Exploit.HTML.Ascii.q

This malicious program exploits a vulnerability which enables a remote malicious user to modify the appearance of pages displayed in Internet Explorer and to evade content filtering due to incorrect interpretation of 8-bit ASCII symbols.

Without the knowledge of the user, the script can use an IFrame vulnerability (MS01-020) to download other files from the link shown below:

At the time of writing, this link was not working.

If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:

1. Delete the original exploit file (the location will depend on how the program originally penetrated the victim machine).
2. Delete all files from %Temporary Internet Files%.
3. Install Internet Explorer updates.
4. Update your antivirus databases and perform a full scan of the computer (download a trial version of Kaspersky Anti-Virus).

This exploit uses a vulnerability in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HTML page. It is 512 bytes in size. It is not packed in any way.