03.28 W32/Zlob.F.gen!Eldorado
McAfee 5262 2008.03.28 Puper
Prevx1 V2 2008.03.29 Trojan.Zlob
TheHacker 6.2.92.258 2008.03.29 Trojan/DNSChanger.ik
Webwasher-Gateway 6.6.2 2008.03.29 Trojan.Zlob.72484
Stay away from this site.
Bharath M N
IP Address: 64.28.184.163
Registrar: ESTDOMAINS, INC.
Name Servers:
ns1.lightticket.net [64.28.184.162]
ns2.lightticket.net [64.28.184.166]
The installers from these two sites were scanned and here are the results:
VirusTotal Scan Result: 11/31 (35.48%)
AntiVir 7.6.0.78 2008.03.28 TR/Zlob.72484
Avast 4.7.1098.0 2008.03.29 Win32:Zlob-ARJ
AVG 7.5.0.516 2008.03.28 Downloader.Zlob.TSF
BitDefender 7.2 2008.03.29 DeepScan:Generic.Zlob.7.1FED44BB
CAT-QuickHeal 9.50 2008.03.28 Win32.Trojan.DNSChanger.jc
FileAdvisor 1 2008.03.29 High threat detected
F-Prot 4.4.2.54 2008.03.28 W32/Zlob.F.gen!Eldorado
McAfee 5262 2008.03.28 Puper
Prevx1 V2 2008.03.29 Trojan.Zlob
TheHacker 6.2.92.258 2008.03.29 Trojan/DNSChanger.ik
Webwasher-Gateway 6.6.2 2008.03.29 Trojan.Zlob.72484
Stay away from this site.
Bharath M N
