Search
Keyword: microsoft internet explorer
\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run SHOW WINDOWSAPI = ""{malware path}\{malware file name}.exe"" HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run SHOW WINDOWSAPI = ""{malware path}
following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ DirectDraw\MostRecentApplication Name = "{malware file name}" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ DirectDraw\MostRecentApplication ID =
\Software\Microsoft\ Direct3D\MostRecentApplication It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Direct3D\MostRecentApplication Name = "{malware file name}" Dropping Routine
Files%\Common Files\Microsoft Shared\MSINFO\rejoice2009.exe (Note: %Program Files% is the default Program Files folder, usually C:\Program Files.) Dropping Routine This Trojan drops the following files:
Files%\Common Files\Microsoft Shared\MSINFO\rejoice2010.exe (Note: %Program Files% is the default Program Files folder, usually C:\Program Files.) Dropping Routine This Trojan drops the following files:
\System\CurrentControlSet\ Control\SafeBoot\mini HKEY_LOCAL_MACHINE\System\CurrentControlSet\ Control\SafeBoot\net It adds the following registry entries: HKEY_CURRENT_USER Software\Microsoft\Windows
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Shell = "{malware path and file name}" Other System Modifications This Trojan adds the following registry
\Software\Description\ Microsoft\Rpc\UuidTemporaryData HKEY_LOCAL_MACHINE\SOFTWARE\vPro4\ 28811 It adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Description\ Microsoft\Rpc\UuidTemporaryData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ DirectDraw\MostRecentApplication Name = "{malware file name}" (Note: The default value data of the said registry entry is iexplore.exe .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ DirectDraw\MostRecentApplication Name = "{malware file name}" (Note: The default value data of the said registry entry is iexplore.exe .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Shell = "{malware path and file name}" Other System Modifications This Trojan adds the following registry
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Shell = "{malware path and file name}" Other System Modifications This Trojan adds the following registry
following registry keys: HKEY_LOCAL_MACHINE\Software\Microsoft\ RFC1156Agent\CurrentVersion\Parameters It adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ RFC1156Agent
This spyware adds the following registry keys: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\R¡n It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Windows
the affected system: %Program Files%\Common Files\Microsoft Shared\MSINFO\40.exe (Note: %Program Files% is the default Program Files folder, usually C:\Program Files.) Dropping Routine This Trojan drops
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\RunOnce MSSetup = "{malware path and file name}" Other System Modifications This Trojan adds the following
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Shell = "{malware path and file name}" Other System Modifications This Trojan adds the following registry
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Shell = "{malware path and file name}" Other System Modifications This Trojan adds the following registry
execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Shell = "{malware path and file name}" Other System Modifications This Trojan adds the following registry
\Software\Microsoft\ Direct3D\MostRecentApplication It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Direct3D\MostRecentApplication Name = "{malware file name}" Dropping Routine