1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Mancsyn File Download Activity

HTTP Mancsyn File Download Activity

Severity: Medium

This attack could pose a moderate security threat. It does not require immediate action.

Description

W32.Mancsyn is a worm that spreads by exploiting the Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability (Bugtraq ID 8205). It may also download potentially malicious files on to the compromised computer.

Trojan.Mancsyn is a Trojan horse program that attempts to download remote files and contacts remote servers.

Additional Information

W32.Mancsyn is a worm that spreads by exploiting the Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability (Bugtraq ID 8205). It may also download potentially malicious files on to the compromised computer.

Trojan.Mancsyn is a Trojan horse program that attempts to download remote files and contacts remote servers.

Affected

  • Microsoft Windows XP

Response

The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.

1. Disable System Restore (Windows Me/XP).
2. Update the virus definitions.
3. Run a full system scan.
4. Delete any values added to the registry.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube