- Security Center
- English ▾
- Contact Us
Size: 1838 bytes
Language: Java Script
Once an infected HTML page is opened, the Trojan executes the malicious script.
The Trojan adds the “click” and “onclick” event handlers to the page. Thus, the Trojan keeps track of clicks performed by a user on the HTML page, and then opens the web resource in a new browser window. The site’s URL is as follows:
The Trojan installs a cookie with the “popundr” name and the “1” value for the 24 hour period. Once the web resource is opened by clicking the link, it redirects a user to a porno web resource. Its URL is as follows:
If a “popundr” cookie has been already installed, the Trojan finishes its execution upon opening an infected page.
To delete a malicious program, proceed through the steps listed below: