Search
Keyword: microsoft internet explorer
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Installation This Trojan creates the following folders: %User Profile%\Microsoft\Windows (Note:
Technique This Trojan adds the following registry entries to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run ferwgdb2335931598 = "%User
system is located.) Autostart Technique This Trojan adds the following registry entries to enable its automatic execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT
adds the following registry entries to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run KB{random numbers}.exe = "%User Profile%
startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run avpupdt = "%System%\1718185808\avgupdt.exe" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run ctfmon = "{malware
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Installation This Trojan creates the following folders: %User Profile%\Microsoft\Dr Watson (Note:
startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run avpupdt = "%System%\1718185808\avgupdt.exe" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run ctfmon = "{malware
Settings\Application Data on Windows 2000, XP, and Server 2003.) It adds the following registry keys: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\RunOnce HKEY_CURRENT_USER\Software\Microsoft
execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run Metodo_z33 = "%Windows%\upload.bat" Other System Modifications This Trojan deletes the following files:
system is located.) Autostart Technique This Trojan adds the following registry entries to enable its automatic execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Note = "%User Profile%\Notepad\note.exe" Other System Modifications This Trojan adds the following registry
path and file name}.exe Autostart Technique This Trojan adds the following registry entries to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows
startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run lcxdlcx = "%User Profile%\Protect\lcxdlcx.exe" Other System Modifications This Trojan deletes the following files: %Windows%
or C:\WINNT.) Autostart Technique This Trojan adds the following registry entries to enable its automatic execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows
Server 2003.) Autostart Technique This Trojan adds the following registry entries to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run
every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run javahr = "%System Root%\CommonFiles\javahr.exe" HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run
Server 2003.) Autostart Technique This Trojan adds the following registry entries to enable its automatic execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Installation This Trojan creates the following folders: %User Profile%\Microsoft\OFFICE %User
execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Active Setup\Installed Components\{c5nlcrbp-njbw-scpd-ibvt-pfh7d2hvovkk} stubpath = [REG_EXPAND_SZ, value: ] It registers as a system
Settings\{user name} on Windows 2000, XP, and Server 2003.) Other System Modifications This Trojan adds the following registry keys: HKEY_LOCAL_MACHINE\Software\Microsoft\ Windows\CurrentVersion\Uninstall