Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SMSS' = '%WINDIR%\Help\SMSS.exe -backgroung'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'SMSS' = '%WINDIR%\Help\SMSS.exe -background'
- '%WINDIR%\Help\SMSS.exe'
- '<SYSTEM32>\attrib.exe' %WINDIR%\Help\SMSS.exe +s +h +a +r
- '<SYSTEM32>\reg.exe' ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "SMSS" /t REG_SZ /F /D "%WINDIR%\Help\SMSS.exe -background"
- '<SYSTEM32>\reg.exe' ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "SMSS" /t REG_SZ /F /D "%WINDIR%\Help\SMSS.exe -backgroung"
- '<SYSTEM32>\xcopy.exe' /c /y SMSS.exe "%WINDIR%\Help"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\batfile.bat" "
- '<SYSTEM32>\xcopy.exe' /c /y SMSS.exe "<SYSTEM32>\DirectX"
- '<SYSTEM32>\attrib.exe' <SYSTEM32>\DirectX\SMSS.exe +s +h +a +r
- <SYSTEM32>\DirectX\SMSS.exe
- %WINDIR%\Help\SMSS.exe
- %TEMP%\1.tmp\batfile.bat
- %TEMP%\1.tmp\SMSS.exe
- %WINDIR%\Help\SMSS.exe
- <SYSTEM32>\DirectX\SMSS.exe
- ClassName: 'Indicator' WindowName: '(null)'