Trojan distributing sites
Zlob Trojan Distributing site:
Site Name: Flwtool.com
IP Address: 77.91.231.183
Site Name: Flwapplication.com
IP Address: 85.255.120.107
DNS Changer Trojan Distributing site:
Site Name: Gigaticket.net
IP Address: 64.28.184.180
Trojan-Downloader Distributing sites
Site Name: Tmptmpservvv.com
IP Address: 58.65.238.34
The trojan installs the following Malicious BHO
O2 - BHO: EpsonToolBandKicker Class - {87FD33C2-7891-45D5-ACD1-7935F9AEA26B} - C:\WINDOWS\system32\epsondrv.dll
Site Name: Opaadownload.com
IP Address: 193.164.132.208
The trojan installs the following Malicious BHO
O2 - BHO: IESiteBlocker.NavFilter - {1AB6932F-92FE-42E6-870C-544AE458EA78} - C:\WINDOWS\system32\nvfilter.dll
Site Name: Getvcodenow.com
IP Address: 193.164.132.208
The trojan installs the following Malicious BHO
O2 - BHO: IE.Filter - {8B2AE9C0-1555-4C92-905A-531532F15698} - C:\WINDOWS\system32\iefltr.dll
These sites belongs to IE-defender family and the BHO is used to push IE-Antivirus which is a well documented rogue security application. For more information on malicious BHO's visit CastleCops
MediaTubeCodec Trojan Distributing site:
Site Name: Bestsoftware.cc
Site Name: Best-soft08.com
IP Address: 91.203.70.18
Trojan-Downloader-CodecPack Distributing site:
Site Name: Codecupgrade.com
IP Address: 74.50.117.84
All these sites are actively distributing Trojans, Stay away from all these sites.
Bharath M N
Site Name: Flwtool.com
IP Address: 77.91.231.183
Site Name: Flwapplication.com
IP Address: 85.255.120.107
DNS Changer Trojan Distributing site:
Site Name: Gigaticket.net
IP Address: 64.28.184.180
Trojan-Downloader Distributing sites
Site Name: Tmptmpservvv.com
IP Address: 58.65.238.34
The trojan installs the following Malicious BHO
O2 - BHO: EpsonToolBandKicker Class - {87FD33C2-7891-45D5-ACD1-7935F9AEA26B} - C:\WINDOWS\system32\epsondrv.dll
Site Name: Opaadownload.com
IP Address: 193.164.132.208
The trojan installs the following Malicious BHO
O2 - BHO: IESiteBlocker.NavFilter - {1AB6932F-92FE-42E6-870C-544AE458EA78} - C:\WINDOWS\system32\nvfilter.dll
Site Name: Getvcodenow.com
IP Address: 193.164.132.208
The trojan installs the following Malicious BHO
O2 - BHO: IE.Filter - {8B2AE9C0-1555-4C92-905A-531532F15698} - C:\WINDOWS\system32\iefltr.dll
These sites belongs to IE-defender family and the BHO is used to push IE-Antivirus which is a well documented rogue security application. For more information on malicious BHO's visit CastleCops
MediaTubeCodec Trojan Distributing site:
Site Name: Bestsoftware.cc
Site Name: Best-soft08.com
IP Address: 91.203.70.18
Trojan-Downloader-CodecPack Distributing site:
Site Name: Codecupgrade.com
IP Address: 74.50.117.84
All these sites are actively distributing Trojans, Stay away from all these sites.
Bharath M N
