Malware distributing sites
Zlob Trojan Distributing site:
Site Name: Movieexternal.com
IP Address: 77.91.231.201
Site Name: Licensingvideo.com
IP Address: 85.255.120.107
DNS Changer Trojan Distributing site:
Site Name: Uinticket.com
IP Address: 64.28.184.181
Site Name: Uinticket.net
IP Address: 64.28.184.182
Trojan-Downloader Distributing sites
Site Name: Veryhodownload.com
IP Address: 58.65.238.34
The Trojan installs the following Malicious BHO
O2 - BHO: BHO.Filter - {4AD3A71E-8ED4-40F5-9A81-69245BDCBB75} - C:\WINDOWS\system32\inte_f.dll
These sites belongs to IE-defender family and the BHO is used to push IE-Antivirus which is a well documented rogue security application. Currently the trojan is distributing IE-Antivirus 3.3
Site Name: Movieexternal.com
IP Address: 77.91.231.201
Site Name: Licensingvideo.com
IP Address: 85.255.120.107
DNS Changer Trojan Distributing site:
Site Name: Uinticket.com
IP Address: 64.28.184.181
Site Name: Uinticket.net
IP Address: 64.28.184.182
Trojan-Downloader Distributing sites
Site Name: Veryhodownload.com
IP Address: 58.65.238.34
The Trojan installs the following Malicious BHO
O2 - BHO: BHO.Filter - {4AD3A71E-8ED4-40F5-9A81-69245BDCBB75} - C:\WINDOWS\system32\inte_f.dll
These sites belongs to IE-defender family and the BHO is used to push IE-Antivirus which is a well documented rogue security application. Currently the trojan is distributing IE-Antivirus 3.3
Following are the new sites that the rogue security application is using for its dirty work:
Site Name: Ie-antivirus-order.com
IP Address: 89.149.208.179
Site Name: Getieantivirus.com
IP Address: 58.65.238.34
Ref: Getieantivirus. com/ie-av.exe
MediaTubeCodec Trojan Distributing site:
Site Name: Maxibestsoft.com
IP Address: 91.203.70.18
Stay away from all these sites.
Bharath M N
