Search
Keyword: htmlbagleq1
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This
%System%\ntsvc.ocx" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ CLSID\{E7BC34A3-BA86-11CF-84B1-CBC2DA68BF6C} ToolboxBitmap32 = "%System%\ntsvc.ocx, 1" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ CLSID\
This worm arrives by connecting affected removable drives to a system. It may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It drops
This worm is capable of backdoor commands. Depending on the commands received from the server, it may terminate processes related to security. It may also modify the contents of %System%\drivers\etc
This spyware may be downloaded by other malware/grayware/spyware from remote sites. It connects to certain websites to send and receive information. It deletes itself after execution. Arrival Details
\14.0\Word\ Security\ProtectedView DisableInternetFilesInPV = "1" (Note: The default value data of the said registry entry is "0" .) HKEY_CURRENT_USER\Software\Microsoft\ Office\14.0\Word\ Security
CVE-2010-2883 Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code
CVE-2006-5463 Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary JavaScript bytecode via
" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 Sequence = "1" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 RegFiles0000 = "\x00\x00\x00FP\xef\xac\xbbM\xe5\x90\x90\xe9\x80\x80\x04
\RPjwpjJDSzBIraDCma5.exe 1 "%Windows%\Microsoft.NET\Framework\v4.0.30319\csc.exe" /noconfig /fullpaths @"%User Temp%\dcczfgcg.cmdline" "%Windows%\Microsoft.NET\Framework\v4.0.30319\csc.exe" /noconfig /fullpaths @"%User Temp
CVE-2014-0198 The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls,
CVE-2014-3466 Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial
LocalAccountTokenFilterPolicy = 1 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Policies\ System EnableLinkedConnections = 1 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Policies\ System
\0787E69677\winlogon.exe = RUNASADMIN HKEY_CURRENT_USER\Software\Policies\ Microsoft\Internet Explorer\Control Panel HomePage = 1 HKEY_CURRENT_USER\Software\Policies\ Microsoft\Windows\System DisableCMD = 1
\SOFTWARE\Microsoft\ Security Center\Svc HKEY_CURRENT_USER\Software\Wilbert914\ 1926745233 It adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center UacDisableNotify = "1
entries: HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Installer\ Migrated {AC76BA86-7AD7-1033-7B44-AA0000000001} = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Originals
\Components\ 6364F69515D55F943B4B3F3C669ECD32 00000000000000000000000000000000 = "%System%\sysfiles" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Installer\ Folders %System%\sysfiles = "1
\Systweak\ RegClean Pro\Version 6.1 utm_campaign = 1 HKEY_LOCAL_MACHINE\SOFTWARE\Systweak\ RegClean Pro\Version 6.1 utm_medium = newbuild HKEY_LOCAL_MACHINE\SOFTWARE\Systweak\ RegClean Pro\Version 6.1 RCPURL
* charlie aa123456 Aa123456 admin homelesspa password1 1q2w3e4r5t qwertyuiop 1qaz2wsx sa sasa sa123 sql2005 1 admin@123 sa2008 1111 passw0rd abc abc123 abcdefg sapassword Aa12345678 ABCabc123 sqlpassword
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It steals certain information from the system and/or