Clickbot.A is a Trojan that obtains financial profit from fraudulent clicks on advertisements sponsored by a certain company, which in return does not get any visits to its website. In order to do so, Clickbot.A registers itself as BHO (Browser Helper Object), so that it activates whenever Internet Explorer is run. Clickbot.A provides several characteristics in order to update itself, notify its controller that it has affected the computer, start the fraudulent clicks on demand, etc. It does not spread automatically using its own means, but needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc. For further information on the Pay per Click legitimate model, click the following picture:  Clickbot.A exploits the Pay per Click model in the following way: |