Code : Tj0jxYfWghMwHKFTWmwrfZPqaPTIai5UIj/oOz+xjqc=

프로그램분석

Code : Tj0jxYfWghMwHKFTWmwrfZPqaPTIai5UIj/oOz+xjqc=

프로세스 천국 2013. 9. 15. 14:02

[00-PROCESS]**alg -/- C:\WINDOWS\System32\alg.exe
[00-PROCESS]**aspnet_state -/- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
[00-PROCESS]**AvastAD -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\AvastAD\AvastAD.exe
[00-PROCESS]**AvastEmUpdate -/- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
[00-PROCESS]**AvastSvc -/- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
[00-PROCESS]**avastUI -/- C:\Program Files\AVAST Software\Avast\avastUI.exe
[00-PROCESS]**chrome -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
[00-PROCESS]**cisvc -/- C:\WINDOWS\system32\cisvc.exe
[00-PROCESS]**clipsrv -/- C:\WINDOWS\system32\clipsrv.exe
[00-PROCESS]**conime -/- C:\WINDOWS\system32\conime.exe
[00-PROCESS]**daemonu -/- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
[00-PROCESS]**dllhost -/- C:\WINDOWS\system32\dllhost.exe
[00-PROCESS]**Explorer -/- C:\WINDOWS\Explorer.EXE
[00-PROCESS]**FlashPlayerUpdateService -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00-PROCESS]**GoogleUpdate -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
[00-PROCESS]**GrooveAuditService -/- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
[00-PROCESS]**imapi -/- C:\WINDOWS\system32\imapi.exe
[00-PROCESS]**IMJPMIG -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
[00-PROCESS]**IMKRMIG -/- C:\Program Files\Common Files\Microsoft Shared\IME12\IMEKR\IMKRMIG.EXE
[00-PROCESS]**infocard -/- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
[00-PROCESS]**jqs -/- C:\Program Files\Java\jre7\bin\jqs.exe
[00-PROCESS]**jusched -/- C:\Program Files\Common Files\Java\Java Update\jusched.exe
[00-PROCESS]**KiesPDLR -/- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
[00-PROCESS]**KiesTrayAgent -/- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
[00-PROCESS]**LEXBCES -/- C:\WINDOWS\system32\LEXBCES.EXE
[00-PROCESS]**LEXPPS -/- C:\WINDOWS\system32\LEXPPS.EXE
[00-PROCESS]**locator -/- C:\WINDOWS\system32\locator.exe
[00-PROCESS]**lsass -/- C:\WINDOWS\system32\lsass.exe
[00-PROCESS]**mnmsrvc -/- C:\WINDOWS\system32\mnmsrvc.exe
[00-PROCESS]**mscorsvw -/- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[00-PROCESS]**mscorsvw -/- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
[00-PROCESS]**msdtc -/- C:\WINDOWS\system32\msdtc.exe
[00-PROCESS]**msiexec -/- C:\WINDOWS\system32\msiexec.exe
[00-PROCESS]**NeroCheck -/- C:\WINDOWS\system32\NeroCheck.exe
[00-PROCESS]**netdde -/- C:\WINDOWS\system32\netdde.exe
[00-PROCESS]**npkcmsvc -/- C:\WINDOWS\system32\npkcmsvc.exe
[00-PROCESS]**npkcsvc -/- C:\WINDOWS\system32\npkcsvc.exe
[00-PROCESS]**npkfxsvc -/- C:\WINDOWS\system32\npkfxsvc.exe
[00-PROCESS]**nvsvc32 -/- C:\WINDOWS\system32\nvsvc32.exe
[00-PROCESS]**ODSERV -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[00-PROCESS]**OSE -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[00-PROCESS]**PresentationFontCache -/- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
[00-PROCESS]**rads_user_kernel -/- C:\Riot Games\League of Legends KR\RADS\system\rads_user_kernel.exe
[00-PROCESS]**rsvp -/- C:\WINDOWS\system32\rsvp.exe
[00-PROCESS]**RTHDCPL -/- C:\WINDOWS\RTHDCPL.EXE
[00-PROCESS]**RUNDLL32 -/- C:\WINDOWS\system32\RUNDLL32.EXE
[00-PROCESS]**SCardSvr -/- C:\WINDOWS\System32\SCardSvr.exe
[00-PROCESS]**services -/- C:\WINDOWS\system32\services.exe
[00-PROCESS]**sessmgr -/- C:\WINDOWS\system32\sessmgr.exe
[00-PROCESS]**smlogsvc -/- C:\WINDOWS\system32\smlogsvc.exe
[00-PROCESS]**smpsvc -/- C:\Program Files\smartmanager\smpsvc.exe
[00-PROCESS]**smpsvt -/- C:\Program Files\smartmanager\smpsvt.exe
[00-PROCESS]**smss -/- C:\WINDOWS\System32\smss.exe
[00-PROCESS]**spoolsv -/- C:\WINDOWS\system32\spoolsv.exe
[00-PROCESS]**svchost -/- C:\WINDOWS\system32\svchost.exe
[00-PROCESS]**taskmgr -/- C:\WINDOWS\system32\taskmgr.exe
[00-PROCESS]**TBPanel -/- C:\Program Files\Vtune\TBPanel.exe
[00-PROCESS]**TINTSETP -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
[00-PROCESS]**tlntsvr -/- C:\WINDOWS\system32\tlntsvr.exe
[00-PROCESS]**ups -/- C:\WINDOWS\System32\ups.exe
[00-PROCESS]**vssvc -/- C:\WINDOWS\System32\vssvc.exe
[00-PROCESS]**wgasetup -/- C:\WINDOWS\system32\KB905474\wgasetup.exe
[00-PROCESS]**winlogon -/- C:\WINDOWS\system32\winlogon.exe
[00-PROCESS]**wismsvc -/- C:\Program Files\Windows WIS\wismsvc.exe
[00-PROCESS]**wmiapsrv -/- C:\WINDOWS\system32\wbem\wmiapsrv.exe
[00-PROCESS]**WPFFontCache_v0400 -/- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
[00-PROCESS]**wuauclt -/- C:\WINDOWS\system32\wuauclt.exe
[01-HKCUREG]**avast -/- C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui
[01-HKCUREG]**AvastAD -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\AvastAD\AvastAD.exe
[01-HKCUREG]**Gainward -/- C:\Program Files\Vtune\TBPanel.exe /A
[01-HKCUREG]**Google Update -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c
[01-HKCUREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[01-HKCUREG]**KernelFaultCheck -/- C:\WINDOWS\system32\dumprep 0 -k
[01-HKCUREG]**KiesAirMessage -/- C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
[01-HKCUREG]**Korean IME Migration -/- C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
[01-HKCUREG]**NeroFilterCheck -/- C:\WINDOWS\system32\NeroCheck.exe
[01-HKCUREG]**NvCplDaemon -/- RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dllNvStartup
[01-HKCUREG]**NvMediaCenter -/- RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dllNvTaskbarInit
[01-HKCUREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[01-HKCUREG]**PHIME2002ASync -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
[01-HKCUREG]**RTHDCPL -/- RTHDCPL.EXE
[01-HKCUREG]**signkey -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\signkey\signkey.exe
[01-HKCUREG]**SunJavaUpdateSched -/- C:\Program Files\Common Files\Java\Java Update\jusched.exe
[02-HKLMREG]**avast -/- C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui
[02-HKLMREG]**AvastAD -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\AvastAD\AvastAD.exe
[02-HKLMREG]**Gainward -/- C:\Program Files\Vtune\TBPanel.exe /A
[02-HKLMREG]**Google Update -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c
[02-HKLMREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[02-HKLMREG]**KernelFaultCheck -/- C:\WINDOWS\system32\dumprep 0 -k
[02-HKLMREG]**KiesAirMessage -/- C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
[02-HKLMREG]**Korean IME Migration -/- C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
[02-HKLMREG]**NeroFilterCheck -/- C:\WINDOWS\system32\NeroCheck.exe
[02-HKLMREG]**NvCplDaemon -/- RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dllNvStartup
[02-HKLMREG]**NvMediaCenter -/- RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dllNvTaskbarInit
[02-HKLMREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[02-HKLMREG]**PHIME2002ASync -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
[02-HKLMREG]**RTHDCPL -/- RTHDCPL.EXE
[02-HKLMREG]**signkey -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\signkey\signkey.exe
[02-HKLMREG]**SunJavaUpdateSched -/- C:\Program Files\Common Files\Java\Java Update\jusched.exe
[03-BHOCLSD]**avast! Online Security -/- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll -/- {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
[03-BHOCLSD]**Groove GFS Browser Helper -/- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll -/- {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
[03-BHOCLSD]**Java(tm) Plug-In 2 SSV Helper -/- C:\Program Files\Java\jre7\bin\jp2ssv.dll -/- {DBC80044-A445-435b-BC74-9C25C1C588A9}
[03-BHOCLSD]**Java(tm) Plug-In SSV Helper -/- C:\Program Files\Java\jre7\bin\ssv.dll -/- {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
[03-BHOCLSD]**N.A -/- N.A -/- {2F40ECDC-6F7B-4CF3-B1D0-ED8845084912}
[04-TOOLBAR]**avast! Online Security -/- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll -/- {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
[05-SERVICE]**adflying -/- adflying -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\adflying\adflying.dll
[05-SERVICE]**AdobeFlashPlayerUpdateSvc -/- Adobe Flash Player Update Service -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[05-SERVICE]**avast! Antivirus -/- avast! Antivirus -/- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
[05-SERVICE]**azoozazooz -/- azoozazooz -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\azoozazooz\azoozazooz.dll
[05-SERVICE]**chief2004 -/- chief2004 -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\chief2004\chief2004.dll
[05-SERVICE]**clr_optimization_v2.5.20118_86 -/- Microsoft .NET Framework NGEN v2.5.20118_X86 -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\System32\mscosw.dll
[05-SERVICE]**empezar -/- empezar -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\empezar\empezar.dll
[05-SERVICE]**Ez2pop -/- Windows Ez2pop -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows Ez2pop\Ez2pop.exe
[05-SERVICE]**jammusi -/- jammusi -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\jammusi\jammusi.dll
[05-SERVICE]**JavaQuickStarterService -/- Java Quick Starter -/- C:\Program Files\Java\jre7\bin\jqs.exe -service -config C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf
[05-SERVICE]**LexBceS -/- LexBce Server -/- C:\WINDOWS\system32\LEXBCES.EXE
[05-SERVICE]**mattdisaster -/- mattdisaster -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\mattdisaster\mattdisaster.dll
