Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'okprivacy' = '%PROGRAM_FILES%\okprivacy\okprivacy.exe'
- <SYSTEM32>\cmd.exe /c C:\$$wefddwefwefsd3322098.bat
- %PROGRAM_FILES%\okprivacy\okpwcher.exe
- %PROGRAM_FILES%\okprivacy\okprivacy.exe
- C:\$$wefddwefwefsd3322098.bat
- %PROGRAM_FILES%\okprivacy\okppopd.dll
- %PROGRAM_FILES%\okprivacy\okphk.dll
- %PROGRAM_FILES%\okprivacy\okpupdater.exe
- %CommonProgramFiles%\okprivacy\okpuninst.exe
- 'www.ok###vacy.co.kr':80
- 'do##.##privacy.co.kr':80
- do##.##privacy.co.kr/okprivacy/okpwcher.exe
- do##.##privacy.co.kr/okprivacy/okppopd.dll
- www.ok###vacy.co.kr/app_linkage/app_install.php?ad##############################
- do##.##privacy.co.kr/okprivacy/okprivacy.exe
- do##.##privacy.co.kr/okprivacy/okphk.dll
- do##.##privacy.co.kr/okprivacy/update.php
- do##.##privacy.co.kr/okprivacy/okpuninst.exe
- do##.##privacy.co.kr/okprivacy/okpupdater.exe
- DNS ASK www.ok###vacy.co.kr
- DNS ASK do##.##privacy.co.kr
- ClassName: 'MS_WINHELP' WindowName: ''