Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'Windows Service Manager' = '<Full path to file>'
- %CommonProgramFiles(x86)%\java\bin\phid.dll
- %CommonProgramFiles(x86)%\java\bin\jusched.exe
- %ProgramFiles(x86)%\realtek audio device\bin\realtek_audiodevice.exe
- '<SYSTEM32>\cmd.exe' reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f' (with hidden window)
- '<SYSTEM32>\cmd.exe' powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath "%WINDIR%" &&exit && exit' (with hidden window)
- '<SYSTEM32>\cmd.exe' reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
- '<SYSTEM32>\cmd.exe' powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath "%WINDIR%" &&exit && exit