Code : 25l/dVzb/QorNPSMLg3Kw1SHMiMVrweftEC/M3qPs4M=

프로그램분석

Code : 25l/dVzb/QorNPSMLg3Kw1SHMiMVrweftEC/M3qPs4M=

프로세스 천국 2013. 4. 1. 15:55

[00-PROCESS]**AdobeARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[00-PROCESS]**armsvc -/- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
[00-PROCESS]**auction -/- C:\Users\Administrator\AppData\Local\Auction\auction.exe
[00-PROCESS]**barosvc -/- C:\Program Files\barocn\barosvc.exe
[00-PROCESS]**BonUpdate -/- C:\Program Files\BonDisk.com\BonDisk(normal)\BonUpdate.exe
[00-PROCESS]**catroot -/- C:\WINDOWS\system32\AppCompat\catroot\catroot.exe
[00-PROCESS]**catrootsz -/- C:\WINDOWS\system32\AppCompat\catroot\catrootsz.exe
[00-PROCESS]**ccSvcHst -/- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
[00-PROCESS]**cmd -/- C:\windows\system32\cmd.exe
[00-PROCESS]**cnbasvc -/- C:\Program Files\cnbarod\cnbasvc.exe
[00-PROCESS]**cnhost -/- C:\windows\system32\cnhost.exe
[00-PROCESS]**FBDSvcMan -/- C:\Users\Administrator\AppData\Roaming\SpeedDownload\FBDSvcMan.exe
[00-PROCESS]**FsUsbExService -/- C:\windows\system32\FsUsbExService.Exe
[00-PROCESS]**GoogleToolbarUser_32 -/- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
[00-PROCESS]**GoogleUpdate -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[00-PROCESS]**GoogleUpdaterService -/- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[00-PROCESS]**GrooveAuditService -/- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
[00-PROCESS]**HelpPanl -/- C:\windows\system32\HelpPanl.exe
[00-PROCESS]**ie_signkey -/- C:\Users\Administrator\AppData\Local\signkey\ie_signkey.exe
[00-PROCESS]**iexplore -/- C:\Program Files\Internet Explorer\iexplore.exe
[00-PROCESS]**ImageSAFERSvc -/- C:\windows\ImageSAFERSvc.exe
[00-PROCESS]**infocontroluser -/- C:\windows\infocontroluser.exe
[00-PROCESS]**LMS -/- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
[00-PROCESS]**metablogagent -/- C:\Users\Administrator\AppData\Local\MetablogNewIssues\metablogagent.exe
[00-PROCESS]**MetablogNewIssues -/- C:\Users\Administrator\AppData\Local\MetablogNewIssues\MetablogNewIssues.exe
[00-PROCESS]**MicrowindowSearch -/- C:\WINDOWS\system32\MicrowindowSearch\MicrowindowSearch.exe
[00-PROCESS]**mxwho -/- C:\Users\Administrator\AppData\Roaming\Microsoft\mxwho\mxwho.exe
[00-PROCESS]**mxwho -/- C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\mxwho\mxwho.exe
[00-PROCESS]**natsvc -/- C:\Program Files\NAT Service\natsvc.exe
[00-PROCESS]**NaverAdminAPISvc -/- C:\Program Files\Naver\NaverCommon\NaverAdminAPISvc.exe
[00-PROCESS]**NetAccelerator -/- C:\Program Files\BonDisk.com\Bondisk(normal)\NetAccelerator.exe
[00-PROCESS]**NetMWin -/- C:\Program Files\NetMWin\NetMWin.exe
[00-PROCESS]**nmnewmgr -/- C:\Users\Administrator\AppData\Roaming\addendum_sb\nmnewmgr.exe
[00-PROCESS]**nmnewup -/- C:\Users\Administrator\AppData\Roaming\addendum_sb\nmnewup.exe
[00-PROCESS]**npkcmsvc -/- C:\windows\system32\npkcmsvc.exe
[00-PROCESS]**npkfxsvc -/- C:\windows\system32\npkfxsvc.exe
[00-PROCESS]**nvvsvc -/- C:\windows\system32\nvvsvc.exe
[00-PROCESS]**ODSERV -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[00-PROCESS]**optimaspeedsvc -/- C:\Program Files\optimaspeed\optimaspeedsvc.exe
