Trojan.Srizbi Masquerades As Hillary Clinton Video

Recently it was discovered that a link to a Hillary Clinton video leads to the Trojan.Srizbi infection. With all of the hype and publicity of the upcoming election, hackers have joined the political world by masking Trojans and malicious files as a video link. The discovered link to download Trojan.Srizbi is usually sent as a spam message to multiple computer users. The subject of the spam message reads 'Hillary Clinton Full Video !!!' The link provided in the spam message actually redirects users to download a file named mpg.exe which contains the Trojan.Srizbi infection.

The source of the Hillary Clinton Video link comes from the google search path:
http://www.google.com/pagead/iclk?sa=3Dl&ai=3DRwGGv&num=3D96249&a=durl=http://canotajetrilly.com/[REMOVED]/rdown.php?PNDcx"=id=3D.

The actual malicious link is:
http://canotajetrilly.com/[REMOVED]/rdown.php?PNDcx"=id=3D.

It is advised that users to not use any of the above mentioned links as it may prompt the download and installation of Trojan.Srizbi which can lead to other malicious installs onto a users system. The actual downloader of the Trojan.Srizbi infection users a file named inst241.exe to perform the installation task. It is recommended that computer users immediately use a reputable spyware removal tool to delete any file associated with Trojan.Srizbi It is very difficult to manually remove Trojan infections because they may re-create at windows startup.

Tip: During this election season it may seem very tempting to click on a Hillary Clinton Video link. Hackers have purposely used this tactic to trick users into falling for their malicious trap. If you receive an email message containing the words or phrase stating 'Hillary Clinton Full Video' or any variation of the phrase it is a good chance that it may be a malicious link to the Trojan.Srizbi download. It is always a good practice to check the link source of any links provided in emails or search engine sites before clicking on the link.

About Trojan.Srizbi

Trojan.Srizbi is also known as Troj/RKAgen-A and Rootkit:W32/Agent.EA are all Trojan infections that can lead to other malicious file downloads and installations. Computers infected with Trojan.Srizbi are usually compromised to download configuration files send out spam messages from the following URLs:

208.72.169.22
208.72.168.143
208.72.168.250
abr.srizhopa.biz
bu.srizhopa.biz
www.konskyvolos.com
www.swinmaster.com
www.zaibek.com
www.ebobuilt.com

It is recommended to keep your anti-spyware and anti-virus solutions up-to-date with the latest definitions in order to prevent or remove the Trojan.Srizbi infection.