Technical Information
- <SYSTEM32>\8e1a57f6.exe
- <SYSTEM32>\3d7370Cf.exe
- <SYSTEM32>\f3e8edff.exe
- <SYSTEM32>\7c71ffde.exe
- <SYSTEM32>\87d6831d.exe
- <SYSTEM32>\a6e0dee6.exe
- <SYSTEM32>\eeec337d.exe
- <SYSTEM32>\7c60cc1e.exe
- <SYSTEM32>\68cff5fe.exe
- <SYSTEM32>\33ef87f5.exe
- <SYSTEM32>\dC0C77cd.exe
- <SYSTEM32>\dff3dCea.exe
- <SYSTEM32>\e88e83ec.exe
- <SYSTEM32>\33c0da7e.exe
- <SYSTEM32>\76d76edd.exe
- <SYSTEM32>\308dd3ff.exe
- <SYSTEM32>\77e37dcc.exe
- <SYSTEM32>\6af617c3.exe
- <SYSTEM32>\c6eeaC1e.exe
- <SYSTEM32>\f06C76cf.exe
- <SYSTEM32>\dc681383.exe
- <SYSTEM32>\8fe780fa.exe
- <SYSTEM32>\d7df6e8c.exe
- <SYSTEM32>\e7cde8ee.exe
- <SYSTEM32>\7f0dc68a.exe
- <SYSTEM32>\Cec76a7f.exe
- <SYSTEM32>\eede7ff8.exe
- <SYSTEM32>\8C1dfe6c.exe
- <SYSTEM32>\7eff870d.exe
- <SYSTEM32>\863f61e3.exe
- <SYSTEM32>\3ffd3735.exe
- <SYSTEM32>\7c867fdf.exe
- <SYSTEM32>\6a76df5f.exe
- <SYSTEM32>\C0f7fe67.exe
- <SYSTEM32>\8a7f6c17.exe
- <SYSTEM32>\d8cdddfa.exe
- <SYSTEM32>\df766fc8.exe
- <Current directory>\x1nject [safe].exe
- <Current directory>\server.exe
- <Current directory>\perx!.exe
- <Current directory>\x1nject [server].exe
- <SYSTEM32>\feeafdcd.exe
- <SYSTEM32>\cc7c30ff.exe
- <SYSTEM32>\83fa68d6.exe
- <SYSTEM32>\1e37ac1e.exe
- <SYSTEM32>\7d6fd305.exe
- <SYSTEM32>\337767dc.exe
- <SYSTEM32>\778dfe3c.exe
- <SYSTEM32>\56d7a777.exe
- <SYSTEM32>\ddfCe773.exe
- <SYSTEM32>\3635dd7f.exe
- <SYSTEM32>\1ea66ccc.exe
- <SYSTEM32>\e3acccc8.exe
- <SYSTEM32>\fc75c3f7.exe
- <SYSTEM32>\ded7e6e5.exe
- <SYSTEM32>\f0c7adea.exe
- <SYSTEM32>\dc65C818.exe
- <SYSTEM32>\66cdfd7e.exe
- <SYSTEM32>\dc5dff73.exe
- ClassName: '' WindowName: 'Process Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: ''
- ClassName: '' WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'RegmonClass' WindowName: ''
- ClassName: '' WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'GBDYLLO' WindowName: ''
- ClassName: 'OLLYDBG' WindowName: ''
- ClassName: 'FilemonClass' WindowName: ''
- ClassName: 'pediy06' WindowName: ''
- <SYSTEM32>\8e1a57f6.exe
- <SYSTEM32>\3d7370Cf.exe
- <SYSTEM32>\f3e8edff.exe
- <SYSTEM32>\7c71ffde.exe
- <SYSTEM32>\87d6831d.exe
- <SYSTEM32>\a6e0dee6.exe
- <SYSTEM32>\eeec337d.exe
- <SYSTEM32>\dff3dCea.exe
- <SYSTEM32>\68cff5fe.exe
- <SYSTEM32>\33ef87f5.exe
