TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

591

592

593

594

595

596

597

598

599

600

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

600

Signature ID: 28024

MALWARE BetterInternet (randreco.exe) Vulnerability

Threat Level: Information

Signature Description: The systems are directed to a site that is capable of installing malwares in the systems.

Malwares are the software's that pass user's activities to external sites. Adware BetterInternet is a Browser Helper

Object that displays advertisements and downloads and installs files. This signature detects when packet has pattern

'randreco.exe'.

Signature ID: 28025

MALWARE Twaintech Download Vulnerability

Threat Level: Warning

Signature Description: The systems are directed to a site that is capable of installing malwares in the systems.

Malwares are the softwares that pass user's activities to external sites. Adware Twaintech is a Browser Helper Object

that displays advertisements and downloads and installs files. Aliases include Win32/Spy.BiSpy.C trojan[Eset],

Adware/Twain-Tech[Panda], Spyware/BetterInet[Panda], Adware/MultiMPP[Panda], Trojan.Win32.Keyhost.e

(Kaspersky AV), Adware-Searchcentrix [McAfee], Twain-Tech adware.

Signature ID: 28026

MALWARE Twaintech Reporting Vulnerability

Threat Level: Warning

Signature Description: The systems are directed to a site that is capable of installing malwares in the systems.

Malwares are the softwares that pass user's activities to external sites. Adware Twaintech is a Browser Helper Object

that displays advertisements and downloads and installs files, then it will collect browsing session information and

send(reporting) it back to the company's servers. Aliases include Win32/Spy.BiSpy.C trojan[Eset], Adware/Twain-

Tech[Panda], Spyware/BetterInet[Panda], Adware/MultiMPP[Panda], Trojan.Win32.Keyhost.e (Kaspersky AV),

Adware-Searchcentrix [McAfee], Twain-Tech adware.

Signature ID: 28027

Access to MALWARE Bonziportal site Vulnerability

Threat Level: Warning

Signature Description: BonziBuddy is an advertising-oriented spyware program (adware) for Microsoft Windows

operating systems. The systems are directed to a site that is capable of installing malwares in the systems. Malwares are

the softwares that pass user's activities to external sites. ConsumerWebWatch refers to BonziBuddy as a "Backdoor

Santa": a stand-alone program that have no links to adware networks or no ad-serving, but that collect information from

users. BonziBuddy can also connect and download arbitrary code from a server, which would then be executed on the

victim's system.

Signature ID: 28028

Bundleware Spyware Download Vulnerability

Threat Level: Information

Signature Description: Spyware is a program or software that resides on an infected computer and collects various

information about the users without their informed consent. Bunleware is spyware that continues to download other

viruses, worms, Trojans, etc. It downloads useless information onto user's computer, without user knowledge or

consent.