My Bitdefender
  • 0 Shopping Cart

SHARE
THIS ON

Facebook Twitter Google Plus

Trojan.Exploit.SSV

MEDIUM
MEDIUM
aprox. 350 bytes

Symptoms

The exploit doesn't have any obvious symptoms.
It exploits a vulnerability in the ActiveX control for the Snapshot Viewer for some versions of Microsoft Access. It downloads a file onto the affected computer which may be a piece of malware.

Removal instructions:

You can avoid further problems with this exploit by setting the "killbit" to this CLSID : {F0E42D50-368C-11D0-AD81-00A0C90DC8D9}. You can find out how to do this here : http://support.microsoft.com/KB/240797


Please let BitDefender disinfect your files.

Analyzed By

Daniel Chipiristeanu, virus researcher

Technical Description:

The malware exploits a vulnerability in the ActiveX control for the Snapshot Viewer present in some versions of Microsoft Access.

It downloads a file onto the affected computer which may be a piece of malware and uses this CLSID {F0E42D50-368C-11D0-AD81-00A0C90DC8D9}  that belongs to Snapshot Viewer for Microsoft Access. The vulnerability presents itself in the snapview.ocx found in different Microsoft Access packages and the standalone product.

The file is downloaded in an arbitrary path which means that it can use tricks to start itself at startup ( "Startup" folder - %Start Menu%\Programs\Startup" ).

You can find out more about this here.