Search
Keyword: usojan.ps1.powload.jkp
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
dbaf3ce3 = "/P////%%" HKEY_CURRENT_USER\Software\Optimizer Pro Language = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ Optimizer Pro_is1 Inno Setup: Setup Version = "5.5.3 (u)
NoExplorer = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ AppID\escort.DLL AppID = "{09C554C3-109B-483C-A06B-F14172F1A947}" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
CVE-2007-1863 cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a
\LocalService\AppData\Local\Packages\Microsoft.Office.Desktop_8wekyb3d8bbwe\LocalCache\Roaming %Program Files%\AxGlyph\Languages\1\RTF %Windows%\ServiceProfiles\LocalService\AppData\Local\Packages
\ Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96} usagestats = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Google\ Update path = "%Program Files%\Google\Update\GoogleUpdate.exe" HKEY_LOCAL_MACHINE\SOFTWARE
CVE-2008-5023 Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute
HKEY_CURRENT_USER\Software\AppDataLow\ AskBarDis\bar FFUpgrade = 0 HKEY_CURRENT_USER\Software\AppDataLow\ AskBarDis\bar HPOParam = HKEY_CURRENT_USER\Software\AppDataLow\ AskBarDis\bar Init = 1 HKEY_CURRENT_USER
entry is {random values} .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\Tracing\ Microsoft\Imapi Active = "1" (Note: The default value data of the said registry entry is 1 .)
CVE-2011-3348 The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service
\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\Tracing\ Microsoft\Imapi Active = "1" (Note: The default value data of the said registry entry is 1 .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
CVE-2009-1098 Buffer overflow in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
\MNTK1K67YO VhyE = "ad9e92f" HKEY_CURRENT_USER\Software\MNTK1K67YO Vle2 = "fvKr4YcIHEpf1Fc=" HKEY_CURRENT_USER\Software\MNTK1K67YO VhyK = "243" HKEY_CURRENT_USER\Software\MNTK1K67YO Vhy2 = "1" HKEY_CURRENT_USER
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
Layers" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Explorer\ Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} NoExplorer = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ TypeLib\
CVE-2006-3277 The SMTP service of MailEnable Standard 1.92 and earlier, Professional 2.0 and earlier, and Enterprise 2.0 and earlier before the MESMTPC hotfix, allows remote attackers to cause a
\MiscStatus\ 1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ CLSID\{7CEF2F64-717E-4BE6-A817-8B7E2BEDF86F}\TypeLib HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ CLSID\{7CEF2F64-717E-4BE6-A817-8B7E2BEDF86F}\Version
{50C37E0A-2AEB-409D-9FDC-AFBF9C6A75E8}}_is1 DisplayVersion = "1.0" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ {50C37E0A-2AEB-409D-9FDC-AFBF9C6A75E8}}_is1 NoModify = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft