Troj/Mdrop-DPO

Category: Viruses and SpywareProtection available since:06 Aug 2011 22:41:16 (GMT)
Type: TrojanLast Updated:06 Aug 2011 22:41:16 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Mdrop-DPO exhibits the following characteristics:

File Information

Size
14M
SHA-1
f483fbe0c3194ed954067a552c350e0d90937661
MD5
55a5acd9464cd79c845818d02755217f
CRC-32
b6b9faae
File type
application/x-ms-dos-executable
First seen
2011-08-06

Runtime Analysis

Dropped Files
  • C:\Program Files\Mozilla Firefox\searchplugins\google.xml
  • C:\Program Files\Mozilla Firefox\plugin-container.exe
    Size
    17K
    SHA-1
    7fee77ab5e8466814c6fa39ab33d58180b4fc4b8
    MD5
    b07d6a08dda7cfa92331aad28ebce27e
    CRC-32
    4573aebe
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\update.locale
  • C:\Program Files\Mozilla Firefox\precomplete
    Size
    1.5K
    SHA-1
    863065c11f6e420e5c56d8fa5d585f3ad2005d44
    MD5
    c372fe89ca4a7aaf54ce5024f50c01b7
    CRC-32
    3024e73d
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2011-06-11
  • C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
  • C:\Program Files\Mozilla Firefox\softokn3.chk
    Size
    478
    SHA-1
    06b0dbbeacdbb9bfd8bc7cfccafe87f6d52c3f5d
    MD5
    6475d7adbf8503a45f68bf0b2debe9ab
    CRC-32
    70de439b
    File type
    application/octet-stream
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml
  • C:\Program Files\Mozilla Firefox\plds4.dll
    Size
    19K
    SHA-1
    d1135e15654f5b67531caf16dfd2700e718179b9
    MD5
    45296b9ca90679c6ec8b6c0ae6d5b085
    CRC-32
    7d1bdd8f
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\removed-files
    Size
    34K
    SHA-1
    ddf8101d96dc120cf3afe205d4c14edf73d806f5
    MD5
    e3cb67faed81df29c7ef50e403247c8f
    CRC-32
    cdcd28cf
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2011-03-14
  • C:\Program Files\Mozilla Firefox\xul.dll
    Size
    14M
    SHA-1
    b6be4a6c70a97ba223395b06abbb6481b44137fa
    MD5
    606c9f1133f978f286232bfa682593aa
    CRC-32
    81e54b63
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\smime3.dll
    Size
    103K
    SHA-1
    d620491a74cd7d9c41aa5f2229d690d1ca02e24e
    MD5
    f93adf3debae43916821787ac02763b2
    CRC-32
    c1ddc236
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\uninstall\uninstall.log
    Size
    1.8K
    SHA-1
    76128ae852507a804fda3a4adacf867d089df7f5
    MD5
    8e849e08ab8d9e5dd122889e5a61c6bc
    CRC-32
    60806ae8
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2011-06-25
  • C:\Program Files\Mozilla Firefox\updater.ini
  • C:\Program Files\Mozilla Firefox\xpcom.dll
    Size
    19K
    SHA-1
    143b731b6a6fc1bd2944c2dc1b65c6b80be01a2c
    MD5
    22fb66ec80c3db7b339f3cf065c93059
    CRC-32
    57023339
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\uninstall\shortcuts_log.ini
    Size
    322
    SHA-1
    27a1f9f85a9d0d918dd775cdd881d5378418aeef
    MD5
    56dbb2bcd89c0d93f50562b3772b5181
    CRC-32
    e2f83d20
    File type
    UTF-16/UCS-2 16-bit Unicode Transformation Format
    First seen
    2011-03-14
  • C:\Program Files\Mozilla Firefox\nssutil3.dll
    Size
    87K
    SHA-1
    161f520d1c4e66bb8365f062ebfdaebe15796299
    MD5
    1ea5931da9829c10b9d0c811e50200da
    CRC-32
    9fe51645
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\icon.png
  • C:\Program Files\Mozilla Firefox\README.txt
  • C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\preview.png
  • C:\Program Files\Mozilla Firefox\install.log
    Size
    21K
    SHA-1
    5a3f89bffeee09feb98b9e018891f903b101f308
    MD5
    72837420afa7015fc464528d41379248
    CRC-32
    0035bba4
    File type
    application/octet-stream
    First seen
    2011-08-06
  • C:\Program Files\Mozilla Firefox\dictionaries\en-US.aff
