Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'svchost' = '%WINDIR%\services.exe'
- <SYSTEM32>\reg.exe add "hklm\software\microsoft\windows\currentversion\run" /v "svchost" /t reg_sz /d %WINDIR%\services.exe /f
- <SYSTEM32>\cmd.exe /c run.bat
- <Текущая директория>\run.bat
- %WINDIR%\services.exe
- ClassName: 'Shell_TrayWnd' WindowName: ''