Code : 8NUpagGZA7Ml3qWLWc3Ks8m4KRxbxFBAIl87lMldWCk=

프로그램분석

Code : 8NUpagGZA7Ml3qWLWc3Ks8m4KRxbxFBAIl87lMldWCk=

프로세스 천국 2013. 12. 2. 10:19

[00-PROCESS]**alg -/- C:\WINDOWS\System32\alg.exe
[00-PROCESS]**aspnet_state -/- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
[00-PROCESS]**AYLaunch -/- C:\Program Files\ESTsoft\ALYac\AYLaunch.exe
[00-PROCESS]**cisvc -/- C:\WINDOWS\system32\cisvc.exe
[00-PROCESS]**clipsrv -/- C:\WINDOWS\system32\clipsrv.exe
[00-PROCESS]**conime -/- C:\WINDOWS\system32\conime.exe
[00-PROCESS]**ctfmon -/- C:\WINDOWS\system32\ctfmon.exe
[00-PROCESS]**dllhost -/- C:\WINDOWS\system32\dllhost.exe
[00-PROCESS]**explorer -/- C:\WINDOWS\explorer.exe
[00-PROCESS]**ez-PlusSC -/- C:\Program Files\Common Files\EZ-Plus\ez-PlusSC.exe
[00-PROCESS]**FlashPlayerUpdateService -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00-PROCESS]**hkcmd -/- C:\WINDOWS\system32\hkcmd.exe
[00-PROCESS]**HncChecker -/- C:\Program Files\Hnc\HncUtils\HncChecker.exe
[00-PROCESS]**iexplore -/- C:\Program Files\Internet Explorer\iexplore.exe
[00-PROCESS]**igfxpers -/- C:\WINDOWS\system32\igfxpers.exe
[00-PROCESS]**igfxtray -/- C:\WINDOWS\system32\igfxtray.exe
[00-PROCESS]**imapi -/- C:\WINDOWS\system32\imapi.exe
[00-PROCESS]**IMJPMIG -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
[00-PROCESS]**IMKRMIG -/- C:\Program Files\Common Files\Microsoft Shared\IME12\IMEKR\IMKRMIG.EXE
[00-PROCESS]**infocard -/- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
[00-PROCESS]**innosvc -/- C:\WINDOWS\system32\innosvc.exe
[00-PROCESS]**innosvc7 -/- C:\WINDOWS\system32\innosvc7.exe
[00-PROCESS]**innosvc-tving -/- C:\Program Files\INNORIX\common\innosvc-tving.exe
[00-PROCESS]**KMPProcess -/- C:\Program Files\PANDORA.TV\PanService\KMPProcess.exe
[00-PROCESS]**KMPService -/- C:\Program Files\PANDORA.TV\PanService\KMPService.exe
[00-PROCESS]**locator -/- C:\WINDOWS\system32\locator.exe
[00-PROCESS]**lsass -/- C:\WINDOWS\system32\lsass.exe
[00-PROCESS]**mnmsrvc -/- C:\WINDOWS\system32\mnmsrvc.exe
[00-PROCESS]**mscorsvw -/- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[00-PROCESS]**msdtc -/- C:\WINDOWS\system32\msdtc.exe
[00-PROCESS]**msiexec -/- C:\WINDOWS\system32\msiexec.exe
[00-PROCESS]**NaverAdminAPISvc -/- C:\Program Files\Naver\NaverCommon\NaverAdminAPISvc.exe
[00-PROCESS]**netdde -/- C:\WINDOWS\system32\netdde.exe
[00-PROCESS]**NMain -/- C:\Program Files\NLIA\NMain.exe
[00-PROCESS]**npesvc -/- C:\Program Files\nProtect\nProtect Online Security\npesvc.exe
[00-PROCESS]**npkcmsvc -/- C:\WINDOWS\system32\npkcmsvc.exe
[00-PROCESS]**npkfxsvc -/- C:\WINDOWS\system32\npkfxsvc.exe
[00-PROCESS]**ODSERV -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[00-PROCESS]**OSE -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[00-PROCESS]**PC-CleanV -/- C:\Program Files\PC-CleanV\PC-CleanV.exe
[00-PROCESS]**PresentationFontCache -/- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
[00-PROCESS]**regedit -/- C:\WINDOWS\regedit.exe
[00-PROCESS]**rsvp -/- C:\WINDOWS\system32\rsvp.exe
[00-PROCESS]**SCardSvr -/- C:\WINDOWS\System32\SCardSvr.exe
[00-PROCESS]**services -/- C:\WINDOWS\system32\services.exe
[00-PROCESS]**sessmgr -/- C:\WINDOWS\system32\sessmgr.exe
[00-PROCESS]**smlogsvc -/- C:\WINDOWS\system32\smlogsvc.exe
[00-PROCESS]**smss -/- C:\WINDOWS\System32\smss.exe
[00-PROCESS]**spoolsv -/- C:\WINDOWS\system32\spoolsv.exe
[00-PROCESS]**svchost -/- C:\WINDOWS\system32\svchost.exe
