Content
JS-FakeGoogle
- Type
- Trojan
- SubType
- Script
- Discovery Date
- 07/02/2008
- Length
- Varies
- Minimum DAT
- 5330 (07/02/2008)
- Updated DAT
- 5330 (07/02/2008)
- Minimum Engine
- 5.1.00
- Description Added
- 07/02/2008
- Description Modified
- 07/08/2008 11:51 PM (PT)
Tab Navigation
Characteristics
This detects on obfuscated iFrames which points to malicious sites where the user will unknowingly download and execute malware.
Network connections are made to the following domain names masquerading as Google:
- google-stat.net
- google-analystyc.com
Symptoms
- Unexpected network connections to the previously mentioned domains
Method of Infection
The script exists in HTML pages that are accessed by users.
Removal
AVERT recommends to always use latest DATs and engine. This threat will be cleaned if you have this combination.
Variants
Variants
N/A
All Information
Overview -
This is a Trojan detection. Unlike viruses, Trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspecting users manually executing unknown programs. Distribution channels include e-mail, malicious or hacked Web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc.
Characteristics
Characteristics -
This detects on obfuscated iFrames which points to malicious sites where the user will unknowingly download and execute malware.
Network connections are made to the following domain names masquerading as Google:
- google-stat.net
- google-analystyc.com
Symptoms
Symptoms -
- Unexpected network connections to the previously mentioned domains
Method of Infection
Method of Infection -
The script exists in HTML pages that are accessed by users.
Removal -
Removal -
AVERT recommends to always use latest DATs and engine. This threat will be cleaned if you have this combination.
Additional Windows ME/XP removal considerations
Variants
Variants -
N/A
