Keyword: microsoft security bulletin ms03-007
78644 Total Search   |   Showing Results : 441 - 460
  Previous   Next  
TROJ_DISABLER.MW
value data of the said registry entry is 0 .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center FirstRunDisabled = "1" (Note: The default value data of the said registry entry is 1 .)
TROJ_INJECT.UT
" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\SessionSysapp\Parameter ServiceDll = "%System Root%\ProgramData\Microsoft\Windows\Sessionmzz.dll" HKEY_LOCAL_MACHINE\SOFTWARE\Security\ Svc SessionSysapp = "idle
PUA.Win32.AppBundler.C
Files%\INCAInternet\nProtect Online Security\coredll\armx64 %Program Files%\INCAInternet\nProtect Online Security\coredll\protect\x64 %All Users Profile%\Microsoft\Windows\Start Menu\Programs\INCAInternet
TROJ_FAKEAV.SMJZ
Security Platinum It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Installer\Products\{random key name} (Default) = "1" HKEY_CURRENT_USER\Software\Microsoft\ Windows
TROJ_FAKEAV.SMVU
HKEY_CURRENT_USER\Software\Microsoft\ Installer\Products\{random hex value} HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Uninstall\ Live Security Platinum It adds the following registry entries:
TROJ_FAKEAV.DEJ
HKEY_CURRENT_USER\Software\Microsoft\ Installer\Products\{random hex value} HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Uninstall\ Live Security Platinum It adds the following registry entries:
TROJ_FAKEAV.SMVS
HKEY_CURRENT_USER\Software\Microsoft\ Installer\Products\{random hex value} HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Uninstall\ Live Security Platinum It adds the following registry entries:
TROJ_FKEALRT.SMJ
HKEY_CURRENT_USER\Software\Microsoft\ Installer\Products\{random hex value} HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Uninstall\ Live Security Platinum It adds the following registry entries:
TROJ_FAKEAV.SMJU
HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Uninstall\ Live Security Platinum It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Installer\Products\{random value} (Default)
Trojan.Win32.FASONG.WLDD
auto error= ignore REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce" /v "vkise" /t REG_SZ /d "%Program Files%\COMODO Internet Security\vkise.exe
TROJ_FAKEAV.IKV
\ Windows\CurrentVersion\Uninstall\ Live Security Platinum It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Installer\Products\6F638C62CEB36323FC436FFEE56C346D (Default) = "1
Local Security Authority Subsystem Service Integer Overflow Vulnerability
CVE-2009-2524 Integer underflow in the NTLM authentication feature in the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows
TROJ_WEBPREFI.CD
HKEY_LOCAL_MACHINE\SOFTWARE\Security\ CCmd HKEY_LOCAL_MACHINE\SOFTWARE\Security\ ExeCmd It adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\cfeba netsvcs = "{random
TROJ_FAKEAV.FFK
\SharedAccess\Parameters\ FirewallPolicy\DomainProfile DisableNotifications = 1 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\SharedAccess Start = 4 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center
TROJ_FAKEALE.PJ
\SharedAccess\Parameters\ FirewallPolicy\DomainProfile DisableNotifications = 1 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\SharedAccess Start = 4 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center
PE_SALITY.JER
file: [MCIDRV_VER] DEVICEMB={random numbers} It adds the following registry keys: HKEY_CURRENT_USER\Software\{user name}914 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center\Svc HKEY_LOCAL_MACHINE
Cross-Site Scripting Vulnerability In Microsoft ISA Server And Forefront Threat Management Gateway (Medium Business Edition)
component, aka "Cross-Site Scripting Vulnerability." Microsoft Internet Security and Acceleration Server 2006,Microsoft Internet Security and Acceleration Server 2004,Microsoft Forefront Threat Management
TROJ_TDSS.ITW
entries to enable its automatic execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run Windows defender = "%System%\Security\windows_update_security.exe
SALITY
letter}:\{malware file name}.exe Other System Modifications This file infector adds the following registry keys: HKEY_CURRENT_USER\Software\{random} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center
20-016 (March 31, 2020)
* indicates a new version of an existing rule Deep Packet Inspection Rules: DCERPC Services - Client 1010201 - Microsoft Windows LNK Remote Code Execution Vulnerability Over SMB (CVE-2020-0729)