Search
Keyword: microsoft internet explorer
keys: HKEY_CURRENT_USER\SOFTWARE\Microsoft\ Cryptography It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Cryptography MachineGuid = "39a21c18-15a8-4b6d-8cf0-d3152f001eeb
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Shell = "{malware path and file name}" Other System Modifications This Trojan adds the following registry
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run S134165183 = "{malware path and file name}" Other System Modifications This Trojan adds the following
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run S19217432 = "{malware path and file name}" Other System Modifications This Trojan adds the following
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run S295539 = "{malware path and file name}" Other System Modifications This Trojan adds the following registry
\Software\Microsoft\ Direct3D\MostRecentApplication It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Direct3D\MostRecentApplication Name = "trtwrdwoim.exe" Dropping Routine This
execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Active Setup\Installed Components\{P9AAA3AB-B707-11d2-J0BD-KCOMF87A369E} StubPath = "{malware path and file name}" Other System
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ DirectDraw\MostRecentApplication Name = "iexplore.exe" (Note: The default value data of the said registry entry is iexplore.exe .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ DirectDraw\MostRecentApplication Name = "{malware file name}" (Note: The default value data of the said registry entry is iexplore.exe .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run S9175159 = "{malware path and file name}" Other System Modifications This Trojan adds the following registry
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run S1981074 = "{malware path and file name}" Other System Modifications This Trojan adds the following registry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ DirectDraw\MostRecentApplication Name = "{malware file name}" (Note: The default value data of the said registry entry is iexplore.exe .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
\SOFTWARE\Microsoft\ Windows\CurrentVersion\policies\ system EnableLUA = "0" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center UacDisableNotify = "1" Dropping Routine This Trojan drops the following
\Software\Microsoft\ Direct3D\MostRecentApplication It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Direct3D\MostRecentApplication Name = "{malware file name}" Dropping Routine
%\csrcs.exe (Note: %Windows% is the Windows folder, which is usually C:\Windows.) Other System Modifications This spyware adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft
%\web\websv.com Autostart Technique This spyware adds the following registry entries to enable its automatic execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Active Setup
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ DirectDraw\MostRecentApplication Name = "iexplore.exe" (Note: The default value data of the said registry entry is iexplore.exe .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
keys: HKEY_CURRENT_USER\SOFTWARE\Microsoft\ Cryptography It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Cryptography MachineGuid = "ee708813-70f2-4e29-9440-a438a417f63e
at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run Windows Services = "\winsvc32.exe" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ DirectDraw\MostRecentApplication Name = "{malware file name}" (Note: The default value data of the said registry entry is iexplore.exe .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft