Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AliimSafe.exe] 'debugger' = 'ntsd -d'
- %PROGRAM_FILES%\Internet Explorer\Skype.exe
- <SYSTEM32>\reg.exe ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AliimSafe.exe" /v debugger /t REG_SZ /d "ntsd -d" /f
- <SYSTEM32>\taskkill.exe /im AliimSafe.exe /f
- ClassName: 'OLLYDBG' WindowName: ''
- ClassName: 'FileMonClass' WindowName: ''
- %PROGRAM_FILES%\Internet Explorer\Skype.exe
- ClassName: '18467-41' WindowName: ''
- ClassName: '' WindowName: ''