If you haven't heard, and apparently some of our readers haven't, in the course of trying to run videos on your system, you may be prompted to install what is really a phony video codec. One seems to be all the rage today and was at the very end of February, prompting the user to download and run "setup_axplugin.exe".
This setup file may have a cute avi file icon once it is downloaded, as though it is going to install an appropriate piece of software to display that wholesome video you're trying to view:
Setup_axplugin.exe drops and runs "sysockeu.exe" and a handful other files, which copies out "mywallpaper.bmp" and reconfigures your system and desktop to display the bitmap file, along with its bad grammar and mispellings that you saw in the first screenshot above:
"WARNING! YOU'RE IN DANGER! YOUR COMPUTER IN INFECTED WITH SPYWARE!"
In turn, these guys are attempting to convince the user to install and pay for what we have been calling Vundo, another piece of "Rogueware". It's a trojan that doesn't really clean up much of anything. From what we could tell, our clean lab systems that displayed this stuff weren't really putting us in much danger at all.
1 comments:
I come across the 'phony video codec' a couple times a day. Mostly from adult web sites.
Post a Comment