This Trojan downloads other files via the Internet and launches them for executionon the victim machine. The program is an HTML page which contains Java Scriptscenarios. It is 1432 bytes in size. The Trojan downloads a file from the URL shown below by exploiting a vulnerability(CVE-2006-1359) in the processing of "createTextRange" in Microsoft InternetExplorer: http://195.62.***.21/a.exe The Trojan saves this file to its working directory as shown below: %WorkDir%\a.exe The downloaded file will then be launched for execution. At the time of writing, the link was not active. If your computer does not have an up-to-date antivirus, or does not have anantivirus solution at all, follow the instructions below to delete the maliciousprogram: - Use TaskManager to terminate the process shown below:
a.exe - Delete the original Trojan file (the location will depend onhow the program originally penetrated the victim machine).
- Delete the following file:
%WorkDir%\a.exe - Delete all files from %Temporary Internet Files%.
- Install the latest patches for Microsoft Internet Explorer.
- Update your antivirus databases and perform a full scan of thecomputer (download a trial version of Kaspersky Anti-Virus).
Printed From:http://www.viruslist.com/en/viruses/encyclopedia?virusid=163672
Similar Virus/Threat >>
Trojan-Downloader.JS.Small.dz
This Trojan downloads other malicious programs from the Internet and launchesthem on the victim machine. It is a HTML page which contains a JavaScript scenario(HTML file). It is 5461 bytes in...
Trojan-Downloader.JS.Agent.sg
This Trojan downloads other files via the Internet and launches them for executionon the victim machine. It is an HTML page which contains Visual Basic Scriptand Java Script. It is 677 bytes in...
Trojan-Downloader.JS.Agent.crh
|
