Duqu Malware TrueType Font Parsing Vulnerability
Duqu Malware TrueType Font Parsing Vulnerability is a type of exploit that could install the Duqu malware through a Microsoft flaw. This flaw was found to be a Microsoft vulnerability within the TrueType (TTF) Font Parsing Engine of particular Microsoft Word and Adobe Reader files. Hackers have exploited this issue and may lead to the installation of Duqu malware. Duqu and other related malware may be detected and removed with an updated spyware removal application.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%Program Files%\Protection Center\protext.dll
File name: %Program Files%\Protection Center\protext.dllFile type: Dynamic link library
Mime Type: unknown/dll
%Windows%\system32\Drivers\jminet7.sys
File name: %Windows%\system32\Drivers\jminet7.sysFile type: System file
Mime Type: unknown/sys
Registry Modifications
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce 'SelfdelNT'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\JmiNET3HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run '[random string]'HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ XTray.exeHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run 'tmp'
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.