it consultancy

CDT malware

CDT details

  • Description

    CDT is a malicious adware parasite that displays unsolicited commercial pop-up advertisements and reduces system security by modifying Internet Explorer essential security settings. The threat adds advertising, marketing, pornographic and similar insecure web resources into the web browser's Trusted Sites list. It also enables support for ActiveX controls and .NET components, allows to silently download and run harmful scripts and plugins and registers certain adware companies as trusted software publishers.

  • Exe

    mediatickets.exe

  • Registry

    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsoneMapDomains[domain]HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsoneMapRangesRange1:Range=[IP address]HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsoneMapRangesRange1:Range=[IP address]HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet SettingsMinLevel=Code DownloadHKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet SettingsSafety Warning Level=SucceedSilentHKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet SettingsSecurity_RunActiveXControls=0x01000000HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet SettingsSecurity_RunScripts=0x01000000HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet SettingsTrust Warning Level=No SecurityHKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet SettingsMinLevel=Code DownloadHKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet SettingsSafety Warning Level=SucceedSilentHKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet SettingsSecurity_RunActiveXControls=0x01000000HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet SettingsSecurity_RunScripts=0x01000000HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet SettingsTrust Warning Level=No SecurityHKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settingsones22001=0HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settingsones22004=0HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionWinTrustTrust ProvidersSoftware PublishingTrust Database[random string]=[publisher name]