Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'iprivacy' = '%PROGRAM_FILES%\iprivacy\iprivacy.exe'
- <SYSTEM32>\cmd.exe /c C:\$$wefddweffgfhfddsdf3322098.bat
- %PROGRAM_FILES%\iprivacy\ipvwcher.exe
- %PROGRAM_FILES%\iprivacy\iprivacy.exe
- C:\$$wefddweffgfhfddsdf3322098.bat
- %PROGRAM_FILES%\iprivacy\ipvpopdll.dll
- %PROGRAM_FILES%\iprivacy\ipvhook.dll
- %PROGRAM_FILES%\iprivacy\ipvupdater.exe
- %CommonProgramFiles%\iprivacy\ipvuninst.exe
- 'www.ip###acy.co.kr':80
- 'do##.#privacy.co.kr':80
- do##.#privacy.co.kr/iprivacy/ipvwcher.exe
- do##.#privacy.co.kr/iprivacy/ipvpopdll.dll
- www.ip###acy.co.kr/app_linkage/app_install.php?ad##############################
- do##.#privacy.co.kr/iprivacy/iprivacy.exe
- do##.#privacy.co.kr/iprivacy/ipvhook.dll
- do##.#privacy.co.kr/iprivacy/update.php
- do##.#privacy.co.kr/iprivacy/ipvuninst.exe
- do##.#privacy.co.kr/iprivacy/ipvupdater.exe
- DNS ASK www.ip###acy.co.kr
- DNS ASK do##.#privacy.co.kr
- '<IP-адрес в локальной сети>':1038
- ClassName: 'MS_WINHELP' WindowName: ''