[00-PROCESS]**OSE -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[00-PROCESS]**popmulticare -/- C:\ProgramData\Microsoft\popmulticare\popmulticare.exe
[00-PROCESS]**RaclSvc -/- C:\Program Files\Racl\RaclSvc.exe
[00-PROCESS]**RichVideo -/- C:\Program Files\CyberLink\Shared files\RichVideo.exe
[00-PROCESS]**rundll32 -/- C:\windows\system32\rundll32.exe
[00-PROCESS]**sgsvc -/- C:\Program Files\AhnLab\SiteGuard2\sgsvc.exe
[00-PROCESS]**signkey -/- C:\Users\Administrator\AppData\Local\signkey\signkey.exe
[00-PROCESS]**SmartWD -/- C:\Program Files\smartw\SmartWD.exe
[00-PROCESS]**SmartWS -/- C:\Program Files\smartw\SmartWS.exe
[00-PROCESS]**SUPDSvc -/- C:\windows\System32\SUPDSvc.exe
[00-PROCESS]**svcwin -/- C:\windows\System32\svcwin.exe
[00-PROCESS]**taskmgr -/- C:\windows\system32\taskmgr.exe
[00-PROCESS]**UNS -/- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
[00-PROCESS]**upmxwho -/- C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\mxwho\upmxwho.exe
[00-PROCESS]**userinforesetupdate -/- C:\windows\userinforesetupdate.exe
[00-PROCESS]**UtilZone -/- C:\Program Files\UtilZone\UtilZone.exe
[00-PROCESS]**WatAdminSvc -/- C:\windows\system32\Wat\WatAdminSvc.exe
[00-PROCESS]**wdrwzsvc -/- C:\windows\System32\wdrwzsvc.exe
[00-PROCESS]**windopt -/- C:\Program Files\windviewer\windopt.exe
[00-PROCESS]**WindowServiceNT -/- C:\WINDOWS\system32\WindowServiceNT.exe
[00-PROCESS]**windowstab -/- C:\ProgramData\WindowsTab\windowstab.exe
[00-PROCESS]**windowstabup -/- C:\ProgramData\WindowsTab\windowstabup.exe
[00-PROCESS]**windviewer -/- C:\Program Files\windviewer\windviewer.exe
[00-PROCESS]**windvieweragent -/- C:\Program Files\windviewer\windvieweragent.exe
[00-PROCESS]**winggou -/- C:\Users\Administrator\AppData\Roaming\WingGo\winggou.exe
[00-PROCESS]**winst -/- C:\Users\Administrator\AppData\Roaming\winsigntool\winst.exe
[00-PROCESS]**wlcrasvc -/- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
[00-PROCESS]**WLIDSVC -/- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
[00-PROCESS]**WLIDSvcM -/- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
[00-PROCESS]**wmpnetwk -/- C:\Program Files\Windows Media Player\wmpnetwk.exe
[01-HKCUREG]**37C4833D -/- C:\windows\37C4833D\svchsot.exe
[01-HKCUREG]**9EDB3B9E -/- C:\windows\9EDB3B9E\svchsot.exe
[01-HKCUREG]**Adobe ARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[01-HKCUREG]**Adv_TopC -/- C:\Program Files\AdvTopC\TCSearch.exe
[01-HKCUREG]**catroot -/- C:\WINDOWS\system32\AppCompat\catroot\catrootsz.exe
[01-HKCUREG]**cnsyshost -/- C:\windows\system32\cnhost.exe
[01-HKCUREG]**ctdata -/- C:\Users\Administrator\AppData\Local\Temp\data.exe
[01-HKCUREG]**Helpsys -/- C:\windows\system32\HelpPanl.exe
[01-HKCUREG]**metablogagent -/- C:\Users\Administrator\AppData\Local\MetablogNewIssues\metablogagent.exe
[01-HKCUREG]**MetablogNewIssues -/- C:\Users\Administrator\AppData\Local\MetablogNewIssues\MetablogNewIssues.exe /byboot
[01-HKCUREG]**MicroProCon -/- C:\Users\Administrator\AppData\Roaming\MicroLab\MyEngin\Common\MicroProCon.exe -mGwnBLu
