Wednesday, July 23, 2008

Malware distributing sites

Malware distributing sites


Trojan-Downloader Distributing sites

Site Name: Iwillseethatvideo.com
IP Address: 91.203.92.53

The Trojan installs the following Malicious BHO

O2 - BHO: BHO.ext2 - {401F4B6B-3C36-4E8D-BC07-F46FC6D67D9A} - C:\WINDOWS\system32\ieflt.dll

Site Name: Comeforvidsoft.com
IP Address: 91.203.92.53

The Trojan installs the following Malicious BHO

O2 - BHO: search toolbar - {7D76D0EB-AE56-4DF4-AFFC-20AFF4344AC6} - C:\WINDOWS\system32\tbsrch.dll

These sites belongs to IE-defender family and the BHO is used to push IE-Antivirus which is a well documented rogue security application.

MediaTubeCodec Trojan Distributing site:

Site Name: Best-soft-maxi.com
Site Name: Best-freeware2008.com
Site Name: Soft2008freeware.com
IP Address: 91.203.70.18

Stay away from these sites.

Bharath M N

blog comments powered by Disqus