My Bitdefender
  • 0 Shopping Cart

SHARE
THIS ON

Facebook Twitter Google Plus

Exploit.HTML.Agent.AO

LOW
MEDIUM
variable (above 2,6 KB)
(Trojan-Downloader.JS.Agent.bqv, JS/Exploit-Shell.gen, Mal/JSShell-B, JS_AGENT.AKNS)

Symptoms

* The browser opens very slowly or crashes or
* BitDefender shows a virus alert shortly after opening a webpage in the browser.

Removal instructions:

Please let BitDefender disinfect your files.

Analyzed By

Boeriu Laura, virus researcher

Technical Description:

   This is a Microsoft TIF/TIFF exploit (MS07-055) that uses specially crafted .tif image files to allow remote code execution. The malware will download and execute on the infected computer the file
              http://www.gamerost.com/[removed]/npceok.exe,
detected at the moment of this description as Trojan.Crypt.Delf.D.

   The operating systems vulnerable to this exploit are:
          Microsoft Windows 2000 SP4
          Windows XP SP2
          Windows Server 2003 SP1
          Windows Server 2003 SP2
   For more information about this exploit please visit:
         http://www.microsoft.com/technet/security/bulletin/MS07-055.mspx