Search
Keyword: unixliona1
This potentially unwanted application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be manually installed
DisableOSUpgrade = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows\WindowsUpdate\ OSUpgrade ReservationsAllowed = "0" HKEY_LOCAL_MACHINE\SOFTWARE\qanz ltpxeirzlt = "cjEWipc+US1jkg==" HKEY_CURRENT_USER
CVE-2012-2122 sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x
CVE-2006-4253 Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript
CVE-2010-1812 Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a
CVE-2010-1814 WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory
CVE-2009-1469 CRLF injection vulnerability in the Forgot Password implementation in server/webmail.php in IceWarp eMail Server and WebMail Server before 9.4.2 makes it easier for remote attackers to
CVE-2006-0032 cve: Cross-site scripting (XSS) vulnerability in the Indexing Service in Microsoft Windows 2000, XP, and Server 2003, when the Encoding option is set to Auto Select, allows remote
HKEY_CURRENT_USER\Software\Headlight\ GetRightToGo\CustomizedApps 1ae33d5bb6432da3b026aa1f1f9161b88fb00d9f = "1" HKEY_CURRENT_USER\Software\Headlight\ GetRightToGo\SharedConfig BusyPause = "15" HKEY_CURRENT_USER
%Application Data%\tyrbvfecd.exe" tyrbvfecd.exe rfdeevtbc.exe %System%\cmd.exe /c rd /s /q %All Users Profile%\CfMqilATTbA3Z & timeout 1 & del /f /q "%Application Data%\edtbgvfcd.exe" %System%\lsass.exe %System%
System Modifications This Ransomware adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion SysHelper = "1" Dropping Routine This Ransomware drops the following
\ImgBurn VersionBuild = "0" HKEY_CURRENT_USER\Software\ImgBurn INSTALLER_StartMenuShortcuts = "1" HKEY_CURRENT_USER\Software\ImgBurn INSTALLER_DesktopIcon = "1" HKEY_CURRENT_USER\Software\ImgBurn
"Apartment" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ Wow6432Node\CLSID\{{GUID}}\ ToolboxBitmap32 (Default) = "%System%\mshtmled.dll, 1" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ Wow6432Node\CLSID\{{GUID}}\ MiscStatus
" HKEY_CURRENT_USER\Software\Microsoft\ Internet Explorer\International W2KLpk = "0" HKEY_CURRENT_USER\Software\Microsoft\ Internet Explorer\International\CpMRU Enable = "1" HKEY_CURRENT_USER\Software\Microsoft
{62f49e10-6c37-11d1-864c-14a300000000}" HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows\IPSec\ Policy\Local\{random key} ipsecDataType = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows\IPSec\ Policy\Local\{random key
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
\SystemCertificates\TrustedPublisher\ CTLs It adds the following registry entries: HKEY_CURRENT_USER\Control Panel\International hTimes = "1" HKEY_CURRENT_USER\Control Panel\International nTimes = "66
\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\Winlogon\ Notify\dfedcebbba Asynchronous = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\Winlogon\ Notify\dfedcebbba StartShell =
\ Microsoft\Windows\IPSec\ Policy\Local\{random key} ipsecDataType = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows\IPSec\ Policy\Local\{random key} ipsecData = "{random values}" HKEY_LOCAL_MACHINE
IEDefaultSearch = 1 HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\ BaiduToolbar idtmp = "haoaoao_cb" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ BaiduBarX DisplayName = "?????" HKEY_LOCAL_MACHINE