SpywareGuide powered by Actiance Security Labs
Search SpywareGuide Database & Site
Home Access the Guide
List of Products List of Companies List of Categories
Tools
X-RayPC
Terms and Definitions
 
Full Name:
 Dropper.CSU Websearch   Read More
Type: Trojan
Also Known as: Critical Security Update Trojan Trojan.Dropper (Symantec) Trojan-Spy.Win32.Luhn.a (Kaspersky) TrojanDropper:FakeWinupdate (Sunbelt Spyware Research)
SG Index: 5 [Explain]
Removal tools: List of products that detect/remove/protect against Dropper.CSU:
  • IM, P2P control, malware prevention and web filtering in single appliance: Unified Security Gateway
    		•
    Category Description: Trojans are malicious applications that pose themselves as legitimate software in order to trick users to install them. Once on the victim's machine, it may run any number of malicious process to steal vital information or inflict damage to other software.
    Official Description: Has been spammed through email as a Critical Security update.

    Spammed email:
    Subject: Critical security update available

    Microsoft Security Bulletin MS05-039
    Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588)
    Summary:
    Who should receive this document: Customers who use Microsoft Windows
    Impact of Vulnerability: Remote Code Execution and Local Elevation of Privilege
    Maximum Severity Rating: CRITICAL
    Recommendation: Customers should apply the update immediately.
    Security Update Replacement: None
    Caveats: None
    Tested Software and Security Update Download Locations:

    Affected Software:

    ? Microsoft Windows 2000 Service Pack 4 ? Download the update
    ? Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 ? Download the update
    ? Microsoft Windows XP Professional x64 Edition ? Download the update
    ? Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1 ? Download the update
    ? Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems ? Download the update
    ? Microsoft Windows Server 2003 x64 Edition ? Download the update

    Non-Affected Software:

    ? Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME)

    Executive Summary:

    This update resolves a newly-discovered, privately-reported vulnerability. A remote code execution vulnerability exists in Plug and Play (PnP) that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
    pqnelhleyy 266bb3ef 4fbec83c

    Conclusion: We recommend that customers apply the update immediately.

    ? 2005 Microsoft Corporation. All rights reserved. Terms of Use | Trademarks | Privacy Statement
    Comment: Microsoft DOES NOT email security update warnings to users.
    To learn about the Microsoft Security Bulletin MS05-039,
    Please visit this link.
    http://www.microsoft.com/technet/security/bulletin/ms05-039.mspx

    Drops Keylog-Sklog. http://www.spywareguide.com/product_show.php?id=2370

    The data file of logged keystokes can be sent to the malware author via FTP.
       
    Properties:
  •  Adds other software
  •  Connects to the internet
  •  Stealth Tactics
    		•

    Click here to leave feedback for this product
    Recent Modifications
    2012-5-10  NetSpy
    2012-5-1  Unclassified Adware/Spyware
    2012-4-11  Adult Networks/Services
    2012-4-11  CoolWebSearch
    2012-3-13  Misc. Exploits
    2012-2-24  Zango Times
    2012-2-24  About Blank
    2012-1-30  HostSeeker Toolbar
    2012-1-13  2000Cracks
    2012-1-13  7AdPower Dialer
    		 
    Company  | Site and Spyware FAQ
    © Copyright 2003-2011, Actiance, Inc. All rights reserved.   Privacy Policy