My Bitdefender
  • 0 Shopping Cart

SHARE
THIS ON

Facebook Twitter Google Plus

Generic.XPL.ADODB

MEDIUM
MEDIUM
varies
(VBS.Psyme variants)

Symptoms

There are no obvious symptoms, except for unusual running processes.
See Technical description below.

Removal instructions:

Please let BitDefender disinfect your files.

Analyzed By

Patrik Vicol, virus researcher

Technical Description:

Variants of this trojan are written in VBscript or Javascript. It attempts to download from internet an executable, save it locally to hardisk (usually replacing a valid executable) and execute it.
It does this by exploiting a vulnerability in Internet Explorer (the ADODB.Stream object)

Previously, these threats were detected as Exploit.ADODB.Stream.Gen