[00-PROCESS]**TINTSETP -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
[00-PROCESS]**ups -/- C:\WINDOWS\System32\ups.exe
[00-PROCESS]**vssvc -/- C:\WINDOWS\System32\vssvc.exe
[00-PROCESS]**win_aplussvc -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows aplus\win_aplussvc.exe
[00-PROCESS]**win_applussvc -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows applus\win_applussvc.exe
[00-PROCESS]**WinKeyword -/- C:\Program Files\KoreanKeyword\WinKeyword.exe
[00-PROCESS]**WinKeyword_Up -/- C:\Program Files\KoreanKeyword\WinKeyword_Up.exe
[00-PROCESS]**winlogon -/- C:\WINDOWS\system32\winlogon.exe
[00-PROCESS]**winnetplus -/- C:\Program Files\FileNori\winnetplus.exe
[00-PROCESS]**wmiapsrv -/- C:\WINDOWS\system32\wbem\wmiapsrv.exe
[00-PROCESS]**WMPNetwk -/- C:\Program Files\Windows Media Player\WMPNetwk.exe
[00-PROCESS]**zwsis -/- C:\Documents and Settings\Administrator\Application Data\zwsis\zwsis.exe
[00-PROCESS]**zwsisv -/- C:\Documents and Settings\Administrator\Application Data\zwsis\zwsisv.exe
[01-HKCUREG]**Adobe ARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[01-HKCUREG]**ALYac -/- C:\Program Files\ESTsoft\ALYac\AYLaunch.exe /run
[01-HKCUREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[01-HKCUREG]**DAEMON Tools Lite -/- C:\Program Files\DAEMON Tools Lite\DaemonUpdate.exe
[01-HKCUREG]**HncUpdate -/- C:\Program Files\Hnc\HncUtils\HncChecker.exe
[01-HKCUREG]**HotKeysCmds -/- C:\WINDOWS\system32\hkcmd.exe
[01-HKCUREG]**IgfxTray -/- C:\WINDOWS\system32\igfxtray.exe
[01-HKCUREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[01-HKCUREG]**Korean IME Migration -/- C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
[01-HKCUREG]**NaverAgent -/- C:\Program Files\naver\NaverAgent\NaverAgent.exe /autorun
[01-HKCUREG]**NCG -/- C:\Program Files\NCG\NetsyncContentGuard.exe
[01-HKCUREG]**NLIA -/- C:\Program Files\NLIA\NMain.exe
[01-HKCUREG]**NOSPELL_UC -/- C:\Program Files\nospell\nospell_uc.exe /run
[01-HKCUREG]**PC-CleanV -/- C:\Program Files\PC-CleanV\PC-CleanV.exe /h
[01-HKCUREG]**Persistence -/- C:\WINDOWS\system32\igfxpers.exe
[01-HKCUREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[01-HKCUREG]**PHIME2002ASync -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
[01-HKCUREG]**RTHDCPL -/- RTHDCPL.EXE
[01-HKCUREG]**SSI -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\SSI\SSI.exe /byboot
[01-HKCUREG]**SSIagent -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\SSI\SSIagent.exe
[01-HKCUREG]**WinKeyword -/- C:\Program Files\KoreanKeyword\WinKeyword.exe
[01-HKCUREG]**WinKeyword_Up -/- C:\Program Files\KoreanKeyword\WinKeyword_Up.exe
[02-HKLMREG]**Adobe ARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[02-HKLMREG]**ALYac -/- C:\Program Files\ESTsoft\ALYac\AYLaunch.exe /run
[02-HKLMREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[02-HKLMREG]**DAEMON Tools Lite -/- C:\Program Files\DAEMON Tools Lite\DaemonUpdate.exe
[02-HKLMREG]**HncUpdate -/- C:\Program Files\Hnc\HncUtils\HncChecker.exe
[02-HKLMREG]**HotKeysCmds -/- C:\WINDOWS\system32\hkcmd.exe
[02-HKLMREG]**IgfxTray -/- C:\WINDOWS\system32\igfxtray.exe
[02-HKLMREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[02-HKLMREG]**Korean IME Migration -/- C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
[02-HKLMREG]**NaverAgent -/- C:\Program Files\naver\NaverAgent\NaverAgent.exe /autorun
[02-HKLMREG]**NCG -/- C:\Program Files\NCG\NetsyncContentGuard.exe
[02-HKLMREG]**NLIA -/- C:\Program Files\NLIA\NMain.exe