  • C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
  • C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
  • C:\Program Files\Mozilla Firefox\nss3.dll
    Size
    631K
    SHA-1
    8a91fc7b45c8ea7a5c435a61d14c538596e5d811
    MD5
    c210a9d8330ca56a80cd25ef30114c63
    CRC-32
    ee30eabd
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\nspr4.dll
    Size
    199K
    SHA-1
    729bf0501e50704d5fd00fb2ebc144fcb517e2e1
    MD5
    008f92dd43e96a7bd88e900bb813a56c
    CRC-32
    1ba8c30f
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\nssckbi.dll
    Size
    335K
    SHA-1
    5384aa36eb4a4a60a78036fb0ca29aab0ab2afc5
    MD5
    7af48749c777563f758179abe837cdd6
    CRC-32
    5f0e9b4a
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\nssdbm3.chk
    Size
    478
    SHA-1
    0d30a1ae5ce30953f3a303a857dbc270f025d578
    MD5
    204dd379b44d8d3e10c3d03761abdcd0
    CRC-32
    1b553d03
    File type
    application/octet-stream
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\softokn3.dll
    Size
    163K
    SHA-1
    f113c9ce5c8d94214214ea65ed9670d8edaf70be
    MD5
    611ec4698f0114ab845a57da96ced6e4
    CRC-32
    f2faa6b6
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
  • C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll
    Size
    19K
    SHA-1
    2fc61c2aea199c29897afad02c4213c0f0fce988
    MD5
    5d8161fb5632af2057b73c66f8cf8f5b
    CRC-32
    5e0ff34b
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • c:\Documents and Settings\test user\Application Data\Mozilla\Firefox\Profiles\6wor39ty.default\compatibility.ini
  • C:\Program Files\Mozilla Firefox\crashreporter-override.ini
  • c:\Documents and Settings\test user\Application Data\Mozilla\Firefox\Crash Reports\InstallTime20110707182747
  • C:\Program Files\Mozilla Firefox\dependentlibs.list
  • c:\Documents and Settings\test user\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
  • c:\Documents and Settings\test user\Local Settings\Application Data\Mozilla\Firefox\Profiles\6wor39ty.default\XUL.mfl
  • C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
  • c:\Documents and Settings\test user\Application Data\Mozilla\Firefox\profiles.ini
  • c:\Documents and Settings\test user\Local Settings\Temp\2.exe
  • C:\Program Files\Mozilla Firefox\application.ini
    Size
    2.2K
    SHA-1
    7b49da67afa1aff89267ba52efd68810426621a4
    MD5
    b91ff8b7b9c53bbb3ba4e50ba960a456
    CRC-32
    33a1d56c
    File type
    application/octet-stream
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\mozalloc.dll
    Size
    16K
    SHA-1
    4e2109dabe5f87aa88e564bf2e6fe70c9ea52bd5
    MD5
    a9728ce17cde341a2f41f49ea14272f4
    CRC-32
    13fe4aad
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\D3DCompiler_43.dll
    Size
    2.1M
    SHA-1
    98be17e1d324790a5b206e1ea1cc4e64fbe21240
    MD5
    1c9b45e87528b8bb8cfa884ea0099a85
    CRC-32
    5201927b
    File type
    Windows executable
    First seen
    2010-12-06
  • C:\Program Files\Mozilla Firefox\mozsqlite3.dll
    Size
    763K
    SHA-1
    c6d9658c3c06699ecb274123875ffe4e269baf54
    MD5
    f429e2be159a383f9d682c6c956df9dd
    CRC-32
    34b770b1
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf
  • c:\Documents and Settings\test user\Local Settings\Temp\1.exe
    Size
    14M
    SHA-1
    7da88e55e48ce013da0b8179b0d64485da2c225b
    MD5
    d1b663a615b54f5245a987132be86f8e
    CRC-32
    de8825ff
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\components\binary.manifest
    Size
    67
    SHA-1
    0c45fe7a9dc295a15788ee6c7a3364a464b9caa8
    MD5
    3890a0a1f48c0856c01b08f5bf2497bb
    CRC-32
    d33a412d
    File type
    application/octet-stream
    First seen
    2010-11-28
  • C:\Program Files\Mozilla Firefox\blocklist.xml
    Size
    7.1K
    SHA-1
