Thank you for subscribing to Threat Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs. New content is now available at the Threat Management Center (TMC): https://tmc.tippingpoint.com To learn more about the capabilities of this filter set, please reference: TippingPoint Deployment Note: Threat Digital Vaccine (ThreatDV). SMS customers can update the malware filter set through the SMS client. Go to Profiles > Auxiliary DVs > Download to detect and load the latest update. |
System Requirements The malware filter package requires TOS v3.7.0.4200, NGFW v1.1.1.4200, TPS v4.0.0.4300, vTPS v4.0.1.4300 and higher. This filter package is supported only on the N and NX Platform IPS, NGFW, TPS and vTPS systems licensed for the ThreatDV (formerly ReputationDV) service. |
The Malware Filter Package can also be manually downloaded from the following URL: https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=malware&contentId=Malware_3.7.0_1604.pkg |
Update Details
Table of Contents
--------------------------
Filters
New Filters - 9
Modified Filters (logic changes) - 0
Modified Filters (metadata changes only) - 0
Removed Filters - 276
Filters
----------------
New Filters:
34854: SMTP: Trojan.MSIL.Samiilogge.A Runtime Detection - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Virus - Severity: High - Description: This filter is deployed in the Malware Filter Package. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) 34855: HTTP: Trojan-Downloader.MacOS.Malxmloader.A Runtime Detection - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Virus - Severity: High - Description: This filter is deployed in the Malware Filter Package. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) 34856: HTTP: Trojan.MSIL.Asquarste.A Runtime Detection - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Virus - Severity: High - Description: This filter is deployed in the Malware Filter Package. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) 34857: HTTP: Backdoor.Win64.RisingSun.A Runtime Detection - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Virus - Severity: High - Description: This filter is deployed in the Malware Filter Package. - Deployment: Not enabled by default in any deployment. 34884: SMTP: Trojan.MSIL.Qwersiaho.A Runtime Detection - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Virus - Severity: High - Description: This filter is deployed in the Malware Filter Package. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) 34885: HTTP: Trojan-Downloader.MSIL.Picspliex.A Runtime Detection - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Virus - Severity: High - Description: This filter is deployed in the Malware Filter Package. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) 34886: HTTP: Trojan-Downloader.MSIL.Eylinkfil.A Runtime Detection - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Virus - Severity: High - Description: This filter is deployed in the Malware Filter Package. - Deployment: Not enabled by default in any deployment. 34887: HTTP: Trojan.MSIL.Shenderwhell.A Runtime Detection - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Virus - Severity: High - Description: This filter is deployed in the Malware Filter Package. - Deployment: Not enabled by default in any deployment. 34888: HTTP: Backdoor.Win32.Slub.A Runtime Detection - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Virus - Severity: High - Description: This filter is deployed in the Malware Filter Package. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) Modified Filters (logic changes): None Modified Filters (metadata changes only): None Removed Filters: 16158: HTTP: Trojan.Autoit.F Checkin 4 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16159: HTTP: Win32/Paramis.A Checkin 2 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16166: HTTP: Backdoor.Win32.Nbdd.bsj Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16167: HTTP: Backdoor.Win32.Nbdd.bsj Checkin 2 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16168: HTTP: W32/Agent.EW.gen Checkin 2 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16169: HTTP: W32/DelfInject.R Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16170: HTTP: W32/DelfInject.R Checkin 2 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16171: HTTP: W32/DelfInject.R Checkin 3 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16172: HTTP: TrojWare.Win32.Amtar.KNB Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16173: HTTP: TrojWare.Win32.Amtar.KNB Checkin 2 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16175: HTTP: Trojan-Downloader.Win32.Vivia.r Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16177: HTTP: Win32/Spy.KeyLogger.NTB Checkin 2 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16178: HTTP: Trojan.DownLoader9.48256 Checkin 2 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16179: HTTP: Win32/Phrewhid.A Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16180: HTTP: Win32/Phrewhid.A Checkin 2 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16181: HTTP: Win32/Spy.KeyLogger.NTB Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16182: IRC: Win32.Kespy.b IRC LOGIN - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16183: HTTP: Win32/TrojanDownloader.Agent.AJX Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16186: HTTP: Win32/TrojanDownloader.Agent.ALG Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16187: HTTP: Trojan.Win32.Cossta.gns Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16188: HTTP: Trojan-Downloader.Win32.Banload.cqhl Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16189: HTTP: Variant.Graftor.136459 Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16195: HTTP: Backdoor.Win32.Agent.bg Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16197: HTTP: Win32/Tearspear.A Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16198: HTTP: Trojan-PSW.Win32.QQDragon.bq Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16200: HTTP: Win32/Chksyn.gen!A Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16203: