If "%Tweak%" equ "ForceLatestNetFramework" Reg add "HKLM\TK_SOFTWARE\Microsoft\.NETFramework" /v "OnlyUseLatestCLR" /t REG_DWORD /d "1" /f >nul If "%Tweak%" equ "DisableReservedStorage" Reg add "HKLM\TK_SOFTWARE\Microsoft\Windows\CurrentVersion\ReserveManager" /v "ShippedWithReserves" /t REG_DWORD /d "0" /f >nul Reg add "HKLM\TK_SYSTEM\ControlSet001\Services\wuauserv" /v "Start" /t REG_DWORD /d "4" /f >nul 2>&1
"\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d "1" /f >nul 2>&1 Possibly tries to implement anti-virtualization techniques References security related windows servicesĪdversaries may check for the presence of a virtual machine environment (VME) or sandbox to avoid potential detection of tools and activities. Processes may automatically execute specific binaries as part of their functionality or to perform other actions.
0 kommentar(er)
