Talk:Internet Security 2012 Virus

From Free Knowledge Base- The DUCK Project: information for everyone
Revision as of 16:11, 17 December 2011 by Admin (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

System registry

In order to function normally XP Antivirus 2012 creates the following branches in the system registry: 

   HKEY_LOCAL_MACHINE\software\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\
   command  = “%UserProfile%\Local Settings\Application Data\%random%.exe” -a “C:\Program Files\Mozilla Firefox\firefox.exe”

   HKEY_LOCAL_MACHINE\software\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\
   command  = “%UserProfile%\Local Settings\Application Data\%random%.exe” -a “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode

   HKEY_LOCAL_MACHINE\software\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\
   command  = “%UserProfile%\Local Settings\Application Data\%random%.exe” -a “C:\Program Files\Internet Explorer\iexplore.exe”

   HKEY_CLASSES_ROOT\.exe
   (Default) = exefile

   HKEY_CLASSES_ROOT\.exe\
   Content Type = application/x-msdownload
   DefaultIcon  = %1

   HKEY_CLASSES_ROOT\.exe\shell\open\command
   (Default) = “%UserProfile%\Local Settings\Application Data\%random%.exe” -a “%1″ %*
   IsolatedCommand = “%1″ %*

   HKEY_CLASSES_ROOT\.exe\shell\runas\command
   (Default) = “%1″ %*
   IsolatedCommand = “%1″ %*

   HKEY_CLASSES_ROOT\exefile
   (Default) = Application
   Content Type = application/x-msdownload
   DefaultIcon  = %1

   HKEY_CLASSES_ROOT\exefile\shell\open\command
   (Default) = “%UserProfile%\Local Settings\Application Data\%random%.exe” -a “%1″ %*
   IsolatedCommand = “%1″ %*

   HKEY_CLASSES_ROOT\exefile\shell\runas\command
   (Default) = “%1″ %*
   IsolatedCommand = “%1″ %*
Retrieved from "https://wiki.robotz.com/index.php?title=Talk:Internet_Security_2012_Virus&oldid=6348"