Search
Keyword: microsoft internet explorer
execution at every system startup: HKEY_LOCAL_MACHINE\Software\Microsoft\ Windows\CurrentVersion\Run spro = "%ProgramFiles%\SPro\sproinit.exe" HKEY_LOCAL_MACHINE\Software\Microsoft\ Windows\CurrentVersion\Run
path}\{random file name}.exe Autostart Technique This Trojan adds the following registry entries to enable its automatic execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows
execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run 76598903 = "{malware path and file name}" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run
\SOFTWARE\Microsoft\ Cryptography It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Cryptography MachineGuid = "398c261f-3178-497b-b86a-db6b4eb6c928" Other Details This Trojan
It adds the following registry keys: HKEY_LOCAL_MACHINE\Software\Microsoft\ RFC1156Agent\CurrentVersion\Parameters It adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
\SOFTWARE\Microsoft\ Cryptography It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Cryptography MachineGuid = "56c7ebd5-a4b0-4e0b-b774-d806dedb83df" Other Details This Trojan
\SOFTWARE\Microsoft\ Cryptography It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Cryptography MachineGuid = "e6a73668-4060-4f73-82da-a4ba3c090e8b" Other Details This Trojan
following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ DirectDraw\MostRecentApplication Name = "{malware file name}" (Note: The default value data of the said registry entry is iexplore.exe .)
following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ DirectDraw\MostRecentApplication Name = "{malware file name}" (Note: The default value data of the said registry entry is iexplore.exe .)
\Software\Microsoft\ Multimedia\DrawDib It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Multimedia\DrawDib vga.drv 800x600x16(565 0) = "31,31,31,31" This report is generated via
\Software\Microsoft\ Multimedia\DrawDib It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Multimedia\DrawDib vga.drv 1024x768x32(BGR 0) = "31,31,31,31" This report is generated via
\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\Image File Execution Options\ instup.exe It adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\Image File
execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run RegistryMonitor1 = "%System%\qtplugin.exe" Other System Modifications This Trojan adds the following
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run DWQAZ = "{malware path and file name}" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run SSS
\Software\Microsoft\ Multimedia\DrawDib It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Multimedia\DrawDib vga.drv 800x600x16(565 0) = "31,31,31,31" This report is generated via
}.installstate It adds the following registry keys: HKEY_CURRENT_USER\Software\Microsoft\ Windows Script\Settings It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Windows Script
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run S1370194 = "{malware path and file name}" Other System Modifications This Trojan adds the following registry
\Software\Microsoft\ Windows\CurrentVersion Microsoft Windows Installer = "{malware path and file name}" Other Details This Trojan connects to the following possibly malicious URL: This report is generated
execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run {malware file name} = "%System Root%\{malware file name}.exe" Other System Modifications This Trojan adds
\Software\Microsoft\ Multimedia\DrawDib HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Control\MediaResources\msvideo It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Multimedia