 |
 |
|
|
|
||||||||||||||||
|
Home  Virus threats Security News Trojan advertises help but is reall... |
|||||||||||||||||||
|
Security NewsTrojan advertises help but is really malwareWed, 16 July 2008Tettnang, 16 July 2008 – Instead of a route planner or a template for applications, hostile websites are distributing malware which reroutes page views to alien servers and in doing this pop-ups advertising. The malware installs a local proxy which reroutes requests for many popular websites to the foreign server. The proxy is automatically configured in the web browser, such as Firefox or Internet Explorer. It first contacts the foreign server when a page is requested before loading the actual page. It is then able to read all transferred data and may even change it. The malware waits on the help pages of the Route Planner, Driving Schools or Clipart applications under names such as "Bewerbungstipps-Setup.exe" or "Fahrschule.exe" . Upon execution, the Trojan Horse installs files in a new program directory and also creates a file with the name "host.exe" in the Windows System Directory which activates every time the system is started. Avira recognises the malware as TR/Delf.Agent.ABC with the virus definition file in Version 7.00.05.128."
|
|
  Get comfortable up to the minute info from Avira as  |
|||||||||||||||||
|
|
|
||||||||||||||||||
Print this page
.gif)
