Hi
Read This Report
Latest Threats report 5
1. Trojan-GameThief.Win32.Taworm
Trojan-GameThief.Win32.Taworm is a Trojan horse that targets Windows operating systems. Trojan-GameThief.Win32.Taworm is able to propagate via unsolicited e-mails and malicious websites. On infiltrating a system, Trojan-GameThief.Win32.Taworm will download additional malware and negatively affect the performance of the infected machine. It is advisable to remove Trojan-GameThief.Win32.Taworm from an infected computer immediately after detection.more information...
2. Trojan Downloader-CKT
Downloader.CKT is a Trojan, which although seemingly inoffensive, can actually carry out attacks and intrusions: screenlogging, stealing personal data, etc., more information...
3. Backdoor.Win32.Turkojan
Backdoor.Turkojan is a malicious backdoor trojan that runs in the background and gives remote attackers access and control of the targeted computer system without the users knowledge. Backdoor.Turkojan is able to steal passwords, log keystrokes, create screenshots, and control the affected computer system. Backdoor.Turkojan can compromise system integrity by making modifications to the system that enables the attacker to use it for malicious activities unknown to the user, more information...
4. Trojan.Win32.Buzus
Trojan Win32 Buzus, also known as Trojan.Buzus, is one of the more dangerous Trojans. This is because, once Trojan Win32 Buzus installs itself on your computer, it opens a security hole that is used by hackers to access your personal information, including credit card and Social Security numbers. Consequently, Trojan Win32 Buzus should be removed immediately to avoid serious privacy problems. Note that the removal steps below apply to the Windows Vista and Windows Seven operating systems, more information...
5. Trojan.Win32.Refroso
Trojan.Win32.Refroso is a destructive and malicious trojan designed to steal information from an infected system and send the compromised data to a remote server. Trojan.Win32.Refroso, or Trojan-Spy.Win32.VB, may open a security hole that allows the download and installation of malware programs onto an infected system. Aside from gathering system information, Trojan-Trojan.Win32.Refroso may initiate computer performance problems. Trojan.Win32.Refroso is a security risk and should be removed, more information...
II. Policy Update of Sax2
1. HTTP_Trojan-GameThief.Win32.Taworm attempt to request data from the remote host
Type: Backdoor & Trojan
Description: This event is generated when the sax2 detects that the data identified by the following URL was then requested from the remote web server:
http://www.baiduop0.com/1mg/am1.rar
http://www.baiduop0.com/1mg/am.rar
2. HTTP_Trojan downloader-CKT attempt to request data from the remote host
Type: Backdoor & Trojan
Description: This event is generated when the sax2 detects that the data identified by the following URL was then requested from the remote web server:
http://p.winsoft1.com/http://p.winsoft1.com/receive/r_autoidcnt.asp?mer_seq=1&realid=up1&cnt_type=e1&mac=000000000000
http://p.winsoft1.com/http://p.winsoft1.com/receive/r_autoidcnt.asp?mer_seq=1&realid=up1&mac=000000000000
http://winsoft1.com/http://winsoft1.com/setup_b.asp?prj=1&pid=up1&mac=000000000000
http://winsoft1.com/http://winsoft1.com/setup.asp?prj=1&pid=up1&mac=000000000000
http://down.winsoft1.com/http://down.winsoft1.com/down/2/ckuk.exe
3. TCP_Backdoor.Win32.Turkojan attempt to send data to the remote host
Type: Backdoor & Trojan
Description: This event is generated when the sax2 detects that these data are sent to the remote host:
amsBAGLANTI?BAGLANTI?BAGLANTI?BAGLANTI?BAGLANTI?BAGLANTI?BAGLANTI?BAGLANTI?BAGLANTI?amsBAGLANTI?
4. SMTP_Trojan.Win32.Buzus attempt to send e-mail
Type: Backdoor & Trojan
Description: This event is generated when the sax2 detects that the sender or recipients of email is invitations@twitter.com, e-cards@hallmark.com, resume-thanks@google.com, msdn@microsoft.com, msoe@microsoft.com.
5. HTTP_Trojan.Win32.Buzus attempt to request data from the remote host
Type: Backdoor & Trojan
Description: This event is generated when the sax2 detects that the data identified by these following URLs was then requested from the remote web server:
http://whatismyip.com/automation/n09230945.asp
6. TCP_Backdoor Bifrose attempt to send data to the remote host
Type: Backdoor & Trojan
Description: This event is generated when sax2 detected some suspicious traffic, such as: 7B 03B1 2FF0 B622 65CA 17C4 0463 B6F1 75F0 8DD3
4376 2FCE 8C91 0FDA D7B2 5986 861F DAA1
AD89 F47E C620 8C18 BB9B 24AC 0F92 36FD
6931 C121 0373 73C3 8DEF 42E5 F0EC AA8C
4ABF AECC 2300 308D 9144 13B2 3C19 357A
006F A940 4108 EE5E F5B9 35EB ADA5 CFA2
14FC 41BA 7D
7. TCP_Backdoor Bifrose attempt to send data to the remote host
Type: Backdoor & Trojan
Description: This event is generated when sax2 detected some suspicious traffic, such as: D4A2 695F 7622 8E4A 0E12 1387 DBE6 3221 246A 8298 ED4F 5982 F8F5 80A0 25AE 7FE5.
With Regards To AX3 SAX2 , Intruder detection system.
Sincerely
Gurbinder Sharma
IT Professional
I am frm Punjab.I am a Microsoft Certified IT Professional. MY Skills:IT Security,Client/Domain,Cloud,VPN,AD,DNS,DHCP,Relay Agent,Access Point And Networking(LAN/WAN/WLAN/WWAN/Wi-MAX)TCP/IP,Virtualization Computing and diskless networking.
Subscribe To http://gurbindersh.blogspot.com
Posts
All Comments
SHAREPOINT
Spotlight on share server 2010
