Category Archives: PUP

PUP.Optional.CrossRider.A

PUP.Optional.CrossRider.A also known as Gen:Application.Heur.nq1@kat8Rnki, Unwanted-Program ( 004ae5c01 ), Gen:Application.Heur.nq1@kat8Rnki. Malware Analysis of PUP.Optional.CrossRider.A – UPDATER5058.EXE Created files: %Local Appdata%\Google\Chrome\User Data\Default\databases\chrome-extension_nllafhekklanfkimibokomlmidmcmaoi_0\3 %Local Appdata%\Google\Chrome\User Data\Default\databases\Databases.db %Local Appdata%\Updater5058\Updater5058.exe %Temp%\Shopping SidekickInstaller_1417283508.log %Program Files%\Shopping Sidekick\background.html Autostart registry keys: HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110011501158}\InprocServer32\: “%Program Files%\Shopping Sidekick\Shopping Sidekick-bho.dll” HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220022502258}\InprocServer32\: “%Program Files%\Shopping Sidekick\Shopping Sidekick-bho.dll” HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Shopping Sidekick\DisplayName: “Shopping Sidekick” HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Shopping Sidekick\UninstallString: “%Program Files%\Shopping Sidekick\Uninstall.exe /fromcontrolpanel=1″ HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Updater5058.exe:…

Continue reading

PUP.Optional.NextLive.A

Win32/NextLive.A also known as Trojan.Win32.NextLive.csjhvj. Malware Analysis of PUP.Optional.NextLive.A Created files: %APPDATA%\newnext.me\nengine.dll Detected by UnHackMe: NENGINE.DLL Default location: %APPDATA%\newnext.me\nengine.dll Recommended: UnHackMe anti-rootkit and anti-malware Premium software: RegRun Security Suite (Good choice for removal and protection)

WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera