Discussion in 'malware problems & news' started by itman, Aug 2, 2017.
Does the regsrv32 command line options look familiar folks?
Culprit is Powershell. Disable it or remove it to mitigate fileless malware attacks.
there is several techniques to load powershell scripts without powershell.exe.
This malware could be modified to do it.
You stop malware like this by using a security solution that monitors what is written to registry run and run once keys. Anything after that point is a losing effort.
Thanks for Com reference tester and link. Windows is such a playland.
Separate names with a comma.