Summary
ThreatDV - Malware Filter Package #1462 (CONT) February 13. 2018
Details
15530: HTTP: Hamweq.gen1/Worm.AMGO Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15531: HTTP: Trojan-Spy.Win32.Zbot.ecnq Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15532: HTTP: Trojan-PSW.Win32.Agent.ozr Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15535: HTTP: Win32/BitCoinMiner.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15536: HTTP: Worm/Sohanad.aim Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15537: HTTP: Trojan-PSW.Win32.LdPinch.awfp!A2 Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15539: HTTP: Win32/Neshta.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15540: HTTP: Rogue.Win32/Winwebsec Install 3
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15542: HTTP: Win32/Bublik.B Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15543: HTTP: MAC OSX Trojan Campaign .jar file request 1
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15544: TCP: Trojan.Win32.Jorik.Yoddos.no Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15545: HTTP: W32/Chistudi Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15546: HTTP: Win32/SniperSpy Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15547: HTTP: W32/Banker.SPDE!tr Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15548: HTTP: Win32/Spy.Banker.TXN Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15549: HTTP: Win32/VBInject.QW User-Agent (Sek8War)
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15550: HTTP: Backdoor.Omerta Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15551: HTTP: Trojan.Mosucker-60 Checkin 2
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15552: HTTP: Backdoor.Win32.Nuclear.bz Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
16379: HTTP: Trojan-Downloader.Win32.Pher.iee Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
16381: HTTP: Trojan-Spy.Win32.Delf.dv User-Agent (HUIGEZI)
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17607: HTTP: Backdoor.Win32.RShot.bbx User-Agent (ChineseAll)
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17609: HTTP: Trojan.Win32.Pincav.cemf Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17610: HTTP: BScope.Trojan.Banker Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17611: HTTP: Win32/AgentBypass.gen!K Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17612: HTTP: Win32/Soft32Downloader.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17613: HTTP: PWS.Win32/Reveton.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17614: HTTP: Win32/Autoit.NJT Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17615: HTTP: TrojanDownloader.Win32/Banload.ACI Checkin 2
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17617: HTTP: Trojan.FirewallBypass.VqX@aCTjNMlb Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17618: HTTP: Trojan-Banker.Win32.Banker.ssqw Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17620: HTTP: Win32/Spy.Keydoor.D Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17621: HTTP: Win32/Delf.W Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17623: HTTP: Win32/ProxyChanger.EI Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17625: HTTP: Trojan.Win32.Workir.yf Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17627: HTTP: W32/Jorik_Steckt.N!tr Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21366: HTTP: W32/LockScreen Scareware User-Agent (MSlE 6.0)
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21367: HTTP: Trojan.DownLoader5.46426 Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21368: TCP: W32.Virut.CF CnC traffic
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21369: TCP: Trojan.Win32.Swisyn.aqjp Keep Alive
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21371: HTTP: /test.dll Access Possible Trojan.Win32.Sasfis.bqgl
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21372: HTTP: Trojan.Win32.Zapchast.ffs exe Download
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21373: HTTP: Trojan.Generic.KDV.545753 Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21374: HTTP: Rogue.Win32/FakePAV Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21375: HTTP: PWS.Win32/Simda.gen!B checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21377: HTTP: Downloader.Darkmegi Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21378: HTTP: Ransom.EJ/Winlock.5857 Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21379: HTTP: Backdoor.Win32/Simda.gen!A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21380: TCP: Trojan-Dropper.Win32.Agent.eoqo Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21382: HTTP: Win32/Kolilks.B Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21383: HTTP: Win32/Coswid.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21384: FTP: Worm.Win32/Juched.A Retrieving PE file via FTP
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21385: HTTP: Win32/Waledac.R Retrieving exe file
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21388: HTTP: TrojanDownloader.Win32/Begger.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21391: HTTP: Fraudpack-356/RogueAntiSpyware.XPAntivirus Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21392: TCP: Win32/Malex.gen!E Checkin 2
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21394: HTTP: Win32.Agent-AOCW Downloading a3x file
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21395: HTTP: HackTool.Win32.VKTools.na Checkin 3
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21396: SMTP: Trojan-Spy.BAT.ConnSteal!IK sending info via SMTP
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21453: SMTP: W32/Refroso.DZP!tr sending info via SMTP
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21457: HTTP: Trojan.Downloader requesting config to spearphishing campaign
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21458: HTTP: Downloader.Win32.Knigsfot.ev Download Request
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21459: HTTP: Trojan-Downloader.Win32.CodecPack.bajd Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21461: TCP: Win32/Zegost.AD CnC Traffic
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21462: HTTP: PWS.Win32/Frethog.V checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21463: HTTP: PWS.Win32/Frethog.V requesting .exe file
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21465: TCP: Backdoor.Win32.Hupigon.nsn Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21466: HTTP: Trojan.Pakes-1518 Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21467: HTTP: Trojan.Win32.Meredrop request
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21468: SMTP: Backdoor.Win32.Ciadoor.cfu sending info via SMTP
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21469: HTTP: Kraddare/OneScan FakeAV Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21470: HTTP: TR/Pasta.A.152 Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21471: SMTP: Trojan-Banker.Win32.Banpaes.j Sending Info via SMTP
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21472: TCP: njRAT Outbound Inbound (infonj-q8)
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23009: HTTP: Worm.Win32.AutoRun.btdp checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23010: TCP: Win32/Lybsus.A CnC Traffic
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23011: HTTP: Backdoor.Win32.Simda.kv/Proxyier Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
23012: TCP: Hupigon.68562 Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23013: HTTP: PWS.Win32/Sinowal.gen!Y/Torpig Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
23014: TCP: W32/Injector_Autoit.T CnC Traffic
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23016: HTTP: Win32/Sality.AT Checkin 3
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23018: FTP: SpyEyes FTP Channel
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23020: UDP: Trojan/Pasta.rr Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23021: TCP: Win32/Delf.DL Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23022: HTTP: W32.Philis.W Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23023: TCP: Win32/Dokstormac.B Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
24177: HTTP: Win32/Esfury.T Connectivity Check (sstatic1.histats.com)
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
37565: HTTP: TrojanDownloader.Win32/Waledac.C Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39164: HTTP: Trojan-Banker.Win32.Banker.bitn Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39165: HTTP: Rogue.Win32/FakeRean Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39167: HTTP: Trojan-Downloader.Win32.Geral.xit Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39168: HTTP: Win32/Stoberox.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39169: HTTP: Backdoor.Win32.Hupigon Checkin 2
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39170: HTTP: Backdoor.Win32.Koutodoor.aihc Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39171: HTTP: Backdoor.Win32/Hostil.gen!A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39174: HTTP: Net-Worm.Win32.Bobic.bc Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39177: HTTP: Win32/Cleaman.G Checkin 2
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
39178: HTTP: Trojan-Clicker.Win32.VB.alu Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39179: HTTP: Dropper-FQE Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39180: HTTP: WinNT/Nagyo.C!rootkit Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39181: HTTP: Win32/Obvod.K Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39182: HTTP: PHP.Agent.cd Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39183: HTTP: Ransom.Win32.ZedoPoo.aac Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39184: HTTP: Backdoor.Win32.Hupigon.dpgy Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39185: HTTP: Win32/Malagent Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39186: HTTP: Win32/SpyVoltar.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39187: HTTP: Win32/SpyVoltar.A Checkin 2
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39188: HTTP: HackTool.MSIL.Flooder.gen Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39189: HTTP: W32/Downloader.BEMB.dropper Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39190: HTTP: Win32/Clidak.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39191: HTTP: Win32/Optix.X Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
Modified Filters (metadata changes only):
* = Enabled in Default deployments
14111: HTTP: General Downloader or Virut C&C Ack
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
14142: HTTP: Delf HTTP Checkin (1)
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
14154: HTTP: Delf Checkin via HTTP (up)
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
14178: HTTP: Egspy Install Report via HTTP
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
14318: HTTP: Daonol C&C Communication
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15114: HTTP: Pagesinxt Malicious Redirect
