Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'ConsentPromptBehaviorAdmin' = 'C:\ProgramData\splwow\bqsadmin.exe'
- 'C:\ProgramData\Logiteh\splwowc.exe'
- '<SYSTEM32>\attrib.exe' +h +S "C:\ProgramData\Splwow"
- '<SYSTEM32>\reg.exe' ADD HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run /f /v ConsentPromptBehaviorAdmin /t REG_SZ /d "C:\ProgramData\splwow\bqsadmin.exe"
- '<SYSTEM32>\cmd.exe' /c ATTRIB +h +S "C:\ProgramData\Splwow"
- '<SYSTEM32>\cmd.exe' /c REG ADD HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run /f /v ConsentPromptBehaviorAdmin /t REG_SZ /d "C:\ProgramData\splwow\bqsadmin.exe"
- C:\ProgramData\Logiteh\splwowc.exe
- C:\ProgramData\Splwow\bqsadmin.exe