![]() |
![]() |
#1 |
Junior Member
Join Date: Feb 2014
Posts: 2
|
![]()
I'm seeing a case on a client machine with an ASEP reg key pointing to "NoConoleExe.exe" in C:\users\...\Appdata\Roaming\DisplayLink\DLsetup.
key: runfile hive: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run value: C:\Users\xxxx\AppData\Roaming\DisplayLink\DLsetup\ NoConsoleExe.exe This does not seem normal to me. They key name is right, but the fact that it got installed into appdata\roaming is troublesome. Is this normal? I haven't seen it before and can't turn up anything on the web. Everything tells me it should be pointing to C:\program files\... I'm concerned it's malware spoofing a commonly installed program such as displaylink. |
![]() |
![]() |
![]() |
|
|