Changeset 1682
- Timestamp:
- 07/11/08 13:40:58 (2 months ago)
- Files:
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
honeyclient/trunk/thirdparty/capture-mod/RegistryMonitor.exl
r1679 r1682 186 186 + SetValueKey C:\\Program Files\\Messenger\\msmsgs\.exe HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\MSMSGS 187 187 + SetValueKey C:\\Program Files\\Messenger\\msmsgs\.exe HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\.+ 188 + SetValueKey C:\\Program Files\\Messenger\\msmsgs\.exe HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Shell Folders\\. +188 + SetValueKey C:\\Program Files\\Messenger\\msmsgs\.exe HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Shell Folders\\.* 189 189 + SetValueKey C:\\Program Files\\Messenger\\msmsgs\.exe HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\.+ 190 190 + SetValueKey C:\\WINDOWS\\system32\\svchost\.exe HKLM\\SOFTWARE\\Microsoft\\EventSystem\\.+\\Subscriptions\\.+ … … 202 202 + DeleteValueKey C:\\Program Files\\Messenger\\msmsgs\.exe HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\MSMSGS 203 203 + DeleteValueKey C:\\Program Files\\Messenger\\msmsgs\.exe HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\.+ 204 + DeleteValueKey C:\\Program Files\\Messenger\\msmsgs\.exe HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Shell Folders\\. +204 + DeleteValueKey C:\\Program Files\\Messenger\\msmsgs\.exe HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Shell Folders\\.* 205 205 + DeleteValueKey C:\\Program Files\\Messenger\\msmsgs\.exe HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\.+ 206 206 + DeleteValueKey C:\\WINDOWS\\system32\\svchost\.exe HKLM\\SOFTWARE\\Microsoft\\EventSystem\\.+\\Subscriptions\\.+
