Virus:Trojan-Downloader.JS.Psyme.bs
Other versions: .am , .gy
| Detection added |
Feb 15 2006 |
| Update released |
Feb 16 2006 16:11 GMT |
| Description added |
Feb 05 2007 |
| Behavior |
TrojanDownloader |
This Trojan downloads other malicious programs. It is written in JavaScript. It is found in web pages or compiled CHM files. Payload When a page containing the malicious code is opened, the Trojan will use the Microsoft.XMLHTTP ActiveX object to download a file called eied_s7_cust.cab from http://www****t2.com/files/. This file will be saved as C:\eied_s7.cab, and will then be loaded into iFrame on the same page.
- Delete the original Trojan file (the location will depend on how the program originally penetrated the victim machine).
- Delete C:\eied_s7.cab
- Update your antivirus databases and perform a full scan of the computer ( download a trial version of Kaspersky Anti-Virus).
|