Saturday, August 30, 2008

IE Defender, Files Secure, Malware Bell, IE Antivirus, Total Secure 2009

IE Defender/Files Secure/MalwareBell/IE Antivirus/Total Secure 2009 Codec has been update, it installs a file with semi-random filename composed from a dictionary:
a, za, o, d, g, x, i, ui, y, c, p, w

Possible filenames are:
adic.dll, zadic.dll, odic.dll, agic.dll, zagic.dll, ogic.dll, axic.dll, zaxic.dll, oxic.dll, aduic.dll, zaduic.dll, oduic.dll, aguic.dll, zaguic.dll, oguic.dll, axuic.dll, zaxuic.dll, oxuic.dll, adyc.dll, zadyc.dll, odyc.dll, agyc.dll, zagyc.dll, ogyc.dll, axyc.dll, zaxyc.dll, oxyc.dll, adip.dll, zadip.dll, odip.dll, agip.dll, zagip.dll, ogip.dll, axip.dll, zaxip.dll, oxip.dll, aduip.dll, zaduip.dll, oduip.dll, aguip.dll, zaguip.dll, oguip.dll, axuip.dll, zaxuip.dll, oxuip.dll, adyp.dll, zadyp.dll, odyp.dll, agyp.dll, zagyp.dll, ogyp.dll, axyp.dll, zaxyp.dll, oxyp.dll, adiw.dll, zadiw.dll, odiw.dll, agiw.dll, zagiw.dll, ogiw.dll, axiw.dll, zaxiw.dll, oxiw.dll, aduiw.dll, zaduiw.dll, oduiw.dll, aguiw.dll, zaguiw.dll, oguiw.dll, axuiw.dll, zaxuiw.dll, oxuiw.dll, adyw.dll, zadyw.dll, odyw.dll, agyw.dll, zagyw.dll, ogyw.dll, axyw.dll, zaxyw.dll, oxyw.dll

It displays alert messages with popups that download Total Secure 2009:

Use SmitfraudFix to remove the infection.