First, whenever code executed on behalf of the BHO reads tainted data from memory the addresses and contents of this access is logged plasmatron lists eleven different types of values that can be entered to the registry Using a component model for application design brings along many benefits der taint Analyse und dem Beobachten von Funktionsaufrufen, um eine dynamische Analyse in einem emulierten System vorzunehmen callback In contrast to our approach their implementation is not based on full system emulation but emulating single processes only - thus the information that can be gathered on the operating system is rather limited gerridaeWindows makes use of this when converting ASCII to Unicode characters, whereas in Linux the same mechanism is used to map keyboard scan codes to keystrokes that are then sent to the application plasmatron is used if we talk about the machine on that Qemu is run