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15345: HTTP: RogueAntiSpyware Install
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15382: HTTP: BHO.Win32.Zwangi!IK Install
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15410: HTTP: Trojan-Banker.Win32.Banbra.anwx Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15438: HTTP: Trojan-Banker.Win32.Banker.boyb Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15445: HTTP: Trojan-Downloader.Win32.CWS.ef Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15484: HTTP: Worm.Win32/Heckyebo.B Reporting
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15499: HTTP: Win32/Bancos.AEW Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15509: HTTP: Win32/EyeStye.AE Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15522: HTTP: Ransom.Win32.Gimemo.qea Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15533: HTTP: Backdoor.Zemra Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15541: HTTP: W32/Scar.GKKK!tr Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
16380: HTTP: Backdoor.Win32.Poison Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
17236: HTTP: Downloader.VB.CEJ HTTP Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
17565: HTTP: Likely Redirect to Exploit Pack
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
21365: HTTP: Worm.Win32/VB.BN Checkin 2
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
21376: TCP: Win32/Locotout.gen!A CnC Traffic
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
21386: TCP: Rootkit.Win32.Bootkor.ha CnC Traffic
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
21387: HTTP: W32.Philis.Q Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
21393: TCP: Trojan-Downloader.Win32.Agent.tdzl Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
21456: TCP: WORM_SDBOT.GEN-1 CnC Traffic
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
* 22650: HTTP: Backdoor.MSIL.Scarlobot.A Runtime Detection
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Vulnerability references updated.
23017: TCP: SpyEye Socks Channel Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
23019: TCP: Win32/SSonce.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
25081: HTTP: Farfli User Agent Detected
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
37539: HTTP: Win32.Rorpian.A Checkin 1
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
39172: HTTP: Win32/Wadolin.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
39175: HTTP: Win32/Opachki.F Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
Removed Filters:
17616: HTTP: W32/Karagany.TK Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
21370: HTTP: Win32/Banker.AEA Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
21454: SMTP: Gen.Win32.SMTP-Mailer.!GW@aG6DWHbc sending info via SMTP
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15531: HTTP: Trojan-Spy.Win32.Zbot.ecnq Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15532: HTTP: Trojan-PSW.Win32.Agent.ozr Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15535: HTTP: Win32/BitCoinMiner.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15536: HTTP: Worm/Sohanad.aim Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15537: HTTP: Trojan-PSW.Win32.LdPinch.awfp!A2 Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15539: HTTP: Win32/Neshta.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15540: HTTP: Rogue.Win32/Winwebsec Install 3
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15542: HTTP: Win32/Bublik.B Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15543: HTTP: MAC OSX Trojan Campaign .jar file request 1
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15544: TCP: Trojan.Win32.Jorik.Yoddos.no Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15545: HTTP: W32/Chistudi Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15546: HTTP: Win32/SniperSpy Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15547: HTTP: W32/Banker.SPDE!tr Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15548: HTTP: Win32/Spy.Banker.TXN Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15549: HTTP: Win32/VBInject.QW User-Agent (Sek8War)
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15550: HTTP: Backdoor.Omerta Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15551: HTTP: Trojan.Mosucker-60 Checkin 2
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
15552: HTTP: Backdoor.Win32.Nuclear.bz Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
16379: HTTP: Trojan-Downloader.Win32.Pher.iee Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
16381: HTTP: Trojan-Spy.Win32.Delf.dv User-Agent (HUIGEZI)
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17607: HTTP: Backdoor.Win32.RShot.bbx User-Agent (ChineseAll)
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17609: HTTP: Trojan.Win32.Pincav.cemf Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17610: HTTP: BScope.Trojan.Banker Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17611: HTTP: Win32/AgentBypass.gen!K Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17612: HTTP: Win32/Soft32Downloader.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17613: HTTP: PWS.Win32/Reveton.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17614: HTTP: Win32/Autoit.NJT Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17615: HTTP: TrojanDownloader.Win32/Banload.ACI Checkin 2
