Search
Keyword: unixliona1
processes: md /c schtasks /create /sc minute /mo 1 /tn "QQMusic" /tr {Malware File Path} /F cmd /c taskkill /f /im bbfsvcc.exe&&exit taskkill /f /im bbfsvcc.exe cmd /c ipconfig /flushdns cmd /c taskkill /f /im
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
)_J Êö_CHAR(0x01)_ß½°\ˤjKÁ·G_CHAR(0x1D)_Á®Öö_CHAR(0x0B)_+ËkBÝ ú_CHAR(0x11)_Pk_CHAR(0x01)_Ü_CHAR(0x0F)_Y_CHAR(0x12)_KþÄæ·GH_CHAR(0x0C)_kD÷G¼¹¬¨_CHAR(0x07)_á_CHAR(0x0C)_J Êö_CHAR(0x01)_ß
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
\ FirewallPolicy\StandardProfile DisableNotifications = "1" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\SharedAccess\Parameters\ FirewallPolicy\StandardProfile\GloballyOpenPorts\ List 4279:UDP = "4279:UDP:
This adware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This adware arrives on a system as a
"442C3801027391F9182D0276EB" HKEY_LOCAL_MACHINE\SOFTWARE\Clients\ NetworkAgentDriver t0_s = "109139122142134090" HKEY_LOCAL_MACHINE\SOFTWARE\Clients\ NetworkAgentDriver t0_deb = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Clients
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
characters}" HKEY_CURRENT_USER\Software\qanz zojewbdazo = "{random characters}" HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows\WindowsUpdate DisableOSUpgrade = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Policies
\CurrentVersion\Uninstall\ WinThruster_is1 NoModify = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ WinThruster_is1 NoRepair = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain URLs. It may do this to remotely
" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP Server ID = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2
" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP Server ID = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2
%User Profile%\Cookies\wilbert@www.msn[1].txt = "68adfd" It modifies the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\SystemRestore DisableSR = "1" Dropping
\Wilbert914\ 1926745233 It adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center UacDisableNotify = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center\Svc
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a