Search
Keyword: microsoft internet explorer
Files%\Common Files\Microsoft Shared\MSINFO\Se2re.exe (Note: %Program Files% is the default Program Files folder, usually C:\Program Files in Windows 2000, Server 2003, and XP (32-bit), Vista (32-bit),
\Temp on Windows Vista and 7.) It adds the following registry keys: HKEY_CURRENT_USER\Software\Microsoft\ Bind It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Bind comment =
Technique This Trojan adds the following registry entries to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\RunOnce 2506030520_del = "cmd
of itself into the affected system and executes them: %AppDataLocal%\Microsoft\Windows\{Random File Name}.exe -> Without admin rights %System%\(Random File Name}.exe -> With admin rights (Note:
located.) Autostart Technique This worm adds the following registry entries to enable its automatic execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Active Setup\Installed Components
Files%\Microsoft\WaterMark.exe (Note: %Program Files% is the default Program Files folder, usually C:\Program Files in Windows 2000, Server 2003, and XP (32-bit), Vista (32-bit), and 7 (32-bit), or C:
operating system is located.) Autostart Technique This Trojan adds the following registry entries to enable its automatic execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT
located.) Autostart Technique This worm adds the following registry entries to enable its automatic execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Active Setup\Installed Components
to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run fb75daa = "%System Root%\fb75daa3\fb75daa3.exe" HKEY_CURRENT_USER\Software
to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run 2f1e14a = "%System Root%\2f1e14a2\2f1e14a2.exe" HKEY_CURRENT_USER\Software
to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run a6e27ba = "%System Root%\a6e27bac\a6e27bac.exe" HKEY_CURRENT_USER\Software
64-bit operating systems.) Autostart Technique This Trojan adds the following registry entries to enable its automatic execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Active Setup
Server 2012.) Autostart Technique This spyware adds the following registry entries to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion
Files%\Microsoft\WaterMark.exe (Note: %Program Files% is the Program Files folder, where it usually is C:\Program Files on all Windows operating system versions; C:\Program Files (x86) for 32-bit
and Server 2003, or C:\Users\{user name} on Windows Vista and 7.) Other System Modifications This Trojan modifies the following file(s): %User Profile%\Application Data\Microsoft (Note: %User Profile%
to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run 2b6f33 = "%System Root%\2b6f33a\2b6f33a.exe" HKEY_CURRENT_USER\Software
2003, or C:\Users\{user name}\AppData\Roaming on Windows Vista and 7.) It creates the following folders: %User Profile%\Application Data\Microsoft FxCop (Note: %User Profile% is the current user's profile
to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run 78a38f = "%System Root%\78a38f2\78a38f2.exe" HKEY_CURRENT_USER\Software
and Server 2003, or C:\Users\{user name} on Windows Vista and 7.) Other System Modifications This spyware modifies the following file(s): %User Profile%\Application Data\Microsoft (Note: %User Profile%
registry entries to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run KB00892240.exe = "%User Profile%\Application Data\KB00892240.exe