Trojan

Win32:Downloader-PKU is a heuristic detection for a Trojan that will communicate with a remote hosts and download other malware. This kind of Trojan is used for a variety of purposes. Most common is to download threat such as password-stealing malware. It is also use to deploy other malware also from the same group. Other attackers may utilize this Trojan to download and install rogue software on the computer.

Read more

Win32/Sirefef.FY is a detection for a variant malware that belongs to a large group of rootkit Trojans. This multi-part family applies a stealth function to hide its presence on the infected computer. It also attempts to avoid detection from antivirus program that is installed on the target computer. It can conceal not only the files, but also the processes it is using while it exists on the computer.

Read more

Win32:Sirefef-PL [Rtk] is part of a multi-modular family of Trojan that has stealth capability to hide its presence on the infected computer. It will inject its code to valid Windows drivers and processes so that it runs everytime Windows starts. Different variants of this threat carry diverse functionalities. However, main goal of Win32:Sirefef-PL [Rtk] is to conceal its presence in order to carry on with its payload.

Read more

Win32:Atraps-PF [Trj] is a detection for Windows components that are compromised by malicious code. In other terms, this is called patching. The purpose of patching legitimate files varies. For an instance, a Trojan patches system files to run a code when Windows starts. Some embed harmful strings at the header of target files to disable certain programs.

Read more

Nginx is a free open source HTTP and proxy server. It may be also utilized as IMAP/POP3 proxy server. Nginx comes from a term EngineX was first released in 2004. To date, it is now used by almost 25 million web sites. In fact, nginx fuels high quality web sites including WordPress, CloudFlare, Netflix, Zynga, Pinterest, GitHub among others.

Read more

Trojan.Dropper.BCMiner is a detection for a series of computer Trojan that was made to drop and execute a program called BitCoin. If you are unaware of this software, it is a virtual online currency, which can be use to transact online. It is accepted globally as virtual tokens that can be exchange for goods and services at venue where it is honored.

Read more

JS:Banker-IC is a detection for a malicious JavaScript file that may steal sensitive data from infected computer. It normally spreads via spam email messages and compromised web sites. Trojan Dropper may also bring JS:Banker-IC into the computer by exploiting security flaw on the system. Instant messenger and social networking site are also observe to be spreading links that can lead victims to risky location.

Read more

Win32/Sirefef.FB.Gen is a module of Win32/Sirefef – a multi-part group of Trojan that controls infected user’s Internet browsing by redirecting search result to unknown web sites. It also tries to produce pay-per-click profit for its authors. Basically, main goal of Win32/Sirefef.FB.Gen is to drive traffic to a web site that can generate revenue via online ads. This family of rootkit Trojan covers several variants that act upon different functions. This includes downloading other malware, hiding its presence, and executing other payload.

Read more

Trojan:Win64/Sirefef.Y is a component of Win64/Sirefef family. A multi-component group of Trojans that manipulates infected computer’s Internet browsing activity. Commonly, it modifies the search result on victim’s PC and redirects it to Trojan location. It also hijacks Internet browser to generate pay-per-click advertising profit for its makers.

Read more