    be748dc8c0e776b2da5c80b99d5d9c0237cb4259
    MD5
    345abf6e93a058329e680b5fb3080be1
    CRC-32
    2bf93e8d
    File type
    Extensible Markup Language (XML)
    First seen
    2011-05-07
  • C:\Program Files\Mozilla Firefox\platform.ini
    Size
    141
    SHA-1
    628631b1360e7c9abd9e470b8ff73978ec4a1df2
    MD5
    ec647d7cdb24cd99e2a621240793c93f
    CRC-32
    3c942df3
    File type
    application/octet-stream
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\ssl3.dll
    Size
    139K
    SHA-1
    c9e5fc871d7c48b2fb17e0bbcd363fddee7b56f6
    MD5
    a06912e7a6ef98f41ad86c3f33c3c27b
    CRC-32
    9a962c68
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\freebl3.chk
    Size
    478
    SHA-1
    4a6a2dc7bc47d7ab25e1059a8a0fb9ca9d5d2efb
    MD5
    56b73d47bee2ea08cf1da38607597852
    CRC-32
    701d5ea5
    File type
    application/octet-stream
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    Size
    697K
    SHA-1
    144b5ba94771d11d455a8072e2bf2b45e05d80e6
    MD5
    810de1741b071845d065af78a9a8866d
    CRC-32
    862fa65f
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\firefox.exe
    Size
    903K
    SHA-1
    9b502e65928a79e9c04315afe0fa49f6ab0067b8
    MD5
    5fb5d1a2267831208b4ee46149af7b18
    CRC-32
    50b63d40
    File type
    application/x-ms-dos-executable
    First seen
    2011-07-25
  • C:\Program Files\Mozilla Firefox\omni.jar
    Size
    5.1M
    SHA-1
    ae2c39e13a91007b72e405075a54f08ba97d6eed
    MD5
    cd393564998b575d30970cce2e3580c7
    CRC-32
    7ffebc71
    File type
    application/octet-stream
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\components\browsercomps.dll
  • C:\Program Files\Mozilla Firefox\chrome.manifest
    Size
    36
    SHA-1
    c2045cff37f4c1d75ebd4cd421de9777d9672143
    MD5
    8f2e87a15606de2ad90c1e6deaed4624
    CRC-32
    ed4b4688
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2010-12-06
  • C:\Program Files\Mozilla Firefox\defaults\pref\channel-prefs.js
  • C:\Program Files\Mozilla Firefox\libGLESv2.dll
    Size
    455K
    SHA-1
    dc46614718a592a509c6f04a4e8123a459ac928d
    MD5
    0ebebe94a83856fe4f854117c3a1685e
    CRC-32
    f1a2b5a5
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\mozcrt19.dll
    Size
    699K
    SHA-1
    866448b3e955e6098c4e5a4548507bf127a17c02
    MD5
    f5533ab2b5282c0dd464ec7cebbf432d
    CRC-32
    3cc9690a
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\crashreporter.ini
    Size
    3.8K
    SHA-1
    52efcf39bf3b97cbfb61d85b9625ca2e5cbe7158
    MD5
    e4dec9a44c9388c402d31f0425619a5d
    CRC-32
    ee3fb25b
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2011-02-11
  • C:\Program Files\Mozilla Firefox\crashreporter.exe
    Size
    123K
    SHA-1
    4a7b701c0d8449ba2dae1fb92a4339734acc7b58
    MD5
    d83e92732f84ebcb3e35aae1d233418e
    CRC-32
    e2c4a974
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\libEGL.dll
    Size
    87K
    SHA-1
    631255d168a033a2b40045fc44300688687f5115
    MD5
    304d6d574cb305aa12980aaa6ea42816
    CRC-32
    6e288bf8
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
    Size
    1.2K
    SHA-1
    8336a938ddb934683c6e138a1bb356b83f9677d0
    MD5
    025b9c988b47ee91bb332e738af49b47
    CRC-32
    ddfc1673
    File type
    application/octet-stream
    First seen
    2011-03-01
  • C:\Program Files\Mozilla Firefox\d3dx9_43.dll
  • C:\Program Files\Mozilla Firefox\mozcpp19.dll
    Size
    703K
    SHA-1
    05b387e34b57c1d8a13eee5cb29eb4f2e3245d81
    MD5
    dffb2b5a5cd32b43c6339ebd6e8fb186
    CRC-32
    69ec70b5
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\mozjs.dll
    Size
    1.8M
    SHA-1
    5b07c92bae8567e1d3259a445b28e05bad6bd2c4
    MD5
    8254349fbe4813483d7e30f04223e3b2
    CRC-32
    c2bdc4ec