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17617: HTTP: Trojan.FirewallBypass.VqX@aCTjNMlb Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17618: HTTP: Trojan-Banker.Win32.Banker.ssqw Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17620: HTTP: Win32/Spy.Keydoor.D Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17621: HTTP: Win32/Delf.W Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17623: HTTP: Win32/ProxyChanger.EI Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17625: HTTP: Trojan.Win32.Workir.yf Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
17627: HTTP: W32/Jorik_Steckt.N!tr Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21366: HTTP: W32/LockScreen Scareware User-Agent (MSlE 6.0)
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21367: HTTP: Trojan.DownLoader5.46426 Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21368: TCP: W32.Virut.CF CnC traffic
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21369: TCP: Trojan.Win32.Swisyn.aqjp Keep Alive
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21371: HTTP: /test.dll Access Possible Trojan.Win32.Sasfis.bqgl
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21372: HTTP: Trojan.Win32.Zapchast.ffs exe Download
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21373: HTTP: Trojan.Generic.KDV.545753 Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21374: HTTP: Rogue.Win32/FakePAV Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21375: HTTP: PWS.Win32/Simda.gen!B checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21377: HTTP: Downloader.Darkmegi Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21378: HTTP: Ransom.EJ/Winlock.5857 Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21379: HTTP: Backdoor.Win32/Simda.gen!A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21380: TCP: Trojan-Dropper.Win32.Agent.eoqo Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21382: HTTP: Win32/Kolilks.B Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21383: HTTP: Win32/Coswid.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21384: FTP: Worm.Win32/Juched.A Retrieving PE file via FTP
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21385: HTTP: Win32/Waledac.R Retrieving exe file
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21388: HTTP: TrojanDownloader.Win32/Begger.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21391: HTTP: Fraudpack-356/RogueAntiSpyware.XPAntivirus Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21392: TCP: Win32/Malex.gen!E Checkin 2
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21394: HTTP: Win32.Agent-AOCW Downloading a3x file
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21395: HTTP: HackTool.Win32.VKTools.na Checkin 3
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21396: SMTP: Trojan-Spy.BAT.ConnSteal!IK sending info via SMTP
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21453: SMTP: W32/Refroso.DZP!tr sending info via SMTP
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21457: HTTP: Trojan.Downloader requesting config to spearphishing campaign
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21458: HTTP: Downloader.Win32.Knigsfot.ev Download Request
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21459: HTTP: Trojan-Downloader.Win32.CodecPack.bajd Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21461: TCP: Win32/Zegost.AD CnC Traffic
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21462: HTTP: PWS.Win32/Frethog.V checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21463: HTTP: PWS.Win32/Frethog.V requesting .exe file
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21465: TCP: Backdoor.Win32.Hupigon.nsn Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21466: HTTP: Trojan.Pakes-1518 Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21467: HTTP: Trojan.Win32.Meredrop request
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21468: SMTP: Backdoor.Win32.Ciadoor.cfu sending info via SMTP
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21469: HTTP: Kraddare/OneScan FakeAV Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21470: HTTP: TR/Pasta.A.152 Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21471: SMTP: Trojan-Banker.Win32.Banpaes.j Sending Info via SMTP
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
21472: TCP: njRAT Outbound Inbound (infonj-q8)
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23009: HTTP: Worm.Win32.AutoRun.btdp checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23010: TCP: Win32/Lybsus.A CnC Traffic
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23011: HTTP: Backdoor.Win32.Simda.kv/Proxyier Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
23012: TCP: Hupigon.68562 Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23013: HTTP: PWS.Win32/Sinowal.gen!Y/Torpig Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
23014: TCP: W32/Injector_Autoit.T CnC Traffic
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23016: HTTP: Win32/Sality.AT Checkin 3
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23018: FTP: SpyEyes FTP Channel
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23020: UDP: Trojan/Pasta.rr Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23021: TCP: Win32/Delf.DL Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23022: HTTP: W32.Philis.W Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
23023: TCP: Win32/Dokstormac.B Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
24177: HTTP: Win32/Esfury.T Connectivity Check (sstatic1.histats.com)
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
