e, g, y, j, f, g, win, sys
Possible filenames:
eyfwin.dll, eyfsys.dll, eygwin.dll, eygsys.dll, ejfwin.dll, ejfsys.dll, ejgwin.dll, ejgsys.dll, gyfwin.dll, gyfsys.dll, gygwin.dll, gygsys.dll, gjfwin.dll, gjfsys.dll, gjgwin.dll, gjgsys.dll
It displays alert messages with popups that download WinDefender 2009 or IE-Security:
and alerts messages that redirect to fake online scanner.
It also modifies Google result, and drops Internet Shortcut on the desktop, Favorites, Start Menu: Cheap Pharmacy Online.url, Cheap Software.url, MP3 Download.url, Search Online.url, SMS Trap.url and VIP Casino.url
Use SmitfraudFix to remove the infection.
