Search
Keyword: usojan.ps1.powload.jkp
= "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center\Svc AntiVirusOverride = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center\Svc AntiVirusDisableNotify = "1" HKEY_LOCAL_MACHINE
\SharedDlls %System%\RICHTX32.ocx = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\SharedDlls %System%\Mscomctl.ocx = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion
Objects\{5CB02877-EFBC-4317-B608-9E24B11BAB40} NoExplorer = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ AppID\{09C554C3-109B-483C-A06B-F14172F1A947} (Default) = "escort" HKEY_LOCAL_MACHINE\SOFTWARE\Classes
CVE-2008-4068 Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass
"0" HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Internet Settings\ Zones\1 2001 = "0" HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Internet Settings\ Zones\1 2004 = "0
\Windows Media Player\5\4\2\a\d\e\6\b\3\6\d\0\f\1\0\a\2\1\6\e\b\5\5\9\8\5\d\d\7\4\e\e\autorun.inf\svchost.exe¡¡ (Note: %Program Files% is the default Program Files folder, usually C:\Program Files.) It
Windows Media Player DisplayIcon = "%Program Files%\DFX\WMP\Icons\dfx.ico" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ DFX for Windows Media Player NoModify = 1
%Program Files%\IEPro\ HKEY_LOCAL_MACHINE\SOFTWARE\IEPro ShowGrabPro = 1 HKEY_LOCAL_MACHINE\SOFTWARE\IEPro ver = 2.5.1 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ IE7Pro
CVE-2009-0949 The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} NoExplorer = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ AppID\escort.DLL AppID = "{09C554C3-109B-483C-A06B-F14172F1A947}" HKEY_LOCAL_MACHINE\SOFTWARE
\Software\Yqshjvw HKEY_CURRENT_USER\Software\Yqshjvw\ 1926745233 It adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center UacDisableNotify = "1" HKEY_LOCAL_MACHINE
\ Auto Update AUOptions = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Shell Extensions Rrecord = "c39e" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Shell Extensions
This Trojan may be unknowingly downloaded by a user while visiting malicious websites. It modifies the affected system's HOSTS files. This prevents users from accessing certain websites. It deletes
" HKEY_CURRENT_USER\Software\Microsoft\ Internet Explorer\TabbedBrowsing bProtectNewTabPageShow = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Explorer\TabbedBrowsing bProtectShowTabsWelcome = "0
The default value data of the said registry entry is {random values} .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\Tracing\ Microsoft\Imapi Active = "1" (Note: The default value
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan modifies the affected system's HOSTS files. This prevents users from accessing certain websites. Installation This Trojan drops the following files: %system%\b.dll - detected by Trend
\goopdate.dll,-3000" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ CLSID\{6F8BD55B-E83D-4A47-85BE-81FFA8057A69}\Elevation Enabled = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ CLSID\{6F8BD55B-E83D-4A47-85BE-81FFA8057A69}\Elevation