Search
Keyword: W2KM_MONALIS
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
\Windows\CurrentVersion\ Internet Settings\Zones\2 1601 = "0" HKEY_CURRENT_USER\Software\Policies\ Microsoft\Windows\CurrentVersion\ Internet Settings\Zones\3 1601 = "0" HKEY_CURRENT_USER\Software\Policies
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It does not
MAX_OVERLAYS = "2" HKEY_CURRENT_USER\Software\CyberLink\ VGASPEED\2000\{random key} TOTAL_VIDEO_MEM = "4" HKEY_CURRENT_USER\Software\CyberLink\ VGASPEED\2000\{random key} NUM_FOURCC = "3" HKEY_CURRENT_USER
HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Internet Settings\ Zones\2 2500 = "3" HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Internet Settings\ Zones\3 2500 = "3" Backdoor Routine
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
\Explorer\ Advanced Hidden = "0" (Note: The default value data of the said registry entry is 2 .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center AntiVirusDisableNotify = "1" HKEY_LOCAL_MACHINE
This worm arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives via peer-to-peer (P2P) shares. It arrives on a system as a file dropped by other
\Software\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced Hidden = "2" (Note: The default value data of the said registry entry is 1 .) It creates the following registry entry(ies) to bypass Windows
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\ERSvc Start = "4" (Note: The default value data of the said registry entry is 2 .) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\wscsvc Start = "4" (Note:
This Coinminer arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Coinminer arrives on a system as
{2329B0B1-00B8-459B-9F68-66831E4FFF47}_is1 MajorVersion = "11" HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ Microsoft\Windows\CurrentVersion\ Uninstall\{2329B0B1-00B8-459B-9F68-66831E4FFF47}_is1 MinorVersion = "2" HKEY_LOCAL_MACHINE
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan Spy arrives on a system
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
MSExchangeSRS ReportServer$TPSAMA Zoolz 2 Service MSOLAP$TPS aphidmonitorservice SstpSvc MSExchangeMTA ReportServer$SYSTEM_BGC Symantec System Recovery UI0Detect MSExchangeSA MSExchangeIS ReportServer
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It encrypts files with specific file extensions. It
\CurrentControlSet\ services\W3WPDIAG Start = 2 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\W3WPDIAG ErrorControl = 1 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\W3WPDIAG ImagePath = "%System%