Code : iMDc+QjPU0cavn9WzNdhoM+x0LryOnYsihRqiI0iYE+Bk/fkBJOSVQ==

프로그램분석

Code : iMDc+QjPU0cavn9WzNdhoM+x0LryOnYsihRqiI0iYE+Bk/fkBJOSVQ==

프로세스 천국 2013. 6. 22. 11:16

[00-PROCESS]**Adobe CEF Helper -/- C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
[00-PROCESS]**Adobe Download Assistant -/- C:\Program Files\Adobe Download Assistant\Adobe Download Assistant.exe
[00-PROCESS]**aspnet_state -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
[00-PROCESS]**boabud -/- C:\Users\Administrator\boabud.exe
[00-PROCESS]**CEPServiceManager -/- C:\Program Files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
[00-PROCESS]**CoreSync -/- C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
[00-PROCESS]**Creative Cloud -/- C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
[00-PROCESS]**CrossFire -/- C:\Users\Administrator\AppData\Local\Temp\CrossFire.exe
[00-PROCESS]**FlashPlayerUpdateService -/- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00-PROCESS]**GFFUpdater -/- C:\Program Files\GoforFiles\GFFUpdater.exe
[00-PROCESS]**GoogleUpdate -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[00-PROCESS]**GuardMailRu -/- C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe
[00-PROCESS]**iexplore -/- C:\Program Files\Internet Explorer\iexplore.exe
[00-PROCESS]**infocard -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
[00-PROCESS]**MailRuUpdater -/- C:\Users\Administrator\AppData\Local\Mail.Ru\MailRuUpdater.exe
[00-PROCESS]**maintenanceservice -/- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
[00-PROCESS]**PCCleaners -/- C:\ProgramData\PC Cleaners\PCCleaners.exe
[00-PROCESS]**PresentationFontCache -/- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
[00-PROCESS]**RAVCpl64 -/- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
[00-PROCESS]**receita -/- C:\Users\Administrator\AppData\Roaming\receita.exe
[00-PROCESS]**RUCF 12.9 -/- C:\Users\Administrator\AppData\Local\Temp\Rar$EXa0.894\OneHitCF 30.05.13 - unknown cheats hacking\RUCF 12.9.exe
[00-PROCESS]**sidebar -/- C:\Program Files\Windows Sidebar\sidebar.exe
[00-PROCESS]**SMSvcHost -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
[00-PROCESS]**SputnikFlashPlayer -/- C:\Program Files\Mail.Ru\Sputnik\SputnikFlashPlayer.exe
[00-PROCESS]**TheTool -/- C:\Users\Administrator\AppData\Local\Temp\TheTool.exe
[00-PROCESS]**unsecapp -/- C:\Windows\system32\wbem\unsecapp.exe
[00-PROCESS]**UpdaterStartupUtility -/- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
[00-PROCESS]**WebCakeDesktop -/- C:\Users\Administrator\AppData\Roaming\WebCake\WebCakeDesktop.exe
[00-PROCESS]**WebCakeDesktop.Updater -/- C:\Program Files\WebCake\WebCakeDesktop.Updater.exe
[00-PROCESS]**winlogin -/- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winlogin.exe
[00-PROCESS]**Winlogon -/- C:\Users\Administrator\AppData\Roaming\Winlog\Winlogon.exe
[00-PROCESS]**WinRAR -/- C:\Program Files\WinRAR\WinRAR.exe
[00-PROCESS]**wmpnetwk -/- C:\Program Files\Windows Media Player\wmpnetwk.exe
[01-HKCUREG]**Adobe Creative Cloud -/- C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true
[01-HKCUREG]**AdobeAAMUpdater-1.0 -/- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
[01-HKCUREG]**boabud -/- C:\Users\Administrator\boabud.exe
[01-HKCUREG]**dw1 -/- regsvr32 /s C:\Users\Administrator\AppData\Roaming\Administrator-PC.jpg
[01-HKCUREG]**HKCU -/- C:\Users\Administrator\AppData\Roaming\Winlog\Winlogon.exe
[01-HKCUREG]**MailRuUpdater -/- C:\Users\Administrator\AppData\Local\Mail.Ru\MailRuUpdater.exe
