Personally, I disagree with qualify aimp as
Not Stealth, as reflected in its entry, because:
1) Running AIMP3 on an account without Admin rights (which I suppose is the most common scenario): Stealth.
2) Running AIMP3 on an account with Admin rights: Not stealth.
Creates the following keys:
XP 32
Code: Select all
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AIMP.TDropTarget
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AIMP.TDropTarget\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0041494D-5033-4472-6F70-546172676574}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0041494D-5033-4472-6F70-546172676574}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0041494D-5033-4472-6F70-546172676574}\ProgID
HKEY_CLASSES_ROOT\AIMP.TDropTarget
HKEY_CLASSES_ROOT\AIMP.TDropTarget\CLSID
HKEY_CLASSES_ROOT\CLSID\{0041494D-5033-4472-6F70-546172676574}
HKEY_CLASSES_ROOT\CLSID\{0041494D-5033-4472-6F70-546172676574}\LocalServer32
HKEY_CLASSES_ROOT\CLSID\{0041494D-5033-4472-6F70-546172676574}\ProgID
VISTA 64
Code: Select all
HKEY_CLASSES_ROOT\CLSID\{0041494D-5033-4472-6F70-546172676574}
HKEY_CLASSES_ROOT\CLSID\{0041494D-5033-4472-6F70-546172676574}\ProgID
HKEY_CLASSES_ROOT\CLSID\{0041494D-5033-4472-6F70-546172676574}\LocalServer32
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0041494D-5033-4472-6F70-546172676574}\
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0041494D-5033-4472-6F70-546172676574}\LocalServer32
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0041494D-5033-4472-6F70-546172676574}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{0041494D-5033-4472-6F70-546172676574}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{0041494D-5033-4472-6F70-546172676574}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{0041494D-5033-4472-6F70-546172676574}\LocalServer32
3) Running AIMP3 on an Admin account with less privileges using the runas command: Stealth
For example, launching the program with a bat file with this content:
Code: Select all
runas /trustlevel:0x20000 AIMP3.exe
or
Code: Select all
runas /trustlevel:"Basic User" AIMP3.exe
All the functions of the program work well this way.
To find out the levels available in your system (assuming that you're using an administrator account), just open a prompt and type:
So I think that, at least, it deserves a mention about the fact of its
"stealthness" when is the case.
(Thanks to SYSTEM and dany for opening my eyes)