- Apr 25, 2013
- 5,356
+
Trojan.StartupFolderMalDropper.A
*\Users\*\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.js?
like *.jse
Huorong Internet Security (Updates)
- Thread starter Petrovic
- Start date
Trojan.StartupFolderMalDropper.A
*\Users\*\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.js?
like *.jse
- Apr 27, 2018
- 74
- Apr 25, 2013
- 5,356
- Apr 25, 2013
- 5,356
- Apr 1, 2017
- 1,782
- Apr 25, 2013
- 5,356
Hello can you pls tell me what this article means? ty
- Apr 27, 2018
- 74
Host file is already covered by the default rules.
- Apr 27, 2018
- 74
Any samples/references of real-world malware that are doing that?
- Apr 25, 2013
- 5,356
- Apr 27, 2018
- 74
- Apr 25, 2013
- 5,356
v0.1.6
What's Changed
-Add Trojan.Nanocore ruleset
-Fix ReadBrowserData false positives
-Fix a description error in the document generation script
Release v0.1.6 · JerryLinLinLin/Huorong-ATP-Rules
更新日志 新增Trojan.Nanocore规则组 修复ReadBrowserData部分误报 修复文档生成脚本部分描述错误 What's Changed Add Trojan.Nanocore ruleset Fix ReadBrowserData false positives Fix a description error in the document generation s...
github.com
- Apr 25, 2013
- 5,356
- Apr 25, 2013
- 5,356
The protection is still not optimal, but the rest is pretty nice(UI, Scanning Speed, Removal etc.)
Also, they should make an English website.
Also, they should make an English website.
- Apr 25, 2013
- 5,356
- Apr 25, 2013
- 5,356
Huorong_ATP_Rules_v0.1.7
github.com
Release v0.1.7 · JerryLinLinLin/Huorong-ATP-Rules
更新日志 新增遥测组别 Telemetry ,默认状态为关闭 新增以下规则组: Suspicious.AppCertDLLs Suspicious.AppInitDLLs Suspicious.NetDebugger Suspicious.NetWinAppXRT Telemetry.ActiveSetup Telemetry.CredentialProviders Telemetry....
github.com
- Apr 25, 2013
- 5,356
- Apr 25, 2013
- 5,356
- Apr 25, 2013
- 5,356
Similar threads
