Search
Keyword: unixliona1
" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 SessionHash = "{random characters}" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 Sequence = "1" HKEY_CURRENT_USER\Software
\Session0000 Sequence = "1" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 RegFiles0000 = "\x00" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 RegFilesHash = "{random
\Microsoft\ RestartManager\Session0000 Sequence = "1" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 RegFiles0000 = "\x00" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000
\Microsoft\ RestartManager\Session0000 SessionHash = "{random characters}" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 Sequence = "1" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager
\ OneStepSearch Initial = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ OneStepSearch ShowToolbarButton = "0" HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ OneStepSearch ShowBarSign = "0" HKEY_LOCAL_MACHINE\SOFTWARE
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This
\x01" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 SessionHash = "{random characters}" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 Sequence = "1
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
https://www.{BLOCKED}easy.com/ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ DriverEasy_is1 NoModify = 1 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall
default value data of the said registry entry is 1 .) HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Internet Settings\ ZoneMap AutoDetect = 1 (Note: The default value data of the said
" HKEY_LOCAL_MACHINE\SOFTWARE\Macromedia\ FlashPlayer\SafeVersions 9.0 = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ .mfp Content Type = "application/x-shockwave-flash" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ .sol Content
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
\ WinZip\caution NoUnsafeTypeCautionForSCR = "1" HKEY_CURRENT_USER\Software\Nico Mak Computing\ WinZip\caution NoUnsafeTypeCautionForEXE = "1" HKEY_LOCAL_MACHINE\SOFTWARE\KHATRA\ Startup_List restart_run = "
{9603BF4B-1038-409A-9C2C-FC3D584070B1} NoExplorer = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\policies\ Ext\CLSID {9603BF4B-1038-409A-9C2C-FC3D584070B1} = "1" It modifies the following registry entries:
{B6CD54AD-C5D1-4637-9393-399637495EDF} NoExplorer = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\policies\ Ext\CLSID {B6CD54AD-C5D1-4637-9393-399637495EDF} = "1" It modifies the following registry entries:
" HKEY_CURRENT_USER\Software\Nico Mak Computing\ WinZip\caution NoUnsafeTypeCautionForSCR = "1" HKEY_CURRENT_USER\Software\Nico Mak Computing\ WinZip\caution NoUnsafeTypeCautionForEXE = "1" HKEY_LOCAL_MACHINE\SOFTWARE
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ CLSID\HOOK_ID name = "{malware file name}" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\10c095f2 Type = "1" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\10c095f2
It adds the following registry entries: HKEY_CURRENT_USER\Software\kdisk_barcon01 installed = "1" HKEY_CURRENT_USER\Software\kdisk_barcon01 cp_code = "pandorabc_05" HKEY_LOCAL_MACHINE\SOFTWARE