Keyword: htmlbagleq1
54331 Total Search   |   Showing Results : 841 - 860
  Previous   Next  
TROJ_CRYPWALL.TXK
%User Profile%\Cookies\wilbert@www.msn[1].txt = "68adfd" It modifies the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\SystemRestore DisableSR = "1" Dropping
WORM_SUBLINK.B
\CurrentVersion\BITS It adds the following registry entries: HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Installer\ Migrated {AC76BA86-7AD7-1033-7B44-AA0000000001} = "1" HKEY_CURRENT_USER\Software\Adobe
TROJ_OTOTI.FQA
registry entries: HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Installer\ Migrated {AC76BA86-7AD7-1033-7B44-AA0000000001} = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Originals
Ransom.BAT.STOP.A
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Ransomware arrives on a system
TrojanSpy.MSIL.AZORULT.SMA
\vqLyduIscXWKuMfrma5.exe 1 "%Windows%\Microsoft.NET\Framework\v4.0.30319\csc.exe" /noconfig /fullpaths @"%User Temp%\iqss53d3.cmdline" "%Windows%\Microsoft.NET\Framework\v4.0.30319\csc.exe" /noconfig /fullpaths @"%User Temp
Trojan.Win32.INJECTOR.EPLCRM
HKEY_LOCAL_MACHINE\SOFTWARE\ControlSet001\ services\ItlsHKOT Type = 1 HKEY_LOCAL_MACHINE\SOFTWARE\ControlSet001\ services\ItlsHKOT ErrorControl = 0 HKEY_LOCAL_MACHINE\SOFTWARE\ControlSet001\ services\ItlsHKOT Start =
Trojan.Win32.INJECTOR.EPLCRM
145600.4 HKEY_LOCAL_MACHINE\SOFTWARE\ControlSet001\ services\ItlsOTN\Instances Flags = 0 HKEY_LOCAL_MACHINE\SOFTWARE\ControlSet001\ services\ItlsHKOT Type = 1 HKEY_LOCAL_MACHINE\SOFTWARE\ControlSet001
TSPY_DYRE.RF
\SYSTEM\CurrentControlSet\ Control\Lsa LimitBlankPasswordUse = "0" (Note: The default value data of the said registry entry is 1 .) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Control\Terminal Server
TROJ_KRYPTK.WJP
{AC76BA86-7AD7-1033-7B44-AA0000000001} = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Originals bDisplayedSplash = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\AVGeneral bLastExitNormal = "0" HKEY_CURRENT_USER
PE_FUJACKS.DE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\Image File Execution Options\ rfwsrv.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\Image File Execution Options\ ÐÞ¸´¹¤¾ß.exe
TROJ_BARYS.UW
{AC76BA86-7AD7-1033-7B44-AA0000000001} = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Originals bDisplayedSplash = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\AVGeneral bLastExitNormal = "0" HKEY_CURRENT_USER
TROJ_DROPPR.YYVY
registry entries: HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Installer\ Migrated {AC76BA86-7AD7-1033-7B44-AA0000000001} = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Originals
TSPY_FAREIT.GQA
registry entries: HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Installer\ Migrated {AC76BA86-7AD7-1033-7B44-AA0000000001} = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Originals
BKDR_SIMBOT.UKLI
registry entries: HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Installer\ Migrated {AC76BA86-7AD7-1033-7B44-AA0000000001} = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Originals
TROJ_DELF.JFP
EYYFZFTGD = "XFQDNZCFR" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\SvcHost\ EYYFZFTGD CoInitializeSecurityParam = "1" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\XFQDNZCFR
CA CAM log_security() Stack Overflow
CVE-2005-2668 cve: Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allow remote attackers to execute
Adobe Acrobat And Reader Remote Code Execution Vulnerability (CVE-2013-0640)
CVE-2013-0641,CVE-2013-0640 Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allow remote attackers to execute arbitrary code or cause a denial of service
Adobe Acrobat And Reader Remote Code Execution Vulnerability (CVE-2013-0641)
CVE-2013-0641 Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allows remote attackers to execute arbitrary code via a crafted PDF document,
PUA_Boxore.component
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
TROJ_DROPAUT.A
{AC76BA86-7AD7-1033-7B44-AA0000000001} = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Originals bDisplayedSplash = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\AVGeneral bLastExitNormal = "0" HKEY_CURRENT_USER