Do NOT download any installers from this website. Note that this program is a DNS Changer.
It pretends to be a browser add-on for viewing porn which is actually a Trojan Horse program.
CodecPretty.net
Virustotal Results:14/32 (43.75%)
My sample is CodecPretty1001.exe
AntiVir ------> HEUR/Malware
AVG ------> Downloader.Zlob.KF
BitDefender ------> Trojan.Zlob.BYQ
CAT-QuickHeal ------> Win32.Trojan.DNSChanger.abj
eSafe ------> Win32.DNSChanger.abj
Fortinet ------> W32/Zlobar.ADZ!tr
F-Secure ------> Trojan.Win32.DNSChanger.acv
Kaspersky ------> Trojan.Win32.DNSChanger.adz
Microsoft ------> Trojan:Win32/Alureon.gen!E
Prevx1 ------> Generic.Dropper.xCodec
Sophos ------> Troj/Zlobar-Fam
Symantec ------> Trojan.Zlob
TheHacker ------> Trojan/Downloader.Zlob.eie
Webwasher-Gateway ------> Heuristic.Malware
Domain Name: codecpretty.net
Status: ok
Registrar: ESTDOMAINS, INC.
Referral URL: http://www.estdomains.com
Expiration Date: 2008-09-21
Creation Date: 2007-09-21
Last Update Date: 2007-12-11
Name Servers:
ns1.codecpretty.net
ns2.codecpretty.net
IP Address: 64.28.184.188
Website Status: active
Server Type: Apache/2.0.59 (FreeBSD) PHP/5.2.1 with Suhosin-Patch
Cache Date: 2007-12-13 03:17:45 MST
No comments:
Post a Comment