From https://blog.gdatasoftware.com/blog...ijacking-the-discreet-way-of-persistence.html: Hat tip: member Rasheed187.
The slides referenced in the last post also contain information on why UAC should be set to max level.
More malware using this: Major shift in strategy for ZeroAccess rootkit malware, as it shifts to user-mode.
Actually, even with UAC set to max level, it might be possible to use COM Object hijacking to "silently hitchhike" when a program is UAC-elevated.
