Saturday, September 06, 2008

Fake Windows Media Player!

Here's a rogue website which fakes Windows Media Player. This time, gang behind these websites has given good amount of attention-to-detail for their fake Windows Media Player. This fake player initially tries to "search" for codecs in update.microsoft.com and then offers a codec (fake, obviously!) for download. Here are some of the screenshots of fake player:







The codec is named as Megazcodec and is hosted at http://megazcodec.com. Megazcodec is yet another Zlob/DNSChanger variant; however it is not well detected as of now. The VirusTotal report is as shown:

File megazcodec.v3.104.exe
AntiVir 7.8.1.28 - TR/Dropper.Gen
BitDefender - Trojan.DNSChanger.VD
Ikarus - Win32.SuspectCrc
Sunbelt 3.1.1610.1 - Media Code, Inc (v)
Webwasher-Gateway - Trojan.Dropper.Gen


Complete VirusTotal scan result can be found here.

1 Comments:

Blogger Art said...

here is another fake

http://91.121.74.160/error/codec9.3.1/

9:52 PM  

Post a Comment

<< Home