Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'iexplor1985' = '%PROGRAM_FILES%\Internet Explorer\my_705file.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AliimSafe.exe] 'debugger' = 'ntsd -d'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\winrunexe.exe
- %PROGRAM_FILES%\Internet Explorer\Skype.exe
- <SYSTEM32>\cmd.exe /c mybat.bat
- <SYSTEM32>\reg.exe ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AliimSafe.exe" /v debugger /t REG_SZ /d "ntsd -d" /f
- <SYSTEM32>\taskkill.exe /im AliimSafe.exe /f
- <Текущая директория>\mybat.bat
- %PROGRAM_FILES%\Internet Explorer\Skype.exe
- %PROGRAM_FILES%\Internet Explorer\my_705file.exe
- ClassName: '' WindowName: ''