Blog for hpHosts, and whatever else I feel like writing about ....

Wednesday, 26 March 2014

ALERT: Green Tech Software LLC

... and the crapware just keeps on a' comin'

This one was found on bayfiles.net, and yep, they're fully aware of it (impossible to miss). See if you can spot the two problems here;

Spotted it? What do you mean no!

Seriously though, the first is far more obvious than the second, for those not used to being able to spot this rubbish. See that lovely little "bar" at the top? Well that's the blatantly obvious one. This leads to utorrent.descargar.es.

The second is the download button that err - isn't. These lead to crapware from Green Tech Software LLC, via 1phads.com and fishcod.com, and guess what it actually delivers ........ Yep, "Codec Performer".

Offending URLs:

hxxp://bayfiles.net/file/Skpl/TUtckf/Black_Crusade_The_Tome_of_Excess.7z
hxxp://utorrent.descargar.es/en/down.php?p=UK-1phads
hxxp://1phads.com/afu.php?zoneid=5900
hxxp://bayfiles.net/img/download-button-orange.png
hxxp://1phads.com/uban.php?r=Tc1XgxDYp_BM-gXutIXN9MMspZxoXRS2yszKditYRtrfw7iRJ3cTj09oGH1-EfJUxjJJ_I1l5mRlgQ1Mob9jvGHLzXjdw0vJSAHcIhbfja09KBkxLi3DuPGJIcoLkNaCCpcJBDkjCoMP72bbNArxTC16Wkd4oSOhB58UQquMP729wp5mkVUoa5ipNFi1ooBY5AUMUWg94JiHoHeq8wKo3Ungr3i8HVwSWNOcJ4yRoQXRbslWdoi9dH75z7ngmfBr
hxxp://1phads.com/ck.php?oaparams=2__bannerid=85744__zoneid=4082__OXLCA=1__cb=8b22970bfc__oadest=hxxp%3A%2F%2Fwww.clkads.com%2FadServe%2Faff%3Foid%3D7526%26pid%3D2556%26subid%3D%24{SUBID}
hxxp://1phads.com/ck.php?ct=1&oaparams=2__bannerid=85744__zoneid=4082__OXLCA=1__cb=8b22970bfc__oadest=hxxp%3A%2F%2Fwww.clkads.com%2FadServe%2Faff%3Foid%3D7526%26pid%3D2556%26subid%3D%24{SUBID}
hxxp://www.clkads.com/adServe/aff?oid=7526&pid=2556&subid=4946299328
hxxp://www.fishcod.com/lp/codecperformer/?v=28&cid=4225&clickid=00002556p9087732588
hxxp://www.fishcod.com/lp/codecperformer/v28/?v=28&cid=4225&clickid=00002556p9087732588
hxxp://www.appfusu.com/download4/$rfwebpA3I0UlnA0p?v=28&cid=4225&clickid=00002556p9087732588&cert=grts


IPs:

192.121.121.44
93.189.35.250
93.189.35.248
78.140.173.146
78.140.173.147
108.168.157.82
96.45.82.133
96.45.82.5
96.45.82.197
96.45.82.69

FYI, ALL download pages on bayfiles.net display the same rubbish, leading to the same crap you really don't want anywhere near your machine.

No comments: