Malware is often using one of these 3 APIs to launch new processes:

• WinExec
• ShellExecute (Ansi and Wide versions)
• CreateProcess (Ansi and Wide versions + all CreateProcess* family e.g. CreateProcessInternal, CreateProcessAsUser, etc.)

Question:

There is at least one more API function that could be also used to launch executables. What is its name?

Have a good weekend!

Answer here

Many Microsoft articles say that modifying certain registry keys require computer to be restarted for the changes to be taken into account.

Question: Why? And why sometimes these changes are taken into account immediately (i.e. without restart)?

Have a good weekend and Happy New Year 2012!

Answer here