Search
Keyword: microsoft internet explorer
\Software\Microsoft\ Windows\CurrentVersion\Run 08f4dc96bbb7af09d1a37fe35c75a42f = "%User Temp%\explorer.exe .." HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run
\DriverHub.lnk %Cookies%\{Username}@www.az-partners[1].txt %Temporary Internet Files%\Content.IE5\{8 Random Alphabet Characters}\index_en[1].htm %Temporary Internet Files%\Content.IE5\{8 Random Alphabet Characters
Other Details This Worm adds the following lines or registry entries as part of its routine: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\Windows\CURRENTVERSION\Run\CPM9b2082f1 Ru32 {malware path and
Other Details This Spyware adds the following lines or registry entries as part of its routine: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\Windows\CURRENTVERSION\Installer\UserData\S-1-5-18\Products
execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\RunOnce wextract_cleanup0 = "rundll32.exe %System%\advpack.dll,DelNodeRunDLL32 "%User Temp%\IXP000.TMP
usually C:\Windows.) Autostart Technique This backdoor adds the following registry entries to enable its automatic execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows
enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Genius = "{malware path and file name}" Other System Modifications This Trojan
%System Root%\Documents and Settings\All Users %User Profile%\Application Data %User Profile%\Application Data\Microsoft %User Profile%\Microsoft\Network %User Profile%\Network\Connections %User Profile%
Windows Vista and 7.) Autostart Technique This worm adds the following registry entries to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows
\DOCUME~1\Wilbert %User Profile%\LOCALS~1 %User Temp%\nsd2.tmp %User Temp%\nsd2.tmp\Custom %User Temp%\nsd2.tmp\Custom\Images %Program Files%\Microsoft Office\Office10 %User Temp%\nsr5.tmp (Note: %System Root
Windows 2000, XP, and Server 2003.) Autostart Technique This backdoor adds the following registry entries to enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft
\Microsoft\ Windows\CurrentVersion\Run IKS Start = "%System%\NQDGTB\IKS.exe" Other System Modifications This Trojan modifies the following files: %User Profile%\Application Data\Microsoft (Note: %User Profile%
enable its automatic execution at every system startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run logonquery = "%System Root%\Documents and Settings\All Users\logonquery.exe
\Software\Microsoft\ Windows\CurrentVersion\Run Secure64 = %System%\dllcache\Regedit32.com StartUp HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Secure32 = %System%\dllcache\Shell32.com
entries to enable its automatic execution at every system startup: HKEY_LOCAL_MACHINE\Software\Microsoft\ Windows\CurrentVersion\Run Win32Update = "{random name of a file found in the Windows system folder}
HKEY_LOCAL_MACHINE\software\microsoft\ windows\currentversion\uninstall\ Welcome to Sex Mansion It adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ Welcome
the affected system: %User Profile%\Application Data\temp.bin %User Profile%\Application Data\ScreenSaverPro.scr %User Profile%\Microsoft\Jrrarj.exe (Note: %User Profile% is the current user's profile
Profile%\Microsoft\AppReadiness.exe (Note: %User Profile% is the current user's profile folder, which is usually C:\Documents and Settings\{user name} on Windows 2000, XP, and Server 2003, or C:\Users\{user
Profile%\Microsoft\AppReadiness.exe (Note: %User Profile% is the current user's profile folder, which is usually C:\Documents and Settings\{user name} on Windows 2000, XP, and Server 2003, or C:\Users\{user
entries to enable its automatic execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run RFVGTYHJUI = "%User Profile%\YHTGFRRFVB\TYHGRF.exe" HKEY_CURRENT_USER