Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Wintnt' = 'C:\Intel\wintnt\wintnt.exe'
- Средство контроля пользовательских учетных записей (UAC)
- '<SYSTEM32>\reg.exe' ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "HideSCAHealth" /t REG_DWORD /d "1" /f
- '<SYSTEM32>\reg.exe' ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableLUA" /t REG_DWORD /d "0" /f
- '%WINDIR%\explorer.exe'
- '<SYSTEM32>\reg.exe' ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableLUA" /t REG_DWORD /d "0" /f
- '<SYSTEM32>\reg.exe' ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "HideSCAHealth" /t REG_DWORD /d "1" /f
- '<SYSTEM32>\reg.exe' ADD "HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags" /v "C:\Intel\wintnt\winttnt.exe" /t REG_SZ /d "~ RUNASADMIN" /f
- '<SYSTEM32>\reg.exe' ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Wintnt" /t REG_SZ /d "C:\Intel\wintnt\wintnt.exe" /f
- '<SYSTEM32>\reg.exe' ADD "HKLM\System" /v "Keyboard" /t REG_SZ /d "C:\Intel\wintnt\Default.txt" /f
- '<SYSTEM32>\reg.exe' ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableLinkedConnections" /t REG_DWORD /d "1" /f
- ClassName: 'Shell_TrayWnd' WindowName: ''