- <SYSTEM32>\863f61e3.exe
- <SYSTEM32>\7c60cc1e.exe
- <SYSTEM32>\e88e83ec.exe
- <SYSTEM32>\33c0da7e.exe
- <SYSTEM32>\dC0C77cd.exe
- <SYSTEM32>\76d76edd.exe
- <SYSTEM32>\c6eeaC1e.exe
- <SYSTEM32>\308dd3ff.exe
- <SYSTEM32>\77e37dcc.exe
- <SYSTEM32>\8fe780fa.exe
- <SYSTEM32>\c7660eC3.exe
- <SYSTEM32>\f06C76cf.exe
- <SYSTEM32>\dc681383.exe
- <SYSTEM32>\6af617c3.exe
- <SYSTEM32>\d7df6e8c.exe
- <SYSTEM32>\e7cde8ee.exe
- <SYSTEM32>\7f0dc68a.exe
- <SYSTEM32>\Cec76a7f.exe
- <SYSTEM32>\eede7ff8.exe
- <SYSTEM32>\8C1dfe6c.exe
- <SYSTEM32>\7eff870d.exe
- <SYSTEM32>\ddfCe773.exe
- <SYSTEM32>\6a76df5f.exe
- <SYSTEM32>\feeafdcd.exe
- <SYSTEM32>\cc7c30ff.exe
- <SYSTEM32>\7c867fdf.exe
- <SYSTEM32>\df766fc8.exe
- <SYSTEM32>\C0f7fe67.exe
- <SYSTEM32>\3ffd3735.exe
- <SYSTEM32>\83fa68d6.exe
- <Current directory>\server.exe
- <Current directory>\perx!.exe
- %TEMP%\nsi2.tmp\System.dll
- %TEMP%\nss4.tmp\System.dll
- <Current directory>\x1nject [server].exe
- <Current directory>\x1nject [safe].exe
- <SYSTEM32>\d8cdddfa.exe
- <SYSTEM32>\337767dc.exe
- <SYSTEM32>\778dfe3c.exe
- <SYSTEM32>\dc65C818.exe
- <SYSTEM32>\7d6fd305.exe
- <SYSTEM32>\3635dd7f.exe
- <SYSTEM32>\1ea66ccc.exe
- <SYSTEM32>\56d7a777.exe
- <SYSTEM32>\66cdfd7e.exe
- <SYSTEM32>\ded7e6e5.exe
- <SYSTEM32>\1e37ac1e.exe
- <SYSTEM32>\8a7f6c17.exe
- <SYSTEM32>\fc75c3f7.exe
- <SYSTEM32>\dc5dff73.exe
- <SYSTEM32>\f0c7adea.exe
- <SYSTEM32>\e3acccc8.exe
- <SYSTEM32>\7c71ffde.exe
- <SYSTEM32>\8e1a57f6.exe
- <SYSTEM32>\3d7370Cf.exe
- <SYSTEM32>\eeec337d.exe
- <SYSTEM32>\76d76edd.exe
- <SYSTEM32>\87d6831d.exe
- <SYSTEM32>\a6e0dee6.exe
- <SYSTEM32>\f3e8edff.exe
- <SYSTEM32>\7c60cc1e.exe
- <SYSTEM32>\68cff5fe.exe
- <SYSTEM32>\33ef87f5.exe
- <SYSTEM32>\dC0C77cd.exe
- <SYSTEM32>\dff3dCea.exe
- <SYSTEM32>\e88e83ec.exe
- <SYSTEM32>\33c0da7e.exe
- <SYSTEM32>\c6eeaC1e.exe
- <SYSTEM32>\308dd3ff.exe
- <SYSTEM32>\77e37dcc.exe
- <SYSTEM32>\8fe780fa.exe
- <SYSTEM32>\c7660eC3.exe
- <SYSTEM32>\f06C76cf.exe
- <SYSTEM32>\dc681383.exe
- <SYSTEM32>\6af617c3.exe
- <SYSTEM32>\d7df6e8c.exe
- <SYSTEM32>\e7cde8ee.exe
- <SYSTEM32>\7f0dc68a.exe
- <SYSTEM32>\Cec76a7f.exe
- <SYSTEM32>\eede7ff8.exe
- <SYSTEM32>\8C1dfe6c.exe
- <SYSTEM32>\7eff870d.exe
- <SYSTEM32>\C0f7fe67.exe
- <SYSTEM32>\3ffd3735.exe
- <SYSTEM32>\7c867fdf.exe
- <SYSTEM32>\df766fc8.exe
