Troj/JSShell-D is a Java script Trojan that attempts to exploit a buffer overflow vulnerability associated with certain browsers, to run a small amount of executable code.
This code then tries to download an executable file from a remote location and run it.
Troj/JSShell-D arrives by browsing web pages that contain the Troj/JSShell-D script, or link to the Troj/JSShell-D script.
Troj/JSShell-D may similarly arrive by viewing email messages containing HTML content.