Microsoft has released an updated Trojan detection
and removal tool to help PC users clean up after the sophisticated
malware
attack that loaded keystroke loggers and other malicious code on
infected systems.
The 118 KB
removal tool has been programmed
to remove the payload delivered by the server-side Download.Ject Trojan.
The Download.Ject Trojan, also known as Scob, exploited vulnerabilities
in Microsoft’s IIS 5.0 servers and Internet Explorer (IE)
browser to distribute malware programs.
It started spreading late last
month after unknown attackers uploaded a small file with JavaScript to
infected Web sites running Microsoft IIS 5.0 servers.
A user visiting an infected site with IE automatically became infected
with the JavaScript, which triggered a download from a Russian Web site. The
download included Trojan horse programs like keystroke loggers, proxy
servers and other back doors providing full access to the infected
system.
On July 2, Microsoft
issued a security update
with PC configuration workarounds aimed at thwarting
the attack.
Now, as the cleanup continues, the software giant is urging customers to
use its updated removal tool to delete variants of the Trojan.
“Once the
tool has run, it automatically checks for infection and removes any targeted
Trojans that are found,” the company said.
The tool was created specifically to remove the Download.Ject Trojan and
will not detect or delete any viruses or worms.