Search
Keyword: unixliona1
registry entries: HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Installer\ Migrated {AC76BA86-7AD7-1033-7B44-AA0000000001} = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Originals
Copy\Aurora_DVD_Copy.exe" 4 %Program Files%\MachinerData\Aurora_DVD_Copy.exe 1 %Windows%\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe %System%\svchost.exe -k LocalServiceAndNoImpersonation %Windows%
CVE-2009-2990 Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors.
CVE-2009-2979 Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 do not properly perform XMP-XML entity expansion, which allows remote attackers to cause a
CVE-2013-3346 Adobe Reader and Acrobat allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. adobe acrobat 10.0,adobe acrobat
\Afqteuv\ 1926745233 It adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center UacDisableNotify = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center\Svc
{AC76BA86-7AD7-1033-7B44-AA0000000001} = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Originals bDisplayedSplash = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\AVGeneral bLastExitNormal = "0" HKEY_CURRENT_USER
\Lsa LimitBlankPasswordUse = "0" (Note: The default value data of the said registry entry is 1 .) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Control\Terminal Server fDenyTSConnections = "0" (Note: The
registry entries: HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Installer\ Migrated {AC76BA86-7AD7-1033-7B44-AA0000000001} = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Originals
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
registry entries: HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Installer\ Migrated {AC76BA86-7AD7-1033-7B44-AA0000000001} = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Originals
registry entries: HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Installer\ Migrated {AC76BA86-7AD7-1033-7B44-AA0000000001} = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Originals
%User Profile%\Cookies\wilbert@www.msn[1].txt = "68adfd" It modifies the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\SystemRestore DisableSR = "1
registry entries: HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Installer\ Migrated {AC76BA86-7AD7-1033-7B44-AA0000000001} = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Originals
registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion SysHelper = "1" Dropping Routine This Ransomware drops the following files: %All Users Profile%\4R8WBES1BX2A3VRZJLCKYUNEX\c %All
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This
\PING.EXE ping 127.0.0.1 "%Program Files%\Free Create-Burn ISO Image\CreateBurnISO.exe" 4 %Program Files%\MachinerData\CreateBurnISO.exe 1 %System%\sdclt.exe /CONFIGNOTIFICATION taskhost.exe SYSTEM %System%
This file infector arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This file infector arrives on a
HKEY_CURRENT_USER\Software\WinRAR\ Formats\uue.fmt HKEY_CURRENT_USER\Software\WinRAR\ Formats\z.fmt HKEY_CURRENT_USER\Software\WinRAR\ Profiles\0 HKEY_CURRENT_USER\Software\WinRAR\ Profiles\1 HKEY_CURRENT_USER
registry entries: HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Installer\ Migrated {AC76BA86-7AD7-1033-7B44-AA0000000001} = "1" HKEY_CURRENT_USER\Software\Adobe\ Acrobat Reader\10.0\Originals