2 Replies Latest reply on Jul 12, 2012 7:57 AM by sol

    Needing information regarding Trojan.HTML.Redirector.am (kapersky name)

    sol

      Can anyone give me some information on "Trojan.HTML.Redirector.am" ?

       

      I have a friend who works for another company that uses Kapersky protection for their client servers and has been experienceing hundreds of alerts for the past couple weeks.

       

      I have not seen this trojan or any variant of it in our organization. We use McAfee Enterprise of course and I do not see any reports in our ePO system regarding the HTML/Redirector vatiants and it appears no one else is experiencing it either so he has no guidance to what is happening.

       

      Any information would be appreciated.  And don't say his first mistake is not using McAfee...  lol  i already said that to myself..

        • 1. Re: Needing information regarding Trojan.HTML.Redirector.am (kapersky name)
          Hayton

          Many sightings of this on the web, but McAfee and Microsoft don't have any information on it. Until I find a VirusTotal listing that has Microsoft/McAfee detection names I don't know where to look for it (in the McAfee database anyway).

           

          The only information I found on the Microsoft site was HERE, and it's not very helpful.

           

          Message was edited by: Hayton on 12/07/12 03:00:49 IST
          • 2. Re: Needing information regarding Trojan.HTML.Redirector.am (kapersky name)
            sol

            Thank you Hayton. This was all I could find too. I know McAfee has it's own naming of HTML/redirector variants but no real information about it and I don't see where it has been as active as Kapersky is finding.

             

            The thought is maybe Kapersky is showing a false positive...  but one hates to brush off malicious code as a false positive.  I will see if I can find out what the file path is of these sightings. Maybe that will add something

             

            Message was edited by: sol on 7/12/12 7:57:49 AM CDT