Backdoor:Win32/Trubsil.B

Detected by Microsoft Defender Antivirus

Aliases: Worm.Win32.Luder.bsda (Kaspersky) winpe/Luder.EIF (Norman) SHeur4.BKLG (AVG) Worm/Luder.bsda (Avira) Trojan.Generic.9247830 (BitDefender) Worm.Siggen.10090 (Dr.Web) Win32/Delf.OMG (ESET) W32/Yakes.D!tr (Fortinet) Win32.Delf (Ikarus) Worm.Win32.Luder.bsda (Kaspersky) RDN/Generic.dx!ckl (McAfee) TROJ_SPNR.15GB13 (Trend Micro)

Summary

Windows Defender Antivirus detects and removes this threat.

This threat is a web-based backdoor that performs password-guessing attacks. It uses a list of user names and passwords that it downloads from a remote server.

It can also update itself and download other files, including malware.

To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:

Microsoft Security Essentials or, for Windows 8, Windows Defender
Microsoft Safety Scanner

This threat attempts to steal your sensitive and confidential information to perpetrate fraud. If you believe that your personal financial information may have been compromised, please refer to the following advisory for additional advice:

What to do if you are a victim of fraud

The malware may steal your information by recording your usernames and passwords. After removal of the threat you should change your passwords. Please refer to the following advisory for tips on how to create and use passwords:

Create strong passwords

Backdoor:Win32/Trubsil.B

Summary

What to do now

Technical information

Threat behavior

Installation

Payload

Prevention

Symptoms

System changes