[05-SERVICE]**maverick786us -/- maverick786us -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\maverick786us\maverick786us.dll
[05-SERVICE]**Microsoft Office Groove Audit Service -/- Microsoft Office Groove Audit Service -/- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
[05-SERVICE]**napagent -/- Network Access Protection Agent -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\System32\qagentrt.dll
[05-SERVICE]**NetTcpPortSharing -/- Net.Tcp Port Sharing Service -/- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
[05-SERVICE]**newkreation -/- newkreation -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\newkreation\newkreation.dll
[05-SERVICE]**npggsvc -/- nProtect GameGuard Service -/- C:\WINDOWS\system32\GameMon.des -service
[05-SERVICE]**npkcmsvc -/- npkcmsvc -/- C:\WINDOWS\system32\npkcmsvc.exe
[05-SERVICE]**npkcsvc -/- npkcsvc -/- C:\WINDOWS\system32\npkcsvc.exe
[05-SERVICE]**npkfxsvc -/- npkfxsvc -/- C:\WINDOWS\system32\npkfxsvc.exe
[05-SERVICE]**NVSvc -/- NVIDIA Driver Helper Service -/- C:\WINDOWS\system32\nvsvc32.exe
[05-SERVICE]**nvUpdatusService -/- NVIDIA Update Service Daemon -/- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
[05-SERVICE]**odserv -/- Microsoft Office Diagnostics Service -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[05-SERVICE]**ose -/- Office Source Engine -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[05-SERVICE]**Owfudyc -/- Tucenuqel -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\system32\Gonedo.dll
[05-SERVICE]**pauldiston -/- pauldiston -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\pauldiston\pauldiston.dll
[05-SERVICE]**pixeylily -/- pixeylily -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\pixeylily\pixeylily.dll
[05-SERVICE]**pomflain -/- pomflain -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\pomflain\pomflain.dll
[05-SERVICE]**Qiwefoyvv -/- Vowehebe -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\system32\Ymgify.dll
[05-SERVICE]**raghav1544 -/- raghav1544 -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\raghav1544\raghav1544.dll
[05-SERVICE]**rajkumar -/- rajkumar -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\rajkumar\rajkumar.dll
[05-SERVICE]**rebeccak1 -/- rebeccak1 -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\rebeccak1\rebeccak1.dll
[05-SERVICE]**rickeytom -/- rickeytom -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\rickeytom\rickeytom.dll
[05-SERVICE]**Rinuhec -/- Fyweebbe -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\system32\Ezjeemepwui.dll
[05-SERVICE]**robwenstrand -/- robwenstrand -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\robwenstrand\robwenstrand.dll
[05-SERVICE]**scotthill -/- scotthill -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\scotthill\scotthill.dll
[05-SERVICE]**Service Web Update_WEB -/- Service Web Update System WEB_20100411 -/- C:\Program Files\Common Files\Microsoft Shared\VC\WEB\WebUpdate.exe
[05-SERVICE]**smpsvc32 -/- Windows Smart Pack Service -/- C:\Program Files\smartmanager\smpsvc.exe
[05-SERVICE]**Sofaudvej -/- Cuyzzujole -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\system32\Agmequnuj.dll
[05-SERVICE]**stevewellens -/- stevewellens -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\stevewellens\stevewellens.dll
[05-SERVICE]**stormudder -/- stormudder -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\stormudder\stormudder.dll
[05-SERVICE]**superrock -/- superrock -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\superrock\superrock.dll
[05-SERVICE]**swclarke -/- swclarke -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\swclarke\swclarke.dll
[05-SERVICE]**TCCheckAgent -/- TCCheckAgent -/- C:\Program Files\AdvTopC\TCCheckAgent.exe
[05-SERVICE]**timthelion -/- timthelion -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\timthelion\timthelion.dll
[05-SERVICE]**usprserv -/- User Privilege Service -/- C:\WINDOWS\System32\svchost.exe
[05-SERVICE]**WindowsDriver -/- WindowsDriver -/- C:\WINDOWS\system32\svchost.exe -/- C:\WINDOWS\system32\WindowsDriver.dll
[05-SERVICE]**wismsvc32 -/- Windows WIS Manager Service -/- C:\Program Files\Windows WIS\wismsvc.exe
[05-SERVICE]**WPFFontCache_v0400 -/- Windows Presentation Foundation Font Cache 4.0.0.0 -/- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
[05-SERVICE]**Xekita -/- Gyysjupu -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\system32\Fiefegxoniq.dll
[05-SERVICE]**yathosho -/- yathosho -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\yathosho\yathosho.dll
[05-SERVICE]**zhenghongli -/- zhenghongli -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\zhenghongli\zhenghongli.dll