[02-HKLMREG]**NOSPELL_UC -/- C:\Program Files\nospell\nospell_uc.exe /run
[02-HKLMREG]**PC-CleanV -/- C:\Program Files\PC-CleanV\PC-CleanV.exe /h
[02-HKLMREG]**Persistence -/- C:\WINDOWS\system32\igfxpers.exe
[02-HKLMREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[02-HKLMREG]**PHIME2002ASync -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
[02-HKLMREG]**RTHDCPL -/- RTHDCPL.EXE
[02-HKLMREG]**SSI -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\SSI\SSI.exe /byboot
[02-HKLMREG]**SSIagent -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\SSI\SSIagent.exe
[02-HKLMREG]**WinKeyword -/- C:\Program Files\KoreanKeyword\WinKeyword.exe
[02-HKLMREG]**WinKeyword_Up -/- C:\Program Files\KoreanKeyword\WinKeyword_Up.exe
[03-BHOCLSD]**NLEA Resolver -/- C:\Program Files\NLIA\NLEAR.dll -/- {5D756149-6CE5-4BA3-86EF-B331CD90F11F}
[03-BHOCLSD]**NLIA Resolver -/- C:\Program Files\NLIA\NLIAR.dll -/- {F6E8885E-D85A-432E-9978-40CB4ED6212A}
[03-BHOCLSD]**네이버 툴바 도우미 -/- C:\Program Files\naver\NaverToolbar\NaverTB_4_0_22_266.dll -/- {67C41E9E-2EBF-4F2B-AF74-314F0D793172}
[03-BHOCLSD]**이지플러스(ez-Plus)_ezPlusbho -/- C:\Program Files\Common Files\EZ-Plus\ez-Plus.dll -/- {1F810C3E-B96E-400d-A8CB-B822620AC3BE}
[04-TOOLBAR]**네이버 툴바 -/- C:\Program Files\naver\NaverToolbar\NaverTB_4_0_22_266.dll -/- {D09CFF09-A42A-4EDC-9804-E61224F59CA1}
[05-SERVICE]**AdobeFlashPlayerUpdateSvc -/- Adobe Flash Player Update Service -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[05-SERVICE]**ALYac_RTSrv -/- ALYac RealTime Service -/- C:\Program Files\ESTsoft\ALYac\AYRTSrv.aye
[05-SERVICE]**ALYac_UpdSrv -/- ALYac Update Service -/- C:\Program Files\ESTsoft\ALYac\AYUpdSrv.aye
[05-SERVICE]**ezLink -/- Windows Favorites ezLink -/- C:\Program Files\Common Files\Windows Favorites\ezLink_svc.exe
[05-SERVICE]**ez-Plus -/- Windows ez-Plus V.1.1 -/- C:\Program Files\Common Files\EZ-Plus\ez-PlusSC.exe
[05-SERVICE]**Innosvc -/- Innosvc -/- C:\WINDOWS\system32\innosvc.exe
[05-SERVICE]**Innosvc7 -/- Innosvc7 -/- C:\WINDOWS\system32\innosvc7.exe
[05-SERVICE]**Innosvc-tving -/- Innosvc-tving -/- C:\Program Files\INNORIX\common\innosvc-tving.exe
[05-SERVICE]**napagent -/- Network Access Protection Agent -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\System32\qagentrt.dll
[05-SERVICE]**Naver Updater -/- Naver Updater -/- C:\Program Files\Naver\NaverCommon\NaverAdminAPISvc.exe
[05-SERVICE]**npkcmsvc -/- npkcmsvc -/- C:\WINDOWS\system32\npkcmsvc.exe
[05-SERVICE]**npkfxsvc -/- npkfxsvc -/- C:\WINDOWS\system32\npkfxsvc.exe
[05-SERVICE]**nProtect Online Security Service -/- nProtect Online Security Service -/- C:\Program Files\nProtect\nProtect Online Security\npesvc.exe
[05-SERVICE]**odserv -/- Microsoft Office Diagnostics Service -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[05-SERVICE]**ose -/- Office Source Engine -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[05-SERVICE]**PanService -/- PandoraService -/- C:\Program Files\PANDORA.TV\PanService\KMPService.exe
[05-SERVICE]**Windows aplus -/- Windows aplus -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows aplus\win_aplussvc.exe
[05-SERVICE]**Windows applus -/- Windows applus -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows applus\win_applussvc.exe
[05-SERVICE]**WinnetPlusService -/- WinnetPlusService -/- C:\Program Files\FileNori\winnetplus.exe
[05-SERVICE]**zwsisv -/- SubShop -/- C:\Documents and Settings\Administrator\Application Data\zwsis\zwsisv.exe