Monday, September 22, 2008

IE Defender, Files Secure, Malware Bell, IE Antivirus, Total Secure 2009

IE Defender/Files Secure/MalwareBell/IE Antivirus/Total Secure 2009 Codec has been update, it installs a file with semi-random filename composed from a dictionary:
p, f, h, g, a, i

Possible filenames are:
pha.dll, phi.dll, pga.dll, pgi.dll, fha.dll, fhi.dll, fga.dll, fgi.dll

It displays alert messages with popups that download Total Secure 2009:

It also drops a new Internet Shortcut on the desktop: Free MP3 Search.url with VIP Casino.url

Use SmitfraudFix to remove the infection.