Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'NaverActiveX' = '<Полный путь к вирусу>'
- '<SYSTEM32>\shutdown.exe' /pid=2548
- '<SYSTEM32>\shutdown.exe' /pid=1380
- '<SYSTEM32>\shutdown.exe' /pid=2436
- '<SYSTEM32>\shutdown.exe' /pid=1480
- '<SYSTEM32>\shutdown.exe' /pid=2476
- '<SYSTEM32>\shutdown.exe' /pid=5076
- '<SYSTEM32>\shutdown.exe' /pid=5104
- '<SYSTEM32>\shutdown.exe' /pid=5024
- '<SYSTEM32>\shutdown.exe' /pid=1384
- '<SYSTEM32>\shutdown.exe' /pid=4940
- '<SYSTEM32>\shutdown.exe' /pid=3992
- '<SYSTEM32>\shutdown.exe' /pid=4004
- '<SYSTEM32>\shutdown.exe' /pid=3980
- '<SYSTEM32>\shutdown.exe' -s -t 0
- '<SYSTEM32>\shutdown.exe' /pid=3964
- '<SYSTEM32>\shutdown.exe' /pid=2388
- '<SYSTEM32>\shutdown.exe' /pid=2420
- '<SYSTEM32>\shutdown.exe' /pid=2160
- '<SYSTEM32>\shutdown.exe' /pid=4076
- '<SYSTEM32>\shutdown.exe' /pid=268
- <SYSTEM32>\shutdown.exe