Re: Javascript exploit

From: "Ant" <not@xxxxxxxxxx>

| It will try to create the other names elsewhere if the above fails:
| Random numeric exe in c:\recycler, or user's temp directory.
| Random numeric exe prefixed with "sys" in root of current drive.
| ntdetect.exe in c:\ (the genuine MS ntdetect has a .com extenstion).
| Did you use a test machine or were you able to deobfuscate the
| Javascript? It's not as straightforward as some and, apart from being
| multiply encoded, will come out as garbage if you're unaware of the
| little trick the author used.

Test PC.

I am having it analyzed.