Norton by default will have quarantined that file open norton to your reports and view the quarantined items and delete then run norton again thru you system - also you have the option to send the file for anaylsis ( good idea ) if Norton doesnt have anything for it as it will make them aware of it. Also microsoft have a patch available
JS.Menger.Worm
Discovered on: February 13, 2002
Last Updated on: April 15, 2002 05:17:24 PM
This is an Internet worm that is coded in JavaScript. The worm appears as a message in MSN Messenger that directs you to a Website which contained the code. This worm was hosted on a number of different sites.
Also Known As: JS/Exploit-Messenger, JS_MENGER.GEN, JS.CoolNow
Type: Worm
Virus Definitions (Intelligent Updater) *
February 13, 2002
Virus Definitions (LiveUpdate™) **
February 13, 2002
*
Intelligent Updater definitions are released daily, but require manual download and installation.
Click here to download manually.
**
LiveUpdate virus definitions are usually released every Wednesday.
Click here for instructions on using LiveUpdate.
Wild:
Number of infections: 50 - 999
Number of sites: 0 - 2
Geographical distribution: Low
Threat containment: Easy
Removal: Easy
Threat Metrics
Wild:
Medium
Damage:
Low
Distribution:
Medium
This script uses instructions specifically designed to manipulate the MSN Messenger program using a known vulnerability. Microsoft has released a patch for this vulnerability. The patch is available at:
http://www.microsoft.com/technet/sec.../MS02-005.mspx
The script contains instructions referencing the class object identification for creating a Messenger "object" and referencing the Messenger application. The script attempts to send a link to the worm code to other contacts within Messenger.
There was not any additional damaging code in the script code.
The script makes use of code first introduced in a tech forum on February 9, 2002.
