Technical Information
- [<HKLM>\Software\Wow6432Node\Microsoft\Windows\Currentversion\Run] 'Norton 360' = ''
- <Drive name for removable media>:\update.exe
- ClassName: 'ConsoleWindowClass' WindowName: ''
- ClassName: '' WindowName: 'Windows Task Manager'
- ClassName: '' WindowName: 'Registry Editor'
- ClassName: '' WindowName: 'Command Prompt'
- ClassName: '' WindowName: '\boot.ini'
- ClassName: '' WindowName: '\Windows\system32\hal.dll'
- ClassName: '' WindowName: '\ntldr.sys'
- ClassName: '' WindowName: '\Windows\system32\restore\rstrui.exe'
- '%WINDIR%\syswow64\cmd.exe' /c REG DELETE HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot /f
- '%WINDIR%\syswow64\reg.exe' DELETE HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot /f