Codec sites and why they exist
Landing on "sexy-party(dot)net" the visitor is presented with about 40 large clickable adult images (no other content) which if clicked redirects to another site (example) "fan-porn(dot)com" that urges the user to click here for free Movies. As I've pointed out many times before these "free movies" are more than you bargained for ...
Fortunately IE7 prevents the automatic loading of the Trojan.Codec file, because it certainly downloads without even clicking the "click here" link above ... IE6 users will not be so fortunate and should upgrade ...
There are hundreds of related sites that all contain the same redirect, and the visitor is usually infected with a Rootkit and a whole host of other malware. Lately the Antivirus detects are running sadly at about 30% ... so do not depend on your AV to catch these type infections.
What's worse the majority of these "Codec/Zlob" related sites are run by the same people. They register hundreds of new domains at a time to avoid detection or being shut down by their Hosting company. Now the folks at CastleCops (MIRT Team) do a good job of sending abuse reports to these ISPs trying to get these sites shut down.
The sad part is they (ISPs) may shut down these sites one-at-a-time, but they continue to allow the same people to just register another site and resume with their activities ...
As you can see above "hotelcodec(dot)com" existed for only a few days, then the traffic was picked up by "totalcodec(dot)com" then shut down, and on and on ... now it's "vivacodec(dot)com" ... all registered by the same person ... duh! If these hosting companied really wanted to make a difference they would not allow these guys to keep registering new sites.