Hi malware fighters,
HTTP Fake Codec WebPage
Location: htxp://www.adobe-update.co.cc/ finjan misses the detection…
This signature detects HTTP redirects and/or web pages which misleading applications use to attempt to lure users into downloading applications which may compromise the target host.
Misleading applications intentionally misrepresent the security status of a computer. Misleading applications attempt to convince the user that he or she must remove potentially malware or security risks (usually nonexistent or fake) from the computer. The application will hold the user hostage by refusing to allow him or her to remove or fix the phantom problems until the ‘required’ software is purchased and installed. Misleading applications often look convincing - the programs may look like legitimate security programs and often have corresponding websites with user testimonials, lists of features, etc.
Do not go there, beause Wepawet says: suspicious:
http://wepawet.iseclab.org/view.php?hash=b99553bade6583b859d66bc602e058d8&t=1277644122&type=js
Source of the fake codec: htxp://jsunpack.jeek.org/dec/go?report=bc44068feddda74cf82f8a1b06cc63e1d0bd333e
See attached image taken from the site in malzilla:
See other blocked site from Russian Fededration with the fake codec: http://hosts-file.net/?s=liveinternet.ru
LiveInternet @ Статистика, дневники, одноклассники, почта, знакомства, маркет
through a hidden link: # hidden Войти - htxp://www.liveinternet.ru/stat/
See the various malware description links given here at this page:
http://www.unmaskparasites.com/web-page-options/?url=http%3A//www.liveinternet.ru/stat/
polonus