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\freebl3.dll
    Size
    263K
    SHA-1
    cfdd6a6659c8b7ce015cfa69fac7fe7190c7b925
    MD5
    d75cd106179a1b0543462f17d0584b02
    CRC-32
    88e4c505
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\dictionaries\en-US.dic
  • C:\Program Files\Mozilla Firefox\updater.exe
    Size
    259K
    SHA-1
    ba4fa821daaa4c46c4fd16d5403e9fe1b7160af1
    MD5
    44bb1dbab112e1c07a569f42daffdf98
    CRC-32
    61c30ac5
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\plc4.dll
    Size
    22K
    SHA-1
    aba8ad97307db1831c34df2f7f39cd6321ec3dd6
    MD5
    18151e72d82eeebcdb5b8e17c54a218c
    CRC-32
    637ac402
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
  • C:\Program Files\Mozilla Firefox\nssdbm3.dll
    Size
    103K
    SHA-1
    ce48070f2e89fb342d2746210bd5d07b39ebcbe4
    MD5
    b89bf189c2acd95716f72abd70c06807
    CRC-32
    b9a8cfc0
    File type
    application/x-ms-dos-executable
    First seen
    2011-08-05
Registry Keys Created
  • HKLM\SOFTWARE\Mozilla\Mozilla Firefox
    (Default)
    5.0.1
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\OpenWithProgids
    FirefoxHTML
  • HKCR\FirefoxURL\shell
    (Default)
    open
  • HKCU\Software\Classes\FirefoxURL\shell\open\ddeexec
    (Default)
    "%1",,0,0,,,,
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids
    FirefoxHTML
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\firefox.exe
    (Default)
    C:\Program Files\Mozilla Firefox\firefox.exe
  • HKCU_Classes\http\DefaultIcon
    (Default)
    C:\Program Files\Mozilla Firefox\firefox.exe,1
  • HKCU_Classes\ftp\shell\open\ddeexec\Application
    (Default)
    Firefox
  • HKLM\SOFTWARE\Mozilla\Mozilla Firefox 5.0.1\bin
    PathToExe
    C:\Program Files\Mozilla Firefox\firefox.exe
  • HKCR\CLSID\{0D68D6D0-D93D-4D08-A30D-F00DD1F45B24}
    (Default)
    PSFactoryBuffer
  • HKCU\Software\Classes\FirefoxHTML
    (Default)
    Firefox Document
  • HKCR\FirefoxURL\shell\open\ddeexec\Application
    (Default)
    Firefox
  • HKCU\Software\Classes\.xhtml
    (Default)
    FirefoxHTML
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 5.0.1 (x86 en-US)
    Comments
    Mozilla Firefox 5.0.1 (x86 en-US)
  • HKCU_Classes\https\shell
    (Default)
    open
  • HKCU_Classes\http\shell\open\ddeexec\Topic
    (Default)
    WWW_OpenURL
  • HKCU\Software\Classes\.webm
    (Default)
    FirefoxHTML
  • HKCU\Software\Classes\FirefoxHTML\shell\open\ddeexec
    (Default)
    "%1",,0,0,,,,
  • HKCR\FirefoxHTML\shell\open\ddeexec
    (Default)
    "%1",,0,0,,,,
  • HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\Capabilities
    ApplicationName
    Firefox
  • HKCU\Software\Classes\FirefoxURL\DefaultIcon
    (Default)
    C:\Program Files\Mozilla Firefox\firefox.exe,1
  • HKCU_Classes\FirefoxURL\shell\open\ddeexec
    (Default)
    "%1",,0,0,,,,
  • HKCR\FirefoxHTML\shell\open\command
    (Default)
    "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1"
  • HKCU\Software\Classes\FirefoxURL
    FriendlyTypeName
    Firefox URL
  • HKCU_Classes\FirefoxURL
    (Default)
    Firefox URL
  • HKCU_Classes\FirefoxHTML\shell\open\ddeexec
    NoActivateHandler
  • HKCU\Software\Classes\https\shell
    (Default)
    open
  • HKLM\SOFTWARE\Mozilla\Mozilla Firefox\5.0.1 (en-US)\Main
    Install Directory
    C:\Program Files\Mozilla Firefox
  • HKCU\Software\Classes\FirefoxHTML\shell
    (Default)
    open
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\OpenWithProgids
    FirefoxHTML
  • HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\Capabilities\URLAssociations
    https
    FirefoxURL
  • HKCU\Software\Classes\https
    EditFlags
    0x00000002
  • HKLM\SOFTWARE\RegisteredApplications
    Firefox
    Software\Clients\StartMenuInternet\FIREFOX.EXE\Capabilities
