Search
Keyword: microsoft internet explorer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ DirectDraw\MostRecentApplication Name = "{malware file name}" (Note: The default value data of the said registry entry is iexplore.exe .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run bin = "%User Profile%\Application Data\bin" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run bin = "
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run S1716930 = "{malware path and file name}" Other System Modifications This Trojan adds the following registry
\Microsoft\ Security Center UACDisableNotify = "0" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\policies\ system EnableLUA = "0" This report is generated via an automated analysis system.
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run S8768148 = "{malware path and file name}" Other System Modifications This Trojan adds the following registry
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run S6358103 = "{malware path and file name}" Other System Modifications This Trojan adds the following registry
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run S9494141 = "{malware path and file name}" Other System Modifications This Trojan adds the following registry
\Software\Microsoft\ Windows\CurrentVersion\Desktop It adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Desktop Count = "1" This report is generated via an
\SOFTWARE\Microsoft\ Security Center UACDisableNotify = "0" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\policies\ system EnableLUA = "0" This report is generated via an automated analysis
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run S166169155 = "{malware path and file name}" Other System Modifications This Trojan adds the following
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run S715473 = "{malware path and file name}" Other System Modifications This Trojan adds the following registry
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run S608436 = "{malware path and file name}" Other System Modifications This Trojan adds the following registry
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run S7626170 = "{malware path and file name}" Other System Modifications This Trojan adds the following registry
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run S9898148 = "{malware path and file name}" Other System Modifications This Trojan adds the following registry
execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run Windmn.exe = "%System%\Windmn.exe" HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run S18145190 = "{malware path and file name}" Other System Modifications This Trojan adds the following
execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run Microsoft Redirect = "{malware path and file name}" This report is generated via an automated analysis
XLSTART folder first Saves the active workbook as STARTUP.XLS in the said folder if the file name does not already exist in the XLSTART folder Infects Microsoft Office Excel worksheet files by creating a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\Winlogon Userinit = %System%\userinit.exe,%Windows%\host32.exe, (Note: The default value data of the said registry entry is %System%\userinit.exe, .)
\SOFTWARE\Microsoft\ Security Center UACDisableNotify = "0" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\policies\ system EnableLUA = "0" This report is generated via an automated analysis