- <SYSTEM32>\1e37ac1e.exe
- <SYSTEM32>\8a7f6c17.exe
- <SYSTEM32>\d8cdddfa.exe
- <SYSTEM32>\6a76df5f.exe
- <Current directory>\x1nject [safe].exe
- <Current directory>\server.exe
- <Current directory>\perx!.exe
- <Current directory>\x1nject [server].exe
- <SYSTEM32>\feeafdcd.exe
- <SYSTEM32>\cc7c30ff.exe
- <SYSTEM32>\83fa68d6.exe
- <SYSTEM32>\56d7a777.exe
- <SYSTEM32>\7d6fd305.exe
- <SYSTEM32>\337767dc.exe
- <SYSTEM32>\1ea66ccc.exe
- <SYSTEM32>\863f61e3.exe
- <SYSTEM32>\ddfCe773.exe
- <SYSTEM32>\3635dd7f.exe
- <SYSTEM32>\778dfe3c.exe
- <SYSTEM32>\e3acccc8.exe
- <SYSTEM32>\fc75c3f7.exe
- <SYSTEM32>\ded7e6e5.exe
- <SYSTEM32>\f0c7adea.exe
- <SYSTEM32>\dc65C818.exe
- <SYSTEM32>\66cdfd7e.exe
- <SYSTEM32>\dc5dff73.exe
- %TEMP%\~DFE44A.tmp
- %TEMP%\~DF1033.tmp
- %TEMP%\~DF56F2.tmp
- %TEMP%\~DF9C08.tmp
- %TEMP%\~DF3302.tmp
- %TEMP%\~DFCF9.tmp
- %TEMP%\~DF76ED.tmp
- %TEMP%\~DF5B33.tmp
- %TEMP%\~DFA285.tmp
- %TEMP%\~DFC545.tmp
- %TEMP%\~DF2C28.tmp
- %TEMP%\~DF7AFA.tmp
- %TEMP%\~DFC1C9.tmp
- %TEMP%\~DFE7D0.tmp
- %TEMP%\~DFE556.tmp
- %TEMP%\~DFAE9.tmp
- %TEMP%\~DF4FE7.tmp
- %TEMP%\~DF9EF9.tmp
- %TEMP%\~DF897.tmp
- %TEMP%\~DF352B.tmp
- %TEMP%\~DF7B14.tmp
- %TEMP%\~DF5298.tmp
- %TEMP%\~DF9ACF.tmp
- %TEMP%\~DFC6F6.tmp
- %TEMP%\~DF2FD1.tmp
- %TEMP%\~DF7DA9.tmp
- %TEMP%\~DFC179.tmp
- %TEMP%\~DFE71D.tmp
- %TEMP%\~DFF486.tmp
- %TEMP%\~DF1B41.tmp
- %TEMP%\~DF61BC.tmp
- %TEMP%\~DFAC13.tmp
- %TEMP%\~DF16DE.tmp
- %TEMP%\~DF41DF.tmp
- %TEMP%\~DF89A8.tmp
- %TEMP%\~DF659A.tmp
- %TEMP%\~DFD7DB.tmp
- %TEMP%\~DF4630.tmp
- %TEMP%\~DF3FE2.tmp
- %TEMP%\~DF8BD5.tmp
- %TEMP%\~DFD529.tmp
- %TEMP%\~DFF733.tmp
- %TEMP%\~DFF3B6.tmp
- %TEMP%\~DFF71.tmp
- %TEMP%\~DF5E63.tmp
- %TEMP%\~DFA569.tmp
- %TEMP%\~DFC97.tmp
- %TEMP%\~DF2EA6.tmp
- %TEMP%\~DF7E0A.tmp
- %TEMP%\~DF6123.tmp
- %TEMP%\~DFA8BD.tmp
- %TEMP%\~DFCB8A.tmp
- %TEMP%\~DF3F03.tmp
- %TEMP%\~DF802F.tmp
- %TEMP%\~DFC845.tmp
- %TEMP%\~DFF6D9.tmp
- %TEMP%\~DFD26C.tmp
- %TEMP%\~DFF3DA.tmp
- %TEMP%\~DF3F8B.tmp
- %TEMP%\~DF89F5.tmp
- %TEMP%\~DFF0C2.tmp
- %TEMP%\~DF1F3B.tmp
- %TEMP%\~DF6699.tmp
- %TEMP%\~DF43BA.tmp
- %TEMP%\~DF8B33.tmp
- %TEMP%\~DFB7B4.tmp
- %TEMP%\~DF1E14.tmp
- %TEMP%\~DF6976.tmp
- %TEMP%\~DFB446.tmp
- %TEMP%\~DFD5B3.tmp
- %TEMP%\~DFD305.tmp
- %TEMP%\~DF940.tmp
- %TEMP%\~DF3D47.tmp
- %TEMP%\~DF8006.tmp
