Aliases: Downloader.Trojan(Symantec), Mal/Psyme-A(Sophos), Trojan-Downloader.JS.Agent.di(Kaspersky), SPR/Crypt.DldrScr.2(Avira), VBS/Psyme(McAfee)

In the wild: Yes

Description: 

This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware:

• HTML_ADODB
• HTML_AGENT
• HTML_DLOADER
• HTML_IESLICE
• HTML_IFRAME
• HTML_PSYME
• HTML_SOHANAD
• JS_ADODB
• JS_AGENT
• JS_DLOADER
• JS_EXPLOIT
• JS_INJECT
• JS_JSSHELL
• JS_PADODOR
• JS_PETCH
• JS_PSYME
• JS_SMALL
• TROJ_AGENT
• TROJ_DLOADER
• TROJ_PSYME
• VBS_ADODB
• VBS_AGENT
• VBS_DELF
• VBS_DLOADER
• VBS_SMALL
• HTML_ADOSTREAM
• JS_Generic
• JS_STRAT
• JS_WONKA
• VBS_MUMAWOW
• VBS_PSYME

If your Trend Micro product detects a file under this detection name, do not execute the file. Delete it immediately especially if it came from an untrusted or an unknown source (e.g., a Web site of doubtful nature). However, if you have reason to believe that the detected file is non-malicious, you can submit a sample for analysis. Detailed analysis will be done on submitted samples, and corresponding removal instructions will be provided, if necessary.

For additional information about this threat, see:
Solution

Description created: Jul. 14, 2008 2:52:15 AM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.