Keyword: URL
43774 Total Search   |   Showing Results : 2321 - 2340
thread performing its malicious routines. It also executes the legitimate file %System%\wdmaud.drv . This Trojan may connect to the URL liyanyanzy.{BLOCKED}2.org This Trojan does not have rootkit
TabProcGrowth = "0" HKEY_LOCAL_MACHINE\ SOFTWARE\ MICROSOFT\ Windows\ CURRENTVERSION\ URL SystemMgr = "Del" HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\ protected\AVP7\profiles\ Updater enabled = "0" Other Details
Extension} = %Application Data%\{Random File Name}.exe {Random Numbers} Other Details This Trojan displays the following message boxes: Security Tool Installed. It does the following: It connects to this URL
Manipulate system sound volume Open Web pages Read/Write/Delete registry values Record sounds using microphone Remove itself Send emails Start/Stop services Update itself It connects to the following URL to
voir absolument. Once an unsuspecting user clicks on the said video, it plays a YouTube video. It then triggers an automatic Like on Facebook for a malicious URL and displays the link on the wall of the
the file from the following URL and renames the file when stored in the affected system: https://{BLOCKED}esteward.com/css/Document1704.exe It saves the files it downloads using the following names:
HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion path = {malware file path}\{malware file name} Download Routine This Trojan downloads the file from the following URL and renames the file when stored in
Force terminate the following Processes: SpyTheSpy.exe TiGeR-Firewall.exe bavtray.exe Check if running under virtual machine Create a shortcut that will go to a specified url at every system startup Hide
the file from the following URL and renames the file when stored in the affected system: https://{BLOCKED}ipegauction.ca/wp-content/uploads/2014/07/p2104us77.exe It saves the files it downloads using
the file from the following URL and renames the file when stored in the affected system: https://{BLOCKED}ntravels.com/wp-content/uploads/2010/02/atlantis1-150x150.exe It saves the files it downloads
files are exhibited on the affected system. Other Details This Trojan deletes itself after execution. NOTES: This Trojan accesses the URL {BLOCKED}.{BLOCKED}.35.133:33136/0912us21/{Computer Name}/0/{OS
Modification This spyware modifies the Internet Explorer Zone Settings. NOTES: This spyware accesses the URL https://www.pinterest.com/pin/{BLOCKED}5416/ to retrieve the server IP address of fake login pages. It
information on the affected computer: Computer Name OS Version RAM NOTES: This backdoor pings the following URL to get its IP address where it connects to send and receive information from malicious user: file.
Spammers take advantage of the news regarding the supposedly merging of Skype, Hotmail, and MSN to lure users into downloading this malware. The spammed message includes a URL that points to this
file from a certain URL. The URL where this malware downloads the said file depends on the following parameter(s) passed on to it by its components: fool twin Other Details This Trojan takes advantage of
the URL to report status and to receive data. It is capable of brute forcing Windows logon users via a list of passwords from the received data. Trojan:Win32/Tibrun.B (Microsoft), Trojan.Asprox.B
}p.sst1.info/files/nb1/index.html?{random} {URLs found in the downloaded file, index.html} It connects to the following URL as a notification for successful download routine. http://{BLOCKED}p.{BLOCKED}t1.info/files/nb1/success.asp?
downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system. It downloads a possibly malicious file from a certain URL. The URL where this malware downloads
the Internet Explorer Zone Settings. NOTES: This Trojan may connect to the URL http://{BLOCKED}cription/gate.php to download the key used in encrypting the files. The .eml file where the malware may
\Users\{user name}\AppData\Local\Temp on Windows Vista and 7.) It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the following