Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,<SYSTEM32>\rdpclipboard.exe,'
- <SYSTEM32>\taskkill.exe /T /F /IM rdpclipboard.exe
- <SYSTEM32>\rdpclipboard.exe
- 'www.db###ggo.co.kr':80
- 'sk.###anggo.co.kr':80
- sk.###anggo.co.kr/Notice/List.aspx
- www.db###ggo.co.kr/Popup/PopProduct.aspx?id##########
- sk.###anggo.co.kr/Popup/PopProduct.aspx?id##########
- www.db###ggo.co.kr/RegistSearch/Password.aspx
- sk.###anggo.co.kr/RegistSearch/Password.aspx
- www.db###ggo.co.kr/Notice/List.aspx
- sk.###anggo.co.kr/Root/Index.aspx
- www.db###ggo.co.kr/
- sk.###anggo.co.kr/
- www.db###ggo.co.kr/Popup/Popup.aspx?ur#######################################
- sk.###anggo.co.kr/Popup/Popup.aspx?ur#######################################
- www.db###ggo.co.kr/Root/Index.aspx
- DNS ASK lg.###anggo.co.kr
- DNS ASK www.db###ggo.co.kr
- DNS ASK sk.###anggo.co.kr
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''