37565: HTTP: TrojanDownloader.Win32/Waledac.C Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39164: HTTP: Trojan-Banker.Win32.Banker.bitn Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39165: HTTP: Rogue.Win32/FakeRean Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39167: HTTP: Trojan-Downloader.Win32.Geral.xit Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39168: HTTP: Win32/Stoberox.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39169: HTTP: Backdoor.Win32.Hupigon Checkin 2
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39170: HTTP: Backdoor.Win32.Koutodoor.aihc Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39171: HTTP: Backdoor.Win32/Hostil.gen!A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39174: HTTP: Net-Worm.Win32.Bobic.bc Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39177: HTTP: Win32/Cleaman.G Checkin 2
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
39178: HTTP: Trojan-Clicker.Win32.VB.alu Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39179: HTTP: Dropper-FQE Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39180: HTTP: WinNT/Nagyo.C!rootkit Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39181: HTTP: Win32/Obvod.K Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39182: HTTP: PHP.Agent.cd Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39183: HTTP: Ransom.Win32.ZedoPoo.aac Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39184: HTTP: Backdoor.Win32.Hupigon.dpgy Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39185: HTTP: Win32/Malagent Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39186: HTTP: Win32/SpyVoltar.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39187: HTTP: Win32/SpyVoltar.A Checkin 2
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39188: HTTP: HackTool.MSIL.Flooder.gen Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39189: HTTP: W32/Downloader.BEMB.dropper Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39190: HTTP: Win32/Clidak.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
39191: HTTP: Win32/Optix.X Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
Modified Filters (metadata changes only):
* = Enabled in Default deployments
14111: HTTP: General Downloader or Virut C&C Ack
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
14142: HTTP: Delf HTTP Checkin (1)
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
14154: HTTP: Delf Checkin via HTTP (up)
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
14178: HTTP: Egspy Install Report via HTTP
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
14318: HTTP: Daonol C&C Communication
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15114: HTTP: Pagesinxt Malicious Redirect
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15345: HTTP: RogueAntiSpyware Install
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15382: HTTP: BHO.Win32.Zwangi!IK Install
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15410: HTTP: Trojan-Banker.Win32.Banbra.anwx Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15438: HTTP: Trojan-Banker.Win32.Banker.boyb Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15445: HTTP: Trojan-Downloader.Win32.CWS.ef Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15484: HTTP: Worm.Win32/Heckyebo.B Reporting
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15499: HTTP: Win32/Bancos.AEW Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15509: HTTP: Win32/EyeStye.AE Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15522: HTTP: Ransom.Win32.Gimemo.qea Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15533: HTTP: Backdoor.Zemra Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
15541: HTTP: W32/Scar.GKKK!tr Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
16380: HTTP: Backdoor.Win32.Poison Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
17236: HTTP: Downloader.VB.CEJ HTTP Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
17565: HTTP: Likely Redirect to Exploit Pack
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
21365: HTTP: Worm.Win32/VB.BN Checkin 2
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
21376: TCP: Win32/Locotout.gen!A CnC Traffic
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
21386: TCP: Rootkit.Win32.Bootkor.ha CnC Traffic
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
21387: HTTP: W32.Philis.Q Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
21393: TCP: Trojan-Downloader.Win32.Agent.tdzl Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
21456: TCP: WORM_SDBOT.GEN-1 CnC Traffic
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
* 22650: HTTP: Backdoor.MSIL.Scarlobot.A Runtime Detection
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Vulnerability references updated.
23017: TCP: SpyEye Socks Channel Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
23019: TCP: Win32/SSonce.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
25081: HTTP: Farfli User Agent Detected
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
37539: HTTP: Win32.Rorpian.A Checkin 1
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
39172: HTTP: Win32/Wadolin.A Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
39175: HTTP: Win32/Opachki.F Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
Removed Filters:
17616: HTTP: W32/Karagany.TK Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
21370: HTTP: Win32/Banker.AEA Checkin
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
21454: SMTP: Gen.Win32.SMTP-Mailer.!GW@aG6DWHbc sending info via SMTP
- IPS Version: 3.7.0 and after.
- NGFW Version: 1.1.1 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
