Exploit.HTML.Agent.AO( Trojan-Downloader.JS.Agent.bqv, JS/Exploit-Shell.gen, Mal/JSShell-B, JS_AGENT.AKNS )
SYMPTOMS: * The browser opens very slowly or crashes or* BitDefender shows a virus alert shortly after opening a webpage in the browser. TECHNICAL DESCRIPTION: This is a Microsoft TIF/TIFF exploit (MS07-055) that uses specially crafted .tif image files to allow remote code execution. The malware will download and execute on the infected computer the filehttp://www.gamerost.com/[removed]/npceok.exe, detected at the moment of this description as Trojan.Crypt.Delf.D. The operating systems vulnerable to this exploit are: Microsoft Windows 2000 SP4 Windows XP SP2 Windows Server 2003 SP1 Windows Server 2003 SP2 For more information about this exploit please visit: http://www.microsoft.com/technet/security/bulletin/MS07-055.mspx Removal instructions: Please let BitDefender disinfect your files.ANALYZED BY: Boeriu Laura, virus researcher |
