83
vote
Total Secure 2009 is one of the new batch rogue security applications. The installer of Total Secure 2009 generally masquerades itself as a fake codec (Zlob!) and gets registered as a BHO for Internet Explorer. Here's a HijackThis entry for one of such BHO:
O2 - BHO: Apaps - {EC748705-E0FD-4671-9AFF-890579E57450} - C:\WINDOWS\system32\gaspt.dll
This BHO poisons the Google search results, so that first few results are always redirected to Total Secure 2009 download links. Here's an example of search result poisoning by Total Secure 2009 dropper:
You can follow the steps given here to get rid of this malware.
Bookmark/Search this post with:
Trackback URL for this post:
http://www.secgeeks.com/trackback/2396