  • HKCU_Classes\.htm
    (Default)
    FirefoxHTML
  • HKCU_Classes\FirefoxHTML\shell\open\ddeexec\Topic
    (Default)
    WWW_OpenURL
  • HKCU\Software\Classes\FirefoxURL\shell
    (Default)
    open
  • HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\Capabilities\FileAssociations
    .shtml
    FirefoxHTML
  • HKCU\Software\Classes\http\shell\open\ddeexec\Application
    (Default)
    Firefox
  • HKCU\Software\Classes\ftp\shell\open\ddeexec\Application
    (Default)
    Firefox
  • HKCU\Software\Classes\https\shell\open\ddeexec
    NoActivateHandler
  • HKCU_Classes\http\shell\open\ddeexec\Application
    (Default)
    Firefox
  • HKCU\Software\Classes\.html
    (Default)
    FirefoxHTML
  • HKCU_Classes\http\shell\open\ddeexec
    (Default)
    "%1",,0,0,,,,
  • HKCU\Software\Classes\FirefoxHTML\shell\open\ddeexec\Topic
    (Default)
    WWW_OpenURL
  • HKCU_Classes\http
    URL Protocol
  • HKCU_Classes\FirefoxHTML\shell\open\ddeexec\Application
    (Default)
    Firefox
  • HKCU_Classes\https\shell\open\ddeexec\Topic
    (Default)
    WWW_OpenURL
  • HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo
    ReinstallCommand
    "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal
  • HKCU\Software\Classes\http\shell\open\ddeexec\Topic
    (Default)
    WWW_OpenURL
  • HKCU\Software\Classes\https\shell\open\command
    (Default)
    "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1"
  • HKCR\.xhtml
    Content Type
    application/xhtml+xml
  • HKCU_Classes\ftp
    URL Protocol
  • HKCU\Software\Classes\.shtml
    (Default)
    FirefoxHTML
  • HKCR\FirefoxURL\shell\open\command
    (Default)
    "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1"
  • HKCR\Interface\{4E747BE5-2052-4265-8AF0-8ECAD7AAD1C0}\ProxyStubClsid32
    (Default)
    {0D68D6D0-D93D-4D08-A30D-F00DD1F45B24}
  • HKLM\SOFTWARE\mozilla.org\Mozilla
    CurrentVersion
    5.0.1
  • HKCU\Software\Classes\http\shell\open\command
    (Default)
    "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1"
  • HKCU_Classes\FirefoxURL\shell\open\ddeexec\Application
    (Default)
    Firefox
  • HKCR\.xht
    (Default)
    xhtfile
  • HKCR\CLSID\{0D68D6D0-D93D-4D08-A30D-F00DD1F45B24}\InProcServer32
    (Default)
    C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll
  • HKCR\.shtml
    Content Type
    text/html
  • HKCU\Software\Classes\http
    URL Protocol
  • HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\properties
    (Default)
    Firefox &Options
  • HKCR\Interface\{4E747BE5-2052-4265-8AF0-8ECAD7AAD1C0}
    (Default)
    ISimpleDOMText
  • HKCU_Classes\FirefoxURL\shell\open\command
    (Default)
    "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1"
  • HKCU\Software\Classes\https\shell\open\ddeexec\Application
    (Default)
    Firefox
  • HKCU\Software\Classes\https\shell\open\ddeexec\Topic
    (Default)
    WWW_OpenURL
  • HKCR\FirefoxURL
    URL Protocol
  • HKCU\Software\Classes\ftp\shell
    (Default)
    open
  • HKCR\FirefoxHTML\shell
    (Default)
    open
  • HKCU\Software\Classes\ftp\shell\open\ddeexec\Topic
    (Default)
    WWW_OpenURL
  • HKCR\FirefoxHTML\DefaultIcon
    (Default)
    C:\Program Files\Mozilla Firefox\firefox.exe,1
  • HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE
    (Default)
    Mozilla Firefox
  • HKCU\Software\Classes\FirefoxHTML\shell\open\ddeexec\Application
    (Default)
    Firefox
  • HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\Capabilities\StartMenu
    StartMenuInternet
    FIREFOX.EXE
  • HKCU_Classes\https
    URL Protocol
  • HKCU\Software\Classes\http\DefaultIcon
    (Default)
    C:\Program Files\Mozilla Firefox\firefox.exe,1
Processes Created
  • c:\docume~1\support\locals~1\temp\1.exe
  • c:\docume~1\support\locals~1\temp\7zs2.tmp\setup.exe