Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'shutdown' = '<SYSTEM32>\shutdown.cmd'
- <SYSTEM32>\notepad.exe %WINDIR%\massage.txt
- <SYSTEM32>\shutdown.exe -s -f -t 35
- <SYSTEM32>\shutdown.bat
- %WINDIR%\massage.txt
- <Текущая директория>\massage.txt
- <Текущая директория>\shutdown.bat
- ClassName: 'JFWUI2' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ConsoleWindowClass' WindowName: ''