Home / malwarePDF  

Trojan:JS/Dursg.I


First posted on 13 July 2010.
Source: SecurityHome

Aliases :

Trojan:JS/Dursg.I is also known as Trojan.JS.Dursg.BE (VirusBuster), TR/Script.430228 (Avira), Trojan.Script.430228 (BitDefender), Trojan.Searcher.107 (Dr.Web), Win32/Dursg.A (ESET), Trojan.JS.Dursg (Ikarus), Troj/JsInject-A (Sophos).

Explanation :

Trojan:JS/Dursg.I is a trojan that redirects web searches performed using the web browser Firefox and when a user performs key word searches in specific search sites.
Top

Trojan:JS/Dursg.I is a trojan that redirects web searches performed using the web browser Firefox and when a user performs key word searches in specific search sites. InstallationTrojan:JS/Dursg.I may be installed by other malware or by visiting a malicious webpage. It arrives in the computer as a Firefox mechanism that allows applications to add elements to the browser interface and is present as a file named "overlay.xul" or "timer.xul". Payload Redirects user searches When a user uses the web browser to conduct searches using certain search engines, the browser is redirected to the following servers: gewebsearch.com The following search engines are impacted by the trojan:

  • Google.com
  • Ask.com
  • Yahoo.com
  • AOL.com search


    • Analysis by Tim Liu

    Last update 13 July 2010

     

    TOP

    Malware :

    Family: