Lavasoft News, September '06

Beware - Desktop Hijacks on the Rise Again
The Lavasoft Support Forums have been deluged with daily cries of help from victims of the "Smitfraud" desktop hijackers that are using fake codec to infect their prey.

Watch out for the Zlob Trojan that poses as a codec needed to view a video, then installs a fake virus and urges its victims to download a rogue anti-spyware program to remove it. Lavasoft has also confirmed that this malware takes advantage of unpatched systems using exploits on web pages. Visit Microsoft Update to ensure that ALL of your critical Windows security pages are updated.

Other victims have been infected by a fake e-card greeting, or even a spoofed e-mail that claims to be Windows Update (Microsoft never sends updates via e-mail). Still more unassuming victims received an e-mail asking them to open a link to see the message (these can be fake e-mails, intended only to infect), or even a link from your 'buddy' in instant messages - but don't trust it if you aren't expecting it. Even your buddy could be infected without his/her knowledge and the virus on their computer is sending you the link with one purpose, and one purpose only - to infect you!

A few of the fake codecs out there include:

emediacodec svideocodec
imediacodec v-codec
media-codec vidscodec
mediacodec zipcodec
Newvidscodec intcodec

We urge you to be aware and watch out for fake codecs. This is one of the favorite methods used by the authors of malware to lure you into downloading a file that infects your computer. If you receive a link for a video that says you need a certain codec in order to view it, be careful! Today, it could be a fake codec that is actually a Trojan just waiting to infect your system.

New variants are being released daily, even faster than Lavasoft receives new samples for detection. And because it does take time for due diligence on detection for the newer variants, it is important to remember that prevention is the key!

  • Watch what you download.
  • Be careful where you surf.
  • Do not openly trust attachments or links in e-mail and instant messages. Even your network of friends could be unknowingly forwarding a virus.
  • Be aware of "phishing", cleverly-crafted e-mails that look like they came from an official source like Microsoft, your bank, or some other official office. They often use links in their e-mails that lead to a third-party site (this is a choice avenue of infection).
  • Stay FAR away from cracks and warez sites - you are sure to receive infected files there.
  • More than half of p2p (shared) files are believed to be infected, so use a high level of caution when downloading shared files. The newest 'nasties' are easy to release through p2p files.

Home  arrow


Fun Forum FAQs
In August:
New topics: 707
Posts: 3,534
Views: 184,732
New member registrations: 1,853
Overall Stats:
Lavasoft has 8,041 registered members, a total of 15,499 posts, and the most users ever online was 1,291 on June 28, 2006, 11:11 AM
McAfee Plays Fair Again
And we quote, "Several products that were previously marked as incompatible will no longer be flagged (this includes Ad-Aware)." McAfee has patched their updated virus scan, and now both Ad-Aware SE and McAfee users are sighing with relief. Read more at McAfee's forum
Spy Sweeper Conflict Solved
As reported by one of our Lavasoft forum members in August, Webroot has updated Spy Sweeper and fixed all conflicts with Ad-Aware SE. Read more at the Lavasoft Forum
Ad-Aware SE Lands People's Choice Award, Yet Again!
The people have spoken! It's confirmed: Ad-Aware SE is a favorite among computer users around the world. Read more

Lavasoft AB
Lilla Bommen 1
411 04 Gothenburg
Page footer