|
|
Detect and remove hidden rootkits using
UnHackMe
RegRun Security Suite = 24 system utilities for protecting your computer. Try now! |
 %SysDir%\ali.exe - Dangerous
ali.exe is used to hide files, processes and registry. ali.exe is a kernel mode rootkit. Rootkit injects itself into other process. ali.exe tries to terminate antiviral programs installed on a user computer. ali.exe monitors user Internet activity and private information. It sends stolen data to a hacker site. Related files: %SysDir%\ali.exe Adds the value: HKCU\Software\Microsoft\Windows\CurrentVersion\Run Bandook %SysDir%\ali.exe HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce *Bandook %SysDir%\ali.exe HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\(B6A807N6-42DF-4W02-93E5-B156B3FA8AL1) StubPath %SysDir%\ali.exe to the Windows startup registry keys. Added to registry: HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters \FirewallPolicy\StandardProfile\GloballyOpenPorts\List More info: http://www.sophos.com/virusinfo/analyses... Removal: %SysDir%\ali.exe is removed by RegRun.
Read more... Removal instructions...
Recommended software: RegRun Security Suite - removal and protection. http://www.regrun.com RegRun Reanimator - free removal tool. greatis.com/reanimator
What is hidden in MSDN? Why software developers prefer Win32.FreeTechSecrets.com? All Unix Manuals in Alphabetical Order C# controls for .NET in 3 simple steps. Constantly updated. Last update: May 12 2008
Interesting information about Vista programs... Need consultation? Would you like to add your opinion?
|
|
