Search
Keyword: bkdrgwgirl272
"3" .) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\BITS Type = "272" (Note: The default value data of the said registry entry is "32" .) Dropping Routine This spyware drops the following files:
ErrorControl = "0" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\6to4\Parameters Type = "272" Backdoor Routine This backdoor connects to the following URL(s) to send and receive commands from a remote
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
\Office TP Auto-Discovery Adaptive Type = "272" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\Office TP Auto-Discovery Adaptive ErrorControl = "0" It adds the following registry entries to enable
\ services\svrhost Start = "2" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\svrhost Type = "272" Propagation This Trojan drops the following copy of itself in all physical and removable drives: {Drive
Type = "272" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup 11111 = "{malware path and filename}" Other Details This backdoor connects to the following possibly malicious URL:
"272" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\Event Identity Filtering Profile Remote Start = "2" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\Event Identity Filtering Profile
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
\ services\CornerSunshineSvc Start = "2" (SERVICE_AUTO_START) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ services\CornerSunshineSvc Type = "272" Dropping Routine This potentially unwanted application drops the
This spyware arrives as an attachment to email messages spammed by other malware/grayware or malicious users. Arrival Details This spyware arrives as an attachment to email messages spammed by other
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It does
= "272" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\E74BA3F6 DisplayName = "E74BA3F6" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\E74BA3F6 Start = "SERVICE_AUTO_START" It modifies
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It encrypts files found in specific folders. It
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It does
This Adware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Adware arrives on a system as a
Vista, 7, 8, 8.1, 2008(64-bit), 2012(64-bit) and 10(64-bit).) It adds the following registry entries: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\pcAnywhere Type = "272" HKEY_LOCAL_MACHINE\SYSTEM
"2" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\98F2A116 Type = "272" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\98F2A116 DisplayName = "98F2A116" HKEY_LOCAL_MACHINE\SYSTEM
\SYSTEM\CurrentControlSet\ services\PAExec It adds the following registry entries: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\PAExec Type = "272" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This