[01-HKCUREG]**MicrosoftSoundDrivers -/- C:\Users\Administrator\AppData\Local\Temp\TheTool.exe
[01-HKCUREG]**MS Sound Drivers -/- C:\Users\Administrator\AppData\Local\Temp\CrossFire.exe
[01-HKCUREG]**PC Cleaners -/- C:\ProgramData\PC Cleaners\PCCleaners.exe /minimize
[01-HKCUREG]**RTHDVCPL -/- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
[01-HKCUREG]**Sidebar -/- C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
[01-HKCUREG]**Sysinternals2 -/- C:\Users\Administrator\AppData\Roaming\receita.exe
[01-HKCUREG]**WebCake Desktop -/- C:\Users\Administrator\AppData\Roaming\WebCake\WebCakeDesktop.exe
[02-HKLMREG]**Adobe Creative Cloud -/- C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true
[02-HKLMREG]**AdobeAAMUpdater-1.0 -/- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
[02-HKLMREG]**boabud -/- C:\Users\Administrator\boabud.exe
[02-HKLMREG]**dw1 -/- regsvr32 /s C:\Users\Administrator\AppData\Roaming\Administrator-PC.jpg
[02-HKLMREG]**HKCU -/- C:\Users\Administrator\AppData\Roaming\Winlog\Winlogon.exe
[02-HKLMREG]**MailRuUpdater -/- C:\Users\Administrator\AppData\Local\Mail.Ru\MailRuUpdater.exe
[02-HKLMREG]**MicrosoftSoundDrivers -/- C:\Users\Administrator\AppData\Local\Temp\TheTool.exe
[02-HKLMREG]**MS Sound Drivers -/- C:\Users\Administrator\AppData\Local\Temp\CrossFire.exe
[02-HKLMREG]**PC Cleaners -/- C:\ProgramData\PC Cleaners\PCCleaners.exe /minimize
[02-HKLMREG]**RTHDVCPL -/- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
[02-HKLMREG]**Sidebar -/- C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
[02-HKLMREG]**Sysinternals2 -/- C:\Users\Administrator\AppData\Roaming\receita.exe
[02-HKLMREG]**WebCake Desktop -/- C:\Users\Administrator\AppData\Roaming\WebCake\WebCakeDesktop.exe
[03-BHOCLSD]**MailRuBHO Class -/- C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll -/- {8984B388-A5BB-4DF7-B274-77B879E179DB}
[03-BHOCLSD]**WebCake -/- C:\Program Files\WebCake\WebCakeIEClient.dll -/- {2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
[04-TOOLBAR]**Спутник@Mail.Ru -/- C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll -/- {09900DE8-1DCA-443F-9243-26FF581438AF}
[05-SERVICE]**AdobeFlashPlayerUpdateSvc -/- Adobe Flash Player Update Service -/- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[05-SERVICE]**Guard.Mail.ru -/- Guard.Mail.ru -/- C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe
[05-SERVICE]**gupdate -/- Serviço do Google Update (gupdate) -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**gupdatem -/- Serviço do Google Update (gupdatem) -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**MozillaMaintenance -/- Mozilla Maintenance Service -/- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
[05-SERVICE]**NetMsmqActivator -/- Net.Msmq Listener Adapter -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe -NetMsmqActivator
[05-SERVICE]**NetPipeActivator -/- Net.Pipe Listener Adapter -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
[05-SERVICE]**NetTcpActivator -/- Net.Tcp Listener Adapter -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
[05-SERVICE]**NetTcpPortSharing -/- Net.Tcp Port Sharing Service -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
[05-SERVICE]**PerfHost -/- Host de DLL de Contador de Desempenho -/- C:\Windows\system32\perfhost.exe
[05-SERVICE]**WebCake Desktop Updater -/- WebCake Desktop Updater -/- C:\Program Files\WebCake\WebCakeDesktop.Updater.exe C:\Users\Administrator\AppData\Roaming\WebCake\WebCakeDesktop.exe