[just_jo]

طلع الفيرس دا يا جدعان هو عبارة عن جافا اسكربت فى موقع او منتدى

بيفعل نفسة عند وجود ثغرة vulnerabilities

ثم يحمل حصان طروادة من الانترنت على جهازك

معلومات اخرى هنا:
http://www.bitdefender.com/VIRUS-100....Psyme.UT.html

الفيرس اسمة:
Trojan.Downloader.Agent.YTX
او
Win32.Almanahe.D


الخطر= متوسط الخطورة

تاريخ اكتشافة = 2008 May 14

لكى تزيل الفيرس حمل الBitDefender 2008

إقتباس:

Trojan.VBS.Psyme.UTSpreading: medium
Damage: medium
Size: ~1KB
Discovered: 2008 May 14



SYMPTOMS:
Increased Internet activity.

TECHNICAL DE******ION:
This is a malicious Java******, that is part of a major attack that took place in first half of May 2008.

A visit to any compromised site is enough to get infected with this malicious ******. It will test for several components having vulnerabilities, and will insert IFRAME tags that will point to attacker's other malicious ******s:

"http://err.www4[...]/614.gif"
"http://err.www4[...]/real10.gif"
"http://err.www4[...]/bf.gif"
"http://err.www4[...]/lz.gif"
"http://err.www4[...]/real11.gif"
"http://js.ton[...]hoo.com/621252/ystat.js"

Vulnerabilities exploited by those ******s are:
(CVE-2007-1765) MS06-14
(CVE-2007-4816) Baofeng Storm MPS.StormPlayer
(CVE-2007-5722) GLCHAT.GLChatCtrl.1 ActiveX
(CVE-2007-5601) RealPlayer IERPCtl.IERPCtl.1

All those malicious ******s will download and execute trojans on your computer.
At the moment of analysis, those trojans are detected as:
Trojan.Downloader.Agent.YTX
Win32.Almanahe.D


Removal instructions:
Please let BitDefender delete your infected files.

ANALYZED BY:
Marius TIVADAR, virus researcher