Can you spot the fake
Hopefully it should be easy to spot the fake ... at first I thought this was some kind of a Phishing site, but it appears they are using all the content from CNet's MP3 site for some unknown reason. Well other than to infect your system. As I mentioned before any time you see that warning "Remote Data Services Data Control" watch out! ... this is NOT from Microsoft! This is the generic warning IE7 throws up when an exploit is trying to enter the system.
The culprit is "nnew-adult(dot)info" (highlighted in red below) detected as: Win32/TrojanDownloader.Nurech.NAT ... which is already included in the HOSTS file. Both "get-it-fast" and "nnew-adult" are both hosted at "Rbusiness Network" which is well known for hosting malicious content and exploit sites.
As you can see the content of the bogus page is being entirely drawn from CNet. Also notice the "activex.microsoft.com" entries, this is what Windows generates when a prompt has been interrupted ... that's a good thing ... I'm going to try and contact someone at CNet and see if they will drop Rbusiness Network a friendly little note ...