high
Summary
Summary
Action- More Information
| Affected operating systems | Windows |
|---|---|
| Protection available since | 10 July 2008 02:08:36 (GMT) |
| Detected by | All Sophos products |
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
Action
- Summary
- Action
- More Information
Please follow the instructions for removing Trojans.
More Information
Troj/DocDrop-E is spammed out as notice_<random number>.doc. The document file contains an embedded file called notice.pdf. The file notice.pdf is not a PDF document, but an executable file - detected as Troj/DocDrop-E.
Clicking on embedded file notice.pdf generates a message box with title: Adobe Acrobat Reader (tm)
and message:
"Adobe Reader could not open the document because it is either not a supported file type or because the file has been corrupted (for example, it was sent as an email attachment and wasn't correctly decoded).
This message box is generated by the embedded executable called notice.pdf and not by Adobe Reader.
Troj/DocDrop-E also drops the file:
<Local Settings>\Temp\msie.dat - detected as Troj/DocDrop-E
The file msie.dat attempts to download a file called q.exe detected as Troj/DwnLdr-HCM.
|
