My Bitdefender
  • 0 Shopping Cart

SHARE
THIS ON

Facebook Twitter Google Plus

Exploit.ADODB.Stream.BR

MEDIUM
MEDIUM
~904 bytes
(Exploit.JS.ADODB.Stream.y, Exploit:JS/MS06014, VBS.Psyme)

Symptoms

The computer gets (re)infected by malware simply by visiting websites.

Removal instructions:

Please let BitDefender delete the infected files. If the infected files are in the web browser cache and you can not remove them due to the real time protection, perform the following steps:

  • Deactivate the BitDefender real time protection
  • Empty your browser cache. This step can vary depending on what browser you use:
  • For Microsoft Internet Explorer - go to Start -> Control Panel -> Network and Internet Connections -> Internet Options and in the "General" tab click on the "Delete Files" button and click Ok in the confirmation dialog (Warning! Do not check "Delete all offline content" checkbox unless you know what you are doing). The deleting can take several minutes, depending on the number of items you have in your cache.
  • For Mozilla Firefox 2.0 go to Tools -> Clear Private Data (or press Ctrl + Shift + Del), deselect all but the Cache checkbox and press ok. Again the operation can take several minutes.
  • For Opera 9 go to Tools -> Delete Private Data, Press the Details button, uncheck all but the "Delete entire cache" checkbox and press delete
  • Reactivate the BitDefender real time protection
If you suspect that the security zones of Microsoft Internet Explorer have been tampered with by a malware, you can perform the following steps to reset it:

  • Go to Start -> Control Panel -> Network and Internet Connections -> Internet Options
  • In the "Security" tab select the Internet zone (selected by default)
  • Press the "Default Level" button
  • Press Ok to apply the settings.

Analyzed By

Attila Balazs, virus researcher

Technical Description:

If the security settings of Microsoft Internet Explorer are lowered (which can happen either with or without the knowledge of the user - for example the Trojan.Lowzone malware family does this), websites can use active scripting to download and execute arbitrary files on the clients computer, thus the computer can become infected with malware by simply visiting these sites. This signature detects such scripts.