Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Htmltrojanclicker.agent.a Trogan


  • Please log in to reply
2 replies to this topic

#1 RELOADED

RELOADED

  • Members
  • 476 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bahrain - East Riffa
  • Local time:11:17 PM

Posted 18 February 2007 - 12:16 AM

while i am browsing a forum ( My university IT forum ) i had this message that THREAT DETECTED :inlove: !!!

Posted Image

Hint: I am using NOD32 antivirus and detected the threat :thumbsup: .

I have a three questions :flowers: I hope that I get an answers for those questions ....

Question.1 Is my university IT forum become unsafe ? and should I warn the admin !!!

Question.2 My NOD32 capture the HtmlTrojanClicker.Agent.A Trogan. But can I say that I captured this trojan and it will not appear again to other members in the university forum while browsing ?

Question.3 What does the HtmlTrojanClicker.Agent.A Trogan Do Incase the antiviruse didnt detect it :trumpet:

sorry for the bothering and thx in advance :huh:

Good Luck To All
.
.
.

Edited by Zivinomir, 18 February 2007 - 12:18 AM.

No goal is worthy of our time and effort if all we are going to get out of it is an end result.
If I have been helping you and I don't reply within 48 hours, please shoot me a PM. Thanks.

BC AdBot (Login to Remove)

 


m

#2 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:09:17 PM

Posted 18 February 2007 - 05:17 AM

Download and scan with SUPERAntiSypware Free for Home Users

* Double-click SUPERAntiSypware.exe and use the default settings for installation.
* An icon will be created on your desktop. Double-click that icon to launch the program.
* If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Udates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
* When done, select "Scan for Harmful Software".
* There are three scanning options. Choose "Perform Complete Scan" and click "Next".
* When done, a Scan Summary will appear with potentially harmful items that were detected. Click "OK".
* Make sure they all have a checkmark next to them and click "Next".
* A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
* Click Preferences and then click the statistics/logs tab.
* Click the dated log and press View log. A text file will appear so you can see the results.
* Select close to exit the program.
* Scan in SAFE MODE

After that, download DrWeb-CureIt & save it to your desktop. DO NOT perform a scan yet.

Reboot your computer in SAFE MODE using the F8 method.

Scan with DrWeb-CureIt as follows:

* Double-click on drweb-cureit.exe to start the program. An "Express Scan of your PC" notice will appear.
* Under "Start the Express Scan Now", Click "OK" to start. This is a short scan that will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it.
* Once the short scan has finished, Click Options > Change settings
* Choose the "Scan tab" and UNcheck "Heuristic analysis"
* Back at the main window, click "Select drives" (a red dot will show which drives have been chosen)
* Then click the "Start/Stop Scanning" button (green arrow on the right) and the scan will start.
* When done, a message will be displayed at the bottom advising if any viruses were found.
* Click "Yes to all" if it asks if you want to cure/move the file.
* When the scan has finished, look if you can see the icon next to the files found. If so, click it, then click the next icon right below and select "Move incurable".
(This will move it to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if it can't be cured)
* Next, in the Dr.Web CureIt menu on top, click file and choose save report list.
* Save the DrWeb.csv report to your desktop.
* Exit Dr.Web Cureit when done.
* Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.

After that:
* Clean your Cache and Cookies in IE:

* Close all instances of Outlook Express and Internet Explorer
* Go to Control Panel > Internet Options > General tab
* Under Browsing History, click "Delete".
* Click "Delete Files", "Delete cookies" and "Delete history"
* Click Close below.

* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):

* Go to Tools > Options.
* Click Privacy in the menu..
* Click the Clear now button below.. A new window will popup what to clear.
* Select all and click the Clear button again.
* Click OK to close the Options window

* Clean other Temporary files + Recycle bin

* Go to start > run and type: cleanmgr and click ok.
* Let it scan your system for files to remove.
* Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
* Press OK to remove them.

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,558 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:17 PM

Posted 18 February 2007 - 08:07 AM

"Trojan Clickers".

This family of Trojans redirects victim machines to specified websites or other Internet resources. Clickers either send the necessary commands to the browser or replace system files where standard Internet urls are stored (e.g. the 'hosts' file in MS Windows).

Clickers are used:
* To raise the hit-count of a specific site for advertising purposes
* To organize a DoS attack on a specified server or site
* To lead the victim to an infected resource where the machine will be attacked by other malware (viruses or Trojans)


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users