Search
Keyword: ms07047 windows media player 936782
CVE-2009-0086 Integer underflow in Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote HTTP
CVE-2009-0550 Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet
CVE-2008-4255,MS08-070 Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002
An elevation of privilege vulnerability exists in Windows when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run
\{random filename}.dat - detected also as BKDR_VAWTRAK.YJ %ProgramData%\{random filename}.dat - detected also as BKDR_VAWTRAK.YJ (For Windows Vista above ) (Note: %All Users Profile% is the All Users
Trojan:Win32/Bumat!rts, TrojanDownloader:Win32/FakeMS.B (Microsoft); [9.nsis]:FakeAlert-KG (McAfee); Trojan.ADH (Symantec); ARC:NSIS, [$PROGRAMFILES\Common Files\Windows Media Player\mscommon.dll
\Application Data on Windows 2000, XP, and Server 2003, or C:\Users\{user name}\AppData\Roaming on Windows Vista and 7.) Autostart Technique This spyware adds the following registry entries to enable its
\Application Data on Windows 2000, XP, and Server 2003, or C:\Users\{user name}\AppData\Roaming on Windows Vista and 7.) Autostart Technique This spyware adds the following registry entries to enable its
C:\Documents and Settings\{user name}\Application Data on Windows 2000, XP, and Server 2003, or C:\Users\{user name}\AppData\Roaming on Windows Vista and 7.) Autostart Technique This spyware adds the
and 64-bit), Windows Server 2008, and Windows Server 2012.) It does the following: Perform click-fraud Lock screen (see Notes for details) Send system information Update Adobe Flash Player It deletes
FTPVoyager Robo-FTP 3.7 SimonTatham PuTTY SmartFTP SoftX FTP Client Sota FFFTP South River Technologies WebDrive Staff-FTP TurboFTP UltraFXP VanDyke SecureFX Visicom Media WinFTP SFTP It gathers the following
Media\9.0\DECRYPT_INSTRUCTIONS.html %Application Data%\Microsoft\Windows Media\9.0\DECRYPT_INSTRUCTIONS.txt %User Profile%\Templates\DECRYPT_INSTRUCTIONS.html %User Profile%\Templates
Media\9.0\DECRYPT_INSTRUCTIONS.html %Application Data%\Microsoft\Windows Media\9.0\DECRYPT_INSTRUCTIONS.txt %User Profile%\Templates\DECRYPT_INSTRUCTIONS.html %User Profile%\Templates
and Settings\{user name} on Windows 2000, XP, and Server 2003, or C:\Users\{user name} on Windows Vista and 7.) Other System Modifications This Trojan deletes the following files: WINDOWS\MICROS~1.NET
UltraFXP VanDyke SecureFX Visicom Media WebDrive FTP Client (South River Technologies) WinSCP (Martin Prikryl) WinZip FTP (Nico Mak Computing) Wise-FTP WS_FTP (Ipswitch) GlobalSCAPE CuteFTP 9 It gathers the
(Note: %Application Data% is the Application Data folder, where it usually is C:\Documents and Settings\{user name}\Application Data on Windows 2000, Windows Server 2003, and Windows XP (32- and 64-bit);
Media Center.exe %All Users Profile%\Start Menu\Programs\Startup\Windows Update.exe - part of autostart technique %User Temp%\{random characters}\FOTOS\{Random Picture File Name}.jpg.pif %User Temp%\
\desktop.ini %Start Menu%\Programs\Remote Assistance.lnk %Start Menu%\Programs\Windows Media Player.lnk %Start Menu%\Programs\Accessories\Command Prompt.lnk %Start Menu%\Programs\Accessories\desktop.ini %Start
led users to a malicious site that automatically downloaded a fake Adobe Flash Player installer detected as TROJ_KELIHOS.DLR onto their systems. This Trojan connects to http://{BLOCKED}.{BLOCKED
Autostart Technique This spyware adds the following registry entries to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\RunOnce {Random