"TrojanDownloader.Agent.NAB"

hello all,

i had just opened the website h[I]tt[/I]p://nsl-school.org and my system got infected with "TrojanDownloader.Agent.NAB".

I did not get nod32 warning message.

i could not open my task manager

i could not edit my registry

can you tell me what is wrong? and how can anyone prevent this? and how to remove "TrojanDownloader.Agent.NAB"

NOD32 was already installed when i had opened this website, still i had faced this problem, can anyone tell me why?

 

NOD32 doesn't flag anything within that site, and I clicked on everything nor does Online Armor growl, or Regdefend, so I'm not sure what is going on.

Cheers

 

I've posted about this threat here: https://www.wilderssecurity.com/showthread.php?t=149069
NOD should detect it.

 

Dr.Web extension for Firefox pops up with this

 

Wow, thats nice of you to findout that its a javascript. do you think nod32 can fight this torjan easily? pls. advice.

 

These one is from the page of exploit prevention labs about this page.

 

hi,
i've took a look at the source of this web page. the page contain two vbs scripts that try to download two differents files from that web site. i manually download both files. nod32 detected the files as autoit.ab and killav. so, if you've nod32 up-to-date, there's no danger.
the vbs scripts downloaders aren't detected, however the downloaded things are detected.
anyway i'll submit the downloaders in order to have an extra protection.
i recommend delete the page as this contain malware

 

update: malicious downloaders codes are also detected by nod32. great work

 

Great job !

Sir_Carew , can you say how does NOD detect them , the names ? Thanks a lot !

 

Thanks for that sir_carew.

Cheers

 

thx sir_carew for letting us know it. NOD32 doing its job as always.

 

The malware names that NOD32 detected are the following:

1. HTML/TrojanDownloader.Agent.NAB trojan
2. Win32/KillAV.NBE trojan
3. Win32/Autoit.AB trojan

 

Thank you , sir_carew !