Search

\SOFTWARE\Microsoft\ Security Center\Svc HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows Defender HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\MRT HKEY_CURRENT_USER\Software\Microsoft\ Windows

TROJ_KILLAV.AQQ

\SOFTWARE\Microsoft\ Security Center\Svc HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows Defender HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\MRT HKEY_CURRENT_USER\Software\Microsoft\ Windows

TROJ_DLOADR.AYJ

\SOFTWARE\Microsoft\ Security Center\Svc HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows Defender HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\MRT HKEY_CURRENT_USER\Software\Microsoft\ Windows

TROJ_DROPPER.VKE

keys: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center\Svc HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows Defender HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\MRT HKEY_CURRENT_USER

BAT_KILLAV.AXE

\Microsoft Security Center = HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center Svc = It adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center AntiVirusDisableNotify =

PE_SALITY.BU

Modifications This file infector adds the following registry keys: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\policies\ system HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center\Svc It adds

MS Advisory (2794220) Vulnerability in Internet Explorer Could Allow Remote Code Execution

from attacks using these vulnerabilities. MS Bulletin ID Vulnerability ID DPI Rule Number DPI Rule Name Release Date IDF Compatibility CVE-2012-4792 1005297 Microsoft Internet Explorer CDwnBindInfo

TROJ_QUSARRATDL.B

HKEY_CURRENT_USER\Software\Microsoft\ Office\14.0\Word\ Security\ProtectedView DisableInternetFilesInPV = "1" (Note: The default value data of the said registry entry is "0" .) HKEY_CURRENT_USER\Software\Microsoft

TROJ_QUSARRATDL.A

\14.0\Word\ Security\ProtectedView DisableInternetFilesInPV = "1" (Note: The default value data of the said registry entry is "0" .) HKEY_CURRENT_USER\Software\Microsoft\ Office\14.0\Word\ Security

TROJ_BANLOAD.YZZ

\SOFTWARE\Microsoft\ Security Center\Svc HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows Defender HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\MRT HKEY_CURRENT_USER\Software\Microsoft\ Windows

TROJ_BANLOAD.FYA

\SOFTWARE\Microsoft\ Security Center\Svc HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows Defender HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\MRT HKEY_CURRENT_USER\Software\Microsoft\ Windows

TROJ_DISABLER.FYP

\SOFTWARE\Microsoft\ Security Center\Svc HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows Defender HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\MRT HKEY_CURRENT_USER\Software\Microsoft\ Windows

TROJ_VILSEL.GR

\Run SusClientdetonador2 = "%System%\exploidwin.exe" Other System Modifications This Trojan adds the following registry keys: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center\Svc HKEY_LOCAL_MACHINE

BKDR_PUXADOOR.A

\SOFTWARE\Microsoft\ Security Center\Svc HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows Defender HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\MRT HKEY_CURRENT_USER\Software\Microsoft\ Windows

TROJ_INJECT.LRA

registry keys: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center\Svc HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows Defender HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\MRT

TROJ_SPYEX.AE

\SOFTWARE\Microsoft\ Security Center\Svc HKEY_CURRENT_USER\Software\Afqteuv\ 1926745233 It adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center UacDisableNotify = "1

TROJ_INJECTO.ABP

\SOFTWARE\Microsoft\ Security Center\Svc HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows Defender HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\MRT HKEY_CURRENT_USER\Software\Microsoft\ Windows

TROJ_BANLOAD.GHO

\SOFTWARE\Microsoft\ Security Center\Svc HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows Defender HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\MRT HKEY_CURRENT_USER\Software\Microsoft\ Windows

TROJ_BANLOAD.GIG

\SOFTWARE\Microsoft\ Security Center\Svc HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows Defender HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\MRT HKEY_CURRENT_USER\Software\Microsoft\ Windows

TSPY_KILLWIN.OC

\SOFTWARE\Microsoft\ Security Center\Svc HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows Defender HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\MRT HKEY_CURRENT_USER\Software\Microsoft\ Windows

Resources

Support

About Trend

Country Headquarters

Search

Resources

Support

About Trend

Country Headquarters

The Americas

Middle East & Africa

Europe

Asia & Pacific