Trojan.Brojack is a Trojan horse that may hijack search result on the infected computer and redirect the browser to malicious web sites. This Trojan also modifies Internet settings and may install itself as a browser helper object (BHO). Moreover, it may delete any existing toolbar on the computer that it may sense to have conflict with its actions.
Alias: Trojan.Brojack!sd6, Trojan.Win32.Agent.aggi
Damage Level: Low
Systems Affected: Windows 9x, 2000, XP, Windows Vista
If the Trojan is executed, it will drop multiple files under Mozilla Firefox extension folder. These are harmless files that are needed to accomplish the tasks of the Trojan. Then, it registers itself as a browser helper object (BHO) for Internet Explorer. The threat also modifies the registry in which it will add and remove certain subkey. It may also input some entries for the execute the Trojan when Windows starts.
Trojan.Brojack also ends running processes containing strings such as googletoolbarnotifier, googleupdater, searchprotection and ytbb. The threat also crowds running processes that may degrade system’s performance or could lead to software malfunction.
Next, the Trojan will remove certain BHO that are present on the Internet browser to so that it can control browsing activity on the infected computer. This Trojan is also capable of logging all links visited by user and stores the data separately. To accomplish this task, it will drop a malicious Mozilla Firefox extension. It encrypts the data and sends it to a remote location.
After completing all necessary actions, Trojan.Brojack finally hijack search results for Internet Explorer and Mozilla Firefox. User’s requests are redirected to unwanted web site.