antivirusprotection

Just another Today.com weblog

&
 

Jun 20 2007

Trojan-Downloader.JS.Weis.b-Technical details & Removal instructions.

Published by antivirusprotection at 7:35 am under Antivirus software, Viruses description Edit This

Aliases:
Trojan-Downloader.JS.Weis.b (Kaspersky Lab) is also known as: TrojanDownloader.JS.Weis.b (Kaspersky Lab), VBS/Psyme (McAfee),   Downloader.Trojan (Symantec),   JS/Psyme (Grisoft),   Exploit.ADODB.Stream.Gen (SOFTWIN),   VBS/TrojanDownloader.Psyme.NAF (Eset)

Description added    May 10 2007
Behavior                    TrojanDownloader
Technical details:
This is a Trojan downloader program. It is written in JavaScript. It can be found on web pages.
Payload:
The Trojan uses Microsoft.XMLHTTP to download a file from an address which is given as a parameter. This file will be saved using ADODB.Stream to C:\Program Files\Internet Explorer\
The file will then be launched for execution by a function which will vary in accordance with the version of Windows. Removal instructions:
-Delete the page with the malicious code, if it was launched from a local resource.
-Update your antivirus databases and perform a full scan of the computer.

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google
Possibly-related Articles:                                        (auto-generated)

Comments are closed at this time.

Trackback URI |

Some Today.com contributors may have received a fee or a promotional product or service from a manufacturer for promotional consideration, while others receive no consideration at all. Each contributor is responsible for disclosing any such promotional consideration.