- %TEMP%\nsi2.tmp\System.dll
- %TEMP%\nss4.tmp\System.dll
- %TEMP%\~DF60F4.tmp
- %TEMP%\~DF1A73.tmp
- %TEMP%\~DF847C.tmp
- %TEMP%\~DFABB7.tmp
- %TEMP%\~DF40D2.tmp
- %TEMP%\~DF64E9.tmp
- %TEMP%\~DFA794.tmp
- %TEMP%\~DFD8CC.tmp
- %TEMP%\~DFE7C0.tmp
- %TEMP%\~DF98B.tmp
- %TEMP%\~DF51F8.tmp
- %TEMP%\~DF9BA4.tmp
- %TEMP%\~DF65A.tmp
- %TEMP%\~DF291E.tmp
- %TEMP%\~DF72E6.tmp
- %TEMP%\~DF5428.tmp
- %TEMP%\~DF9D26.tmp
- %TEMP%\~DFBF35.tmp
- %TEMP%\~DF305E.tmp
- %TEMP%\~DF77BC.tmp
- %TEMP%\~DFBC8A.tmp
- %TEMP%\~DFEA7B.tmp
- %TEMP%\~DFD6B3.tmp
- %TEMP%\~DF15C.tmp
- %TEMP%\~DF4C0C.tmp
- %TEMP%\~DF8DCC.tmp
- %TEMP%\~DFFF19.tmp
- %TEMP%\~DF2184.tmp
- %TEMP%\~DF6AE9.tmp
- %TEMP%\~DF4F21.tmp
- %TEMP%\~DF988B.tmp
- %TEMP%\~DFBA93.tmp
- %TEMP%\~DF2682.tmp
- %TEMP%\~DF6E26.tmp
- %TEMP%\~DFB83D.tmp
- %TEMP%\~DFDA95.tmp
- 'localhost':1112
- 'localhost':1110
- 'localhost':1108
- 'localhost':1114
- 'localhost':1120
- 'localhost':1118
- 'localhost':1116
- 'localhost':1098
- 'localhost':1096
- 'localhost':1094
- 'localhost':1100
- 'localhost':1106
- 'localhost':1104
- 'localhost':1102
- 'localhost':1140
- 'localhost':1138
- 'localhost':1136
- 'localhost':1142
- 'localhost':1148
- 'localhost':1146
- 'localhost':1144
- 'localhost':1126
- 'localhost':1124
- 'localhost':1122
- 'localhost':1128
- 'localhost':1134
- 'localhost':1132
- 'localhost':1130
- 'localhost':1092
- 'localhost':1054
- 'localhost':1052
- 'localhost':1050
- 'localhost':1056
- 'localhost':1062
- 'localhost':1060
- 'localhost':1058
- 'localhost':1040
- 'localhost':1038
- 'bl##.naver.com':80
- 'localhost':1042
- 'localhost':1048
- 'localhost':1046
- 'localhost':1044
- 'localhost':1082
- 'localhost':1080
- 'localhost':1078
- 'localhost':1084
- 'localhost':1090
- 'localhost':1088
- 'localhost':1086
- 'localhost':1068
- 'localhost':1066
- 'localhost':1064
- 'localhost':1070
- 'localhost':1076
- 'localhost':1074
- 'localhost':1072
- bl##.naver.com/PostView.nhn?bl################################################################################################################################################################################################
- DNS ASK bl##.naver.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '18467-41' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''