v, c, u, o, s, x, ext, it
Possible filenames:
vusext.dll, vusit.dll, vuxext.dll, vuxit.dll, vosext.dll, vosit.dll, voxext.dll, voxit.dll, cusext.dll, cusit.dll, cuxext.dll, cuxit.dll, cosext.dll, cosit.dll, coxext.dll, coxit.dll
It displays alert messages with popups that download WinDefender 2009 or IE-Security:
and alerts messages that redirect to fake online scanner.
It also modifies Google result, and drops Internet Shortcut on the desktop, Favorites, Start Menu: Cheap Pharmacy Online.url, Cheap Software.url, MP3 Download.url, Search Online.url, SMS Trap.url and VIP Casino.url
Use SmitfraudFix to remove the infection.
