Code : Pa6KMLJAl+WftUbbLnMLYthpHcBP53VJ

프로그램분석

Code : Pa6KMLJAl+WftUbbLnMLYthpHcBP53VJ

프로세스 천국 2013. 7. 12. 21:30

[00-PROCESS]**AdobeARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[00-PROCESS]**armsvc -/- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
[00-PROCESS]**FlashPlayerUpdateService -/- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00-PROCESS]**GoogleUpdate -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[00-PROCESS]**hkcmd -/- C:\Windows\system32\hkcmd.exe
[00-PROCESS]**iexplore -/- C:\Program Files\Internet Explorer\iexplore.exe
[00-PROCESS]**igfxpers -/- C:\Windows\system32\igfxpers.exe
[00-PROCESS]**igfxtray -/- C:\Windows\system32\igfxtray.exe
[00-PROCESS]**IMEDICTUPDATE -/- C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE
[00-PROCESS]**IMEKLMG -/- C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE
[00-PROCESS]**infocard -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
[00-PROCESS]**IntelCpHeciSvc -/- C:\Windows\system32\IntelCpHeciSvc.exe
[00-PROCESS]**IProsetMonitor -/- C:\Windows\system32\IProsetMonitor.exe
[00-PROCESS]**ispex -/- C:\Program Files\ISPSvc\ispex.exe
[00-PROCESS]**ispmgr -/- C:\Program Files\ISPSvc\ispmgr.exe
[00-PROCESS]**ispnk -/- C:\Program Files\ISPSvc\ispnk.exe
[00-PROCESS]**ispsrv -/- C:\Program Files\ISPSvc\ispsrv.exe
[00-PROCESS]**KakaoTalk -/- C:\Program Files\Kakao\KakaoTalk\KakaoTalk.exe
[00-PROCESS]**napctr -/- C:\Program Files\ISPSvc\napctr.exe
[00-PROCESS]**OSE -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[00-PROCESS]**OSPPSVC -/- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
[00-PROCESS]**PresentationFontCache -/- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
[00-PROCESS]**RAVCpl64 -/- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
[00-PROCESS]**Shailesh -/- C:\Users\Administrator\AppData\Roaming\Shailesh\Shailesh.exe
[00-PROCESS]**ShaileshSvr -/- C:\Users\Administrator\AppData\Roaming\Shailesh\ShaileshSvr.exe
[00-PROCESS]**V3LSvc -/- C:\Program Files\AhnLab\V3Lite\V3LSvc.exe
[00-PROCESS]**V3LTray -/- C:\Program Files\AhnLab\V3Lite\V3LTray.exe
[00-PROCESS]**WatAdminSvc -/- C:\Windows\system32\Wat\WatAdminSvc.exe
[00-PROCESS]**winpop -/- C:\Users\Administrator\AppData\Roaming\Shailesh\winpop.exe
[00-PROCESS]**wmpnetwk -/- C:\Program Files\Windows Media Player\wmpnetwk.exe
[01-HKCUREG]**Adobe ARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[01-HKCUREG]**AhnLab V3Lite Tray Process -/- C:\Program Files\AhnLab\V3Lite\V3LTray.exe /logon
[01-HKCUREG]**HotKeysCmds -/- C:\Windows\system32\hkcmd.exe
[01-HKCUREG]**IgfxTray -/- C:\Windows\system32\igfxtray.exe
[01-HKCUREG]**IME14 KOR Setup -/- C:\PROGRA~1\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /KOR /Log
[01-HKCUREG]**ISPSvcStart -/- C:\Program Files\ISPSvc\ispmgr.exe
[01-HKCUREG]**KakaoTalk -/- C:\Program Files\Kakao\KakaoTalk\KakaoTalk.exe
[01-HKCUREG]**Persistence -/- C:\Windows\system32\igfxpers.exe
[01-HKCUREG]**RTHDVCPL -/- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
[02-HKLMREG]**Adobe ARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[02-HKLMREG]**AhnLab V3Lite Tray Process -/- C:\Program Files\AhnLab\V3Lite\V3LTray.exe /logon
[02-HKLMREG]**HotKeysCmds -/- C:\Windows\system32\hkcmd.exe
[02-HKLMREG]**IgfxTray -/- C:\Windows\system32\igfxtray.exe
[02-HKLMREG]**IME14 KOR Setup -/- C:\PROGRA~1\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /KOR /Log
[02-HKLMREG]**ISPSvcStart -/- C:\Program Files\ISPSvc\ispmgr.exe
[02-HKLMREG]**KakaoTalk -/- C:\Program Files\Kakao\KakaoTalk\KakaoTalk.exe
[02-HKLMREG]**Persistence -/- C:\Windows\system32\igfxpers.exe
[02-HKLMREG]**RTHDVCPL -/- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
[03-BHOCLSD]**N.A -/- N.A -/- {32D75746-5A7C-486C-938A-67260B2E3982}
[03-BHOCLSD]**Office Document Cache Handler -/- C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL -/- {B4F3A835-0E21-4959-BA22-42B3008E02FF}
[03-BHOCLSD]**Office Document Cache Handler -/- C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL -/- {B4F3A835-0E21-4959-BA22-42B3008E02FF}
[03-BHOCLSD]**멀티다운헬퍼 -/- C:\Users\Administrator\AppData\Roaming\MultiDownload\MultiDownHelper.dll -/- {5687C4A8-C0CA-41f7-A54A-8AF7844A2062}
[04-TOOLBAR]**잠김영역복사 -/- C:\Program Files\Racl\RaclTB.dll -/- {BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}
[05-SERVICE]**AdobeARMservice -/- Adobe Acrobat Update Service -/- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
[05-SERVICE]**AdobeFlashPlayerUpdateSvc -/- Adobe Flash Player Update Service -/- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[05-SERVICE]**cphs -/- Intel(R) Content Protection HECI Service -/- C:\Windows\system32\IntelCpHeciSvc.exe
[05-SERVICE]**FontCache -/- Windows Font Cache Service -/- C:\Windows\system32\svchost.exe -/- C:\Windows\system32\FntCache.dll
[05-SERVICE]**GCRunS -/- GCodec Service -/- C:\Users\Administrator\AppData\Roaming\GCodec\Gcodecsvc.exe
[05-SERVICE]**gpsvc -/- Group Policy Client -/- C:\Windows\system32\svchost.exe -/- C:\Windows\System32\gpsvc.dll
[05-SERVICE]**gupdate -/- Google 업데이트 서비스 (gupdate) -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**gupdatem -/- Google 업데이트 서비스 (gupdatem) -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**ImeDictUpdateService -/- Microsoft IME Dictionary Update -/- C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE
[05-SERVICE]**Intel(R) PROSet Monitoring Service -/- Intel(R) PROSet Monitoring Service -/- C:\Windows\system32\IProsetMonitor.exe
[05-SERVICE]**Internet Security ISPsvrAuthService -/- Internet Security ISPSvr Authorization Service -/- C:\Program Files\ISPSvc\ispsrv.exe
[05-SERVICE]**NetTcpPortSharing -/- Net.Tcp Port Sharing Service -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
[05-SERVICE]**ose64 -/- Office 64 Source Engine -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[05-SERVICE]**osppsvc -/- Office Software Protection Platform -/- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
[05-SERVICE]**PerfHost -/- Performance Counter DLL Host -/- C:\Windows\system32\perfhost.exe
[05-SERVICE]**RunS -/- MultidownLoad Service -/- C:\Users\Administrator\AppData\Roaming\MULTID~1\MultiDownLoadSvc.exe
[05-SERVICE]**ShaileshSvr -/- SubShop -/- C:\Users\Administrator\AppData\Roaming\Shailesh\ShaileshSvr.exe
[05-SERVICE]**V3 Lite Service -/- V3 Lite Service -/- C:\Program Files\AhnLab\V3Lite\V3LSvc.exe