Search
Keyword: htmlbagleq1
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after
\xd5\x01" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 SessionHash = "{random characters}" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 Sequence = "1
/CREATE /TN "gpumGFMFZzz" /SC once /ST 13:31:37 /F /RU "{username}" /TR "rundll32 Userenv.dll,RefreshPolicy 1" schtasks /run /tn "gpumGFMFZzz" schtasks /DELETE /TN "gpumGFMFZzz" /F schtasks /END /TN
\Microsoft\ Windows\CurrentVersion\Uninstall\ Zoremov DisplayName = "PDFLeader" HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Uninstall\ Zoremov ApplicationVersion = "1" HKEY_CURRENT_USER
" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Installer\ Migrated {AC76BA86-7AD7-1033-7B44-AA0000000001} = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Originals bDisplayedSplash = "1
" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Installer\ Migrated {AC76BA86-7AD7-1033-7B44-AA0000000001} = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Originals bDisplayedSplash = "1
registry entries: HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Installer\ Migrated {AC76BA86-7AD7-1033-7B44-AA0000000001} = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Originals
CVE-2008-5502 The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) via
CVE-2008-5501 The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service via vectors
CVE-2008-5508 Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not properly parse URLs with leading whitespace or
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
Publisher = "MicrowindowSearch Inc." HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ MicrowindowSearch_is1 NoModify = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion
" HKEY_CURRENT_USER\Software\VS Revo Group\ Revo Uninstaller Pro\General Ver4 = "4" HKEY_CURRENT_USER\Software\VS Revo Group\ Revo Uninstaller Pro\General VFR = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows
2008(64-bit), 2012(64-bit) and 10(64-bit).) It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Shared Tools\Proofing Tools\Grammar\ MSGrammar\3.0\2057 Options Version = "1
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops files as ransom note. Arrival Details This
Components\{4f645220-306d-11d2-995d-00c04f98bbc9} IsInstalled = "1" (Note: The default value data of the said registry entry is 1 .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Active Setup\Installed Components\
{0944D16C-D0F4-4389-982A-A085595A9EB3}\MiscStatus HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ CLSID\{0944D16C-D0F4-4389-982A-A085595A9EB3}\MiscStatus\ 1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ CLSID\{0944D16C-D0F4-4389-982A-A085595A9EB3}\TypeLib
\ Notify\wminotify Asynchronous = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\Winlogon\ Notify\wminotify Impersonate = "0" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT
CVE-2009-0200 Integer underflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via crafted records in the document
CVE-2009-3978 The nsGIFDecoder2::GifWrite function in decoders/gif/nsGIFDecoder2.cpp in libpr0n in Mozilla Firefox before 3.5.5 allows remote attackers to cause a denial of service (NULL pointer