HTTP: Backdoor.Win32.Destrukor.20 Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16210: HTTP: Win32/Agent.RNW Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16342: HTTP: Artro Downloader User-Agent Detected - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16343: HTTP: Win32/Daemonize Trojan Proxy Initial Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16345: HTTP: FakeAV Landing Page - Viruses were found - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16346: TCP: W32/DownloaderAgent.fajk Successful Infection CnC Beacon - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16348: TCP: CommentCrew Possible APT c2 communications get system - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16349: HTTP: CommentCrew Possible APT c2 communications get command client key - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16352: HTTP: Trojan.Win32.FresctSpy.A User-Agent (MBVDFRESCT) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16355: HTTP: Onkods.A Downloader Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16356: HTTP: W32/SpeedingUpMyPC.Rootkit Successful Install GET Type CnC Beacon - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16364: HTTP: Win32/Spy.Banker.AAQD Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16365: HTTP: Soraya C2 User-Agent - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16366: HTTP: Soraya C2 User-Agent (Vulture) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16367: HTTP: Soraya C2 User-Agent (xehanort321) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16369: HTTP: Backdoor.Win32/Etumbot.B Requesting RC4 Key - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16370: HTTP: Win32/Dogrobot Checkin on HTTP_PORTS - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16371: HTTP: Win32.Buzus.dxxe Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16372: HTTP: Generic.1246C1DD Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16373: TCP: Backdoor.Win32.Veebuu.BX Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16374: HTTP: Win32/Nosrawec.C Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16376: HTTP: TrojanDownloader.Win32/Delf.NK - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16377: HTTP: Win32/TrojanDownloader.Banload.QOR Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16378: HTTP: Win32/Bloropac Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16379: HTTP: Trojan-Downloader.Win32.Pher.iee Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16380: HTTP: Backdoor.Win32.Poison Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16381: HTTP: Trojan-Spy.Win32.Delf.dv User-Agent (HUIGEZI) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16382: HTTP: Win32/Opachki.I Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16383: HTTP: Win32/FakeMSA.gen!A Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16385: HTTP: Backdoor.Win32.Asylum.013 reporting via ICQ WWW script - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16390: HTTP: W32/VBTrojan.Downloader.1D!Maxi Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16393: HTTP: Trojan/Win32.FraudPack User-Agent (Downloader MLR 1.0.0) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16396: HTTP: TROJ_PIDIEF.SMKX PDF Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16397: HTTP: Trojan.Win32.VB.cjzn Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16398: HTTP: Trojan/Downloader.Agent.gxth Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16399: HTTP: Win32/Tocoomu.A Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16402: HTTP: Backdoor.Win32.Rukap Checkin 2 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16403: HTTP: Win32.Induc.O Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16406: HTTP: Trojan.Win32.Swisyn.dcit Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16409: HTTP: Trojan-Downloader.Win32.Small.gri Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16416: HTTP: Trojan-PSW.Win32.QQShou.ch User-Agent - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16420: HTTP: Downloader (P2P Zeus dropper UA) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 16439: HTTP: Variant.Zusy.95263 Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17219: HTTP: Dumador Reporting User Activity - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17221: SMTP: Banker.Delf Infection variant 2 - Sending Initial Email to Owner - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17232: HTTP: Win32.Agent.pt User-Agent Detected - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17233: HTTP: Prg Trojan HTTP POST version 2 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17236: HTTP: Downloader.VB.CEJ HTTP Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17238: HTTP: Virtumod/Agent.ufv/Virtumonde Get Request - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17239: HTTP: Piptea.a Related Trojan Checkin (3) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17247: HTTP: Win32/Nubjub.A HTTP Check-in - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17250: HTTP: Win32/InternetAntivirus User-Agent (Internet Antivirus Pro) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17252: HTTP: W32/Scar Downloader Request - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17253: HTTP: Sasfis Botnet Client Reporting Back to Controller After Command Execution - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17260: HTTP: Slugin.A PatchTimeCheck.dat Request - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17261: HTTP: SslCrypt Server Communication - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17277: HTTP: W32/TCYWin.Downloader User-Agent - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17279: HTTP: Backdoor.Win32.Ixeshe - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17288: HTTP: Pushbot User-Agent - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17306: HTTP: APT_NGO_wuaclt C2 Check-in - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17312: HTTP: Hangover Campaign Keylogger 2 checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17319: TCP: KeyBoy Backdoor Login - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17324: HTTP: Neutrino Exploit Kit Redirector To Landing Page - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17325: HTTP: Proxychecker Lookup - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17327: TCP: Gh0st_Apple Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17334: HTTP: Unknown EK Initial Payload Internet Connectivity Check - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17339: TCP: W32/FakeAlert.FT.gen.Eldorado Downloading DLL - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17340: HTTP: W32/Kbot.Backdoor Variant CnC Beacon - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17341: HTTP: W32/Zeus.InfoStealer Infection Campaign Heap.exe Request - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17345: TCP: Win32/Tapazom.A - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17346: TCP: Win32/Tapazom.A 2 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17352: HTTP: Backdoor.Win32.Mecklow.A Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17356: TCP: PandoraRat/Refroso.bsp Directory Listing Sent To Server - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17359: HTTP: Miniduke Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17361: HTTP: Soraya C2 User-Agent (rhyno321) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17362: HTTP: Soraya C2 User-Agent (SBTCM) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17363: HTTP: Soraya C2 User-Agent (slayer) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17364: HTTP: Soraya C2 User-Agent (VHIbot/1.0) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17371: HTTP: EtumBot Ping - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17376: HTTP: Pandemiya User-Agent - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17377: TCP: Putter Panda 3PARA RAT initial beacon - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17380: HTTP: Andr/com.sdwiurse - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17383: HTTP: Dyreza RAT Checkin Response - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17386: HTTP: Possible W32/VBKlip BAN Download - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17391: HTTP: BANKER.WIN32.BANBRA.BEEC Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17392: HTTP: CyberGate RAT User-Agent (USER_CHECK) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17393: HTTP: Safe/CritX/FlashPack EK Secondary Landing Jul 11 2014 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17395: SMTP: Predator Pain Sending Data over SMTP - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17396: SMTP: Pain File Stealer sending wallet.dat via SMTP - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17398: HTTP: XPSecurityCenter FakeAV Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17400: HTTP: Win32/Swizzor User-Agent (Swizz03r) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17410: HTTP: OneLouder Common URI Struct - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17412: TCP: Archie.EK CVE-2013-2551 URI Struct - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17414: HTTP: Variant.Strictor Dropper - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17417: HTTP: Suspicious User-Agent (Asteria md5) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17421: TCP: Archie EK Secondary Landing Aug 24 2014 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17423: HTTP: FlashPack EK Redirect Aug 25 2014 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17424: HTTP: FlashPack EK Exploit Landing Aug 25 2014 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17425: HTTP: Safe/CritX/FlashPack Java Payload - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17426: HTTP: BleedingLife EK Variant Aug 26 2014 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17427: HTTP: Offensive Security EMET Bypass Observed in BleedingLife Variant Aug 26 2014 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17429: HTTP: RIG EK Landing URI Struct - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17431: HTTP: FlashPack EK Redirect Sept 01 2014 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17432: HTTP: HighTide trojan Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17435: HTTP: Astrum EK Landing - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17436: HTTP: Astrum EK Landing - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17440: FTP: TSPY_POCARDL.U Possible FTP Login - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17441: HTTP: DecebalPOS Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17442: HTTP: DecebalPOS User-Agent - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17446: HTTP: Nuclear EK Redirect Sept 18 2014 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17447: HTTP: Nuclear EK Redirect Sept 18 2014 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17448: HTTP: NewPosThings Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17450: HTTP: NewPosThings POST with Fake UA and Accept Header - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17470: IRC: Reply Sinkhole - irc-sinkhole.cert.pl - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17487: HTTP: OLDBAIT Checkin sptr - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17488: HTTP: OLDBAIT Checkin 2 brvc - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17489: HTTP: Sofacy HTTP Request adawareblock.com - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17490: HTTP: Sofacy HTTP Request adobeincorp.com - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17503: HTTP: Sofacy HTTP Request updatepc.org - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17506: HTTP: Sofacy HTTP Request checkmalware.org - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17508: HTTP: Sofacy HTTP Request msonlinelive.com - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17509: HTTP: FlashPack Payload Download Oct 29 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17510: HTTP: FakeSupport - Landing Page - Windows Firewall Warning - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17511: HTTP: FakeSupport - URI - windows-firewall.png - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17512: HTTP: FakeSupport - Landing Page - Operating System Check - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17513: HTTP: Likely SweetOrange EK Java Exploit Struct (JNLP) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17514: HTTP: Poweliks Abnormal HTTP Headers high likelihood of Poweliks infection - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17515: HTTP: Possible EITest Flash Redirect - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17528: HTTP: Job314 EK Landing Nov 10 2014 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17538: HTTP: Malware Connectivity Check to Google - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17541: HTTP: SPL2 EK Landing Nov 18 2014 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17542: HTTP: SPL2 EK Flash Exploit Nov 18 2014 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17544: HTTP: Rerdom/Asprox CnC Beacon - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17547: HTTP: HTTP Request to a *.cvredirect.no-ip.net domain - CoinLocker Domain - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17550: HTTP: W32/Hyteod.Downloader CnC Beacon - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17552: HTTP: W32/Coinminer.Backdoor CnC Beacon - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17553: HTTP: W32/Wadolin.Downloader CnC Beacon - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17554: HTTP: Trojan/W32.KRBanker.60928.C Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17556: TCP: Backdoor.Win32.Remosh.A Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17557: HTTP: Backdoor.Win32.Mexbank.A Response - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17558: HTTP: Backdoor.Win32.Omexo.C Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17560: TLS: Backdoor.Win32.Badpuck.A Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17563: HTTP: Trojan.Win32.Socnet.A Activity - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17565: HTTP: Likely Redirect to Exploit Pack - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17566: HTTP: Win32.Phobiq Keylogger Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17567: HTTP: Virus Hunter FakeAV Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17568: HTTP: Trojan.Win32.SharkQWT.A Checkin 1 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17569: SMTP: ProRat Keylogger Infection Report via Email - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17570: HTTP: Generic Dropper/Trattraps Checkin 1 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17571: HTTP: Generic Dropper/Trattraps Checkin 2 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17572: HTTP: Generic Dropper/Trattraps Checkin 3 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17573: TCP: Win32.VBKrypt.gen Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17575: HTTP: Suspicious User-Agent (HTTPCSDCENTER) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17576: HTTP: PSW.Agent.wve Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17580: HTTP: Win32.TRDldr.VB.Acbi Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17582: HTTP: Suspicious User-Agent (BSC Agent) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17583: HTTP: Backdoor.Win32.Idicaf.B Checkin 1 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17584: TCP: Backdoor.Win32.Idicaf.B Checkin 2 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17585: HTTP: Suspicious User-Agent (ST3PS) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17586: HTTP: Generic.6214699 Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17587: HTTP: Genome.cnqp Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17588: HTTP: Trojan-Downloader.Win32.Yakes.cbi Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17589: HTTP: W32/Infostealer.A!Maximus Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17590: HTTP: Trojan.Win32.Syswrt.dvd Checkin 2 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17591: HTTP: Generic.122EAAF6 Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17592: HTTP: Win32/Startpage.QU Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17593: HTTP: Win32/Rimod Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17594: HTTP: Trojan.Generic.KDV.274800 Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17595: HTTP: Application.Generic.379873 Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17597: HTTP: Sasfis/Atraps.AVWU/AMTU.Proxy Contacting CnC via Google Translate - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17598: HTTP: W32/Gabpath.A.gen!Eldorado User-Agent (OCRecover) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17599: HTTP: Win32/Bofang.B Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17600: HTTP: Trojan.Win32.Scar.ekzu Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17601: HTTP: Trojan-PWS.Banker6 Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17602: HTTP: Win32/Agent.CS Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17604: HTTP: Backdoor.Win32/Hanove.A User-Agent (SIMPLE) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17605: HTTP: Win32/Banker.ABU Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17606: HTTP: Trojan-Downloader.BAT.Banload.p Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17607: HTTP: Backdoor.Win32.RShot.bbx User-Agent (ChineseAll) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17609: HTTP: Trojan.Win32.Pincav.cemf Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17610: HTTP: BScope.Trojan.Banker Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17611: HTTP: Win32/AgentBypass.gen!K Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17612: HTTP: Win32/Soft32Downloader.A Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17613: HTTP: PWS.Win32/Reveton.A Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17614: HTTP: Win32/Autoit.NJT Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17617: HTTP: Trojan.FirewallBypass.VqX@aCTjNMlb Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17618: HTTP: Trojan-Banker.Win32.Banker.ssqw Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17620: HTTP: Win32/Spy.Keydoor.D Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17621: HTTP: Win32/Delf.W Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17623: HTTP: Win32/ProxyChanger.EI Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17625: HTTP: Trojan.Win32.Workir.yf Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17627: HTTP: W32/Jorik_Steckt.N!tr Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17628: HTTP: Trojan-Downloader.Win32.VB.woy Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17629: HTTP: Win32/FakePlus Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17630: HTTP: Variant.Barys.4238 User-Agent - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17631: HTTP: W32/DragonEye.C Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17632: HTTP: Downloader.Win32.Adload.cfms .exe file download - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17633: HTTP: Win32/Darksnow.A User-Agent (blackice/1.0) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17635: HTTP: Win32/Talsab.A Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17636: HTTP: PSW.Win32.OnLineGames.c Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17637: HTTP: Troj/FakeAV-GBS Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17638: HTTP: Trojan-Clicker.Win32.VB.gby Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17639: HTTP: Trojan-Banker.Win32.Banker.bamf Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17640: SMTP: PSW.LdPinch.NCB Reporting via SMTP - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17641: HTTP: Trojan.Win32.Agent.angq / Worm.Win32.Koobface Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17642: HTTP: Trojan.Fakealert Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17644: HTTP: W32/Daws.AKWI!tr Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17648: HTTP: Trojan-Downloader.Win32.IstBar.q Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17649: HTTP: Downloader.Win32.FraudLoad.jh Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17650: HTTP: Trojan-Downloader.Win32.Small.fg Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17651: HTTP: Backdoor.Win32/Gspy.A Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17653: HTTP: Xtrat/xRAT Checkin 3 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17655: HTTP: Win32/Tofumanics.C Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17656: SMTP: Backdoor.Win32/Netbus reporting via smtp - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17657: HTTP: Trojan.Win32.Agent.srma Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17659: HTTP: Trojan.Win32.Small.bci Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17660: HTTP: Trojan-Spy.Win32.KeyLogger.acqh Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17663: HTTP: Trojan.Letsgo Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17664: HTTP: Trojan.Foxy Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17667: HTTP: Win32/ProxyChanger.HO Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17668: HTTP: Win32/Obfuscator.XY requesting soft.xml - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17669: HTTP: Trojan.Generic.KDV.807443 Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17670: HTTP: TR/Dldr.Delphi.Gen Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17673: HTTP: Trojan-Downloader.Win32.VB.gzui Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17674: HTTP: Post_show RAT checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17675: HTTP: Win32/Spy.Banker.QEP Checkin 2 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17676: HTTP: Win32/Zipdri.A Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17677: HTTP: Win32/VB.ONY Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17678: HTTP: Trojan-Spy.Win32.NSM.a Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17679: HTTP: Trojan.Win32.Agent.dxc / BDS/Singu.DY Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17680: HTTP: Trojan-Clicker.Win32.AutoIt.bw Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17681: HTTP: Trojan.Autoit.F Checkin 3 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17682: HTTP: Trojan.Win32.Pincav.cngr Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17683: HTTP: Trojan-Ransom.Win32.Foreign.ehru Checkin 2 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17685: HTTP: Win32.Orsam/Cosmo Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17686: HTTP: Win32.Jorik.Agent.mi 2 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17689: HTTP: Trojan-Downloader.Win32.Agent.auv Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17692: HTTP: Trojan.Win32.Weelsof.pnn Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17693: HTTP: Win32/Sincom.Y Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17696: TCP: njRAT CNC - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17698: HTTP: TrojanSpy.Win32/Mafod!rts Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17699: HTTP: Worm/Win32.WhiteIce.gen Checkin 1 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17700: HTTP: Trojan-Dropper.Win32.Dapato.cvia Checkin 1 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17701: HTTP: Variant.Zusy.24405 Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17702: HTTP: Trojan-Dropper.Win32.Dapato.cvia Checkin 2 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17703: HTTP: Worm.Win32.AutoRun.bzxw Checkin 1 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17704: HTTP: Andr/DroidRt-A Checkin - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17708: HTTP: User-Agent (explwer) - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 17709: SMTP: Worm.Win32/Netsky.F@mm spreading via SMTP 5 - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. 22955: TCP: Backdoor.Win32.Zmnada.A Activity - IPS Version: 3.7.0 and after. - NGFW Version: 1.1.1 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after.Top of the Page