Search
Keyword: usojan.ps1.powload.jkp
It adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center UacDisableNotify = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center\Svc AntiVirusOverride = "1
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
LoadAppInit_DLLs = "1" It modifies the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\Windows AppInit_DLLs = "%System%\jgsmkrj.dll" Dropping Routine This Trojan drops
"697513" HKEY_LOCAL_MACHINE\SOFTWARE 39012 = "Browser Warden" HKEY_LOCAL_MACHINE\SOFTWARE\Browser Warden SeenDate = "1407290582" HKEY_LOCAL_MACHINE\SOFTWARE\Browser Warden Seen = "1" HKEY_LOCAL_MACHINE
" HKEY_CURRENT_USER\Software\ESTsoft\ ALZip\Config AutoCloseExtract = "0" HKEY_CURRENT_USER\Software\ESTsoft\ ALZip\Config AutoTestResultType = "0" HKEY_CURRENT_USER\Software\ESTsoft\ ALZip\Config AutoTestType = "1
.NET Framework 4,Windows 7 for 32-bit Systems Microsoft .NET Framework 3.5.1,Windows 7 for 32-bit Systems Microsoft .NET Framework 4,Windows 7 for 32-bit Systems Service Pack 1 Microsoft .NET Framework
CVE-2013-0633 Buffer overflow in Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and before 10.3.183.51 and 11.x before 11.2.202.262 on Linux allows remote attackers to
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ Interface\{3C1ABA66-65EB-4135-A628-0A620468B07F}\TypeLib It adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\MediaPlayerV1alpha6918\ Components Ie = "1
"92f50a7fda04c2fdf6fd4927f33c28f0" HKEY_CURRENT_USER\Software\k52zip\ setup tid1 = "140" HKEY_CURRENT_USER\Software\k52zip\ setup tid2 = "1" HKEY_CURRENT_USER\Software\k52zip\ setup id = "400" HKEY_CURRENT_USER\Software\k52zip
{APP VERSION}" -language="en" -uid="{UID}" -puid="{PUID}" -checkType="FirstScanComplete" -dsi="0" -msi="1" -apps="{PRODUCT CODE}:WZC" -r="7" -IPTNDelay="900" -parentHWND="204bc" It creates the following
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain
" -language="en" -uid="{UID}" -puid="{PUID}" -checkType="FirstScanComplete" -dsi="0" -msi="1" -apps="{PRODUCT CODE}:WZC" -r="7" -IPTNDelay="900" -parentHWND="204bc" It creates the following folders: %All Users
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan executes then deletes itself afterward. Installation This Trojan drops the following copies of itself into the affected system: %System%\msnp2pmgr.exe (Note: %System% is the Windows
Profile%\Documents HKEY_CURRENT_USER\Software\Nico Mak Computing\ WinZip\directories ZipTempRemovableOnly = 1 HKEY_CURRENT_USER\Software\Nico Mak Computing\ WinZip\directories ZipTemp = %User Temp%
Systems (Microsoft .NET Framework 3.5.1),Windows 7 for 32-bit Systems Service Pack 1 (Microsoft .NET Framework 4),Windows 7 for x64-based Systems (Microsoft .NET Framework 3.5.1),Windows 7 for x64-based
CVE-2008-2785 Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
NoExplorer = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ DealPly DisplayName = "DealPly" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ DealPly
CVE-2008-2119 Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5.3, when pedantic parsing (aka pedanticsipchecking) is enabled, allows remote