| ID | 149174 |
| Released | May 12, 2006 |
| Description Updated | Mar 13, 2007 |
Detection Availability
| FortiClient | |
|---|---|
| Extreme |
|
| FortiMail | |
| Extreme |
|
| FortiSandbox | |
| Extreme |
|
| FortiWeb | |
| Extreme |
|
| FortiADC | |
| Extreme |
|
| FortiIsolator | |
| Extreme |
|
| FortiDeceptor | |
| Extreme |
|
Threat Profile
Aliases:- JS/Agent.D!tr
- Trojan-Clicker.JS.Agent.d [KAV]
Java Script
Update History
| Date | Version | Detail |
|---|---|---|
| 2019-05-07 | 68.34600 | Sig Updated |
Refine Search
Threat Encyclopedia
JS/Agent.D!tr
Analysis
This JavaScript Trojan for Windows sytstems alters the home page value for Internet Explorer. The Java code instructions responsible monitor when a web page containing the home page changing script is closed. During closure, the Trojan alters the home page to point to the domain 'netster.com'.
Recommended Action
- check the main screen using the web interface to ensure the latest AV/NIDS
database has been downloaded and installed -- if required, enable the "Allow
Push Update" option
FortiClient systems:
- Quarantine/Delete infected files detected
FortiGate systems:
