cardello
Joined: 23 Jun 2006
Posts: 1
|
 Posted: 08/10/06 - 08:39 Post subject: |
 |
|
These fake service pack updates are part of Trojan Win32.Secdrop.HB. As I understood this is not a particularly dangerous kind but the trick it uses is interesting. Trojan itself is self-extracting RAR archive and contains html pages marked as update-sp1 to update sp-5 among else files. This one tries to lower Internet Explorer security settings and install adware. Html files are laded one at a time and are imitations of Microsoft’s XP Security and Privacy web page and loads extra scripts that are to install various adware from different domains. About removal of this, I found this info in connection with eTrust Antivirus, but I guess you can try using any other tool; AdAware, Spybot S&D, CCleaner, CounterSpy, new Windows tools…
|
|
