PDA

View Full Version : CWS Trojan



highsea
05-06-2004, 02:40 PM
I just pulled an all nighter cleaning my computer from this trojan. It hit me 5 days ago, and each time I thought I had it licked, it came right back.

The trojan places a hidden .DLL on the computer and a hidden registry entry to activate it. It is very difficult to remove.

It took a total of 7 different utilities, and several registry hacks in a specific sequence to remove. It was definitely not fun.

I urge everyone running Windows to doublecheck that you have the latest critical updates from Microsoft.

The trojan exploits Microsoft's Java VM, and any version prior to 5.00.3810 is vulnerable. To see what version you are running, open a command prompt and type jview.

-CM