Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

HTML/Debeski

Feb 26, 2004 11:55PM PST

Date Discovered: 9/20/2003
Date Added: 2/27/2004
Origin: Unknown
Length: Varies
Type: Trojan
SubType: Script

This is generic detection of HTML files containing scripts that use the Windows Scripting Host ActiveX implementations which use harmful technique and/or code. AVERT received several samples which could be categorized as malicious or harmful, and were abusing a discovered exploit of running ActiveX objects which were "signed as safe".

Some of the samples received, execute cmd.exe to achieve different payloads. Some payloads include:

Accessing sites to download and execute malicious files
Display messages
Format drives
Delete files

http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=101057

Discussion is locked