Threat Description

Briss

Details

Aliases:Briss, TrojanSpy.Win32.Briss
Category: Malware
Type:
Platform: W32

Summary



Briss is an spyware (intrusive advertising software) made by BlazeFind. It is usually installed to computers without any warning or notification to users. The main component is a BHO (Browser Helper Object) that creates a search toolbar in Internet Explorer's interface. The spyware is capable or auto-updating itself. It reports information about users' hard drives and operating system version to its maker, that is why we consider it a spying trojan.



Removal



For instructions on how to remove Briss spyware please visit this link:

http://www.blazefind.com/index.php?section=help-bar



Technical Details




Variant:TrojanSpy.Win32.Briss.H

The main Briss's file is an installer that drops 3 files into Windows System folder without any notice to a user. These files are:

a.exe
 jao.dll
 bridge.dll

Then the startup key for the bridge.dll file is added to the following key:

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]

This allows the dll to be loaded in memory during every Windows session. The dll file works from under Explorer.exe (main Windows component). The spyware connects to the www2.flingstone.com site and reports certain data. It can also download and install upgrades for itself.

When uninstalling Briss from Control Panel -> Add/Remove Programs, please select 'Bridge' and then click 'Change/Remove' button.






SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More