[01-HKCUREG]**MicroProProc -/- C:\Users\Administrator\AppData\Roaming\MicroLab\MyEngin\Common\MicroProProc.exe -mGwnBLu
[01-HKCUREG]**MicrowindowSearch -/- C:\WINDOWS\system32\MicrowindowSearch\MicrowindowSearch.exe
[01-HKCUREG]**mxwho -/- C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\mxwho\mxwho.exe
[01-HKCUREG]**nmnew -/- C:\Users\Administrator\AppData\Roaming\addendum_sb\nmnewup.exe
[01-HKCUREG]**popmulticare -/- C:\ProgramData\Microsoft\popmulticare\popmulticare.exe
[01-HKCUREG]**ProcessClean -/- C:\Program Files\ProcessClean\ProcessClean.exe
[01-HKCUREG]**Racl -/- C:\Program Files\Racl\RaclSvc.exe
[01-HKCUREG]**rpga -/- C:\Users\Administrator\AppData\Roaming\SpeedDownload\rpgchk.exe
[01-HKCUREG]**signkey -/- C:\Users\Administrator\AppData\Local\signkey\signkey.exe
[01-HKCUREG]**upmxwho -/- C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\mxwho\upmxwho.exe
[01-HKCUREG]**UtilZone -/- C:\Program Files\UtilZone\UtilZone.exe
[01-HKCUREG]**WindowsTab -/- C:\ProgramData\WindowsTab\windowstabup.exe
[01-HKCUREG]**windviewer -/- C:\Program Files\windviewer\windviewer.exe
[01-HKCUREG]**windvieweragent -/- C:\Program Files\windviewer\windvieweragent.exe
[01-HKCUREG]**windvieweropt -/- C:\Program Files\windviewer\windopt.exe
[01-HKCUREG]**WingGo -/- C:\Users\Administrator\AppData\Roaming\WingGo\winggou.exe UPDATE
[01-HKCUREG]**winsigntool -/- C:\Users\Administrator\AppData\Roaming\winsigntool\winst.exe update
[02-HKLMREG]**37C4833D -/- C:\windows\37C4833D\svchsot.exe
[02-HKLMREG]**9EDB3B9E -/- C:\windows\9EDB3B9E\svchsot.exe
[02-HKLMREG]**Adobe ARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[02-HKLMREG]**Adv_TopC -/- C:\Program Files\AdvTopC\TCSearch.exe
[02-HKLMREG]**catroot -/- C:\WINDOWS\system32\AppCompat\catroot\catrootsz.exe
[02-HKLMREG]**cnsyshost -/- C:\windows\system32\cnhost.exe
[02-HKLMREG]**ctdata -/- C:\Users\Administrator\AppData\Local\Temp\data.exe
[02-HKLMREG]**Helpsys -/- C:\windows\system32\HelpPanl.exe
[02-HKLMREG]**metablogagent -/- C:\Users\Administrator\AppData\Local\MetablogNewIssues\metablogagent.exe
[02-HKLMREG]**MetablogNewIssues -/- C:\Users\Administrator\AppData\Local\MetablogNewIssues\MetablogNewIssues.exe /byboot
[02-HKLMREG]**MicroProCon -/- C:\Users\Administrator\AppData\Roaming\MicroLab\MyEngin\Common\MicroProCon.exe -mGwnBLu
[02-HKLMREG]**MicroProProc -/- C:\Users\Administrator\AppData\Roaming\MicroLab\MyEngin\Common\MicroProProc.exe -mGwnBLu
[02-HKLMREG]**MicrowindowSearch -/- C:\WINDOWS\system32\MicrowindowSearch\MicrowindowSearch.exe
[02-HKLMREG]**mxwho -/- C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\mxwho\mxwho.exe
[02-HKLMREG]**nmnew -/- C:\Users\Administrator\AppData\Roaming\addendum_sb\nmnewup.exe
[02-HKLMREG]**popmulticare -/- C:\ProgramData\Microsoft\popmulticare\popmulticare.exe
[02-HKLMREG]**ProcessClean -/- C:\Program Files\ProcessClean\ProcessClean.exe
[02-HKLMREG]**Racl -/- C:\Program Files\Racl\RaclSvc.exe
[02-HKLMREG]**rpga -/- C:\Users\Administrator\AppData\Roaming\SpeedDownload\rpgchk.exe
[02-HKLMREG]**signkey -/- C:\Users\Administrator\AppData\Local\signkey\signkey.exe
[02-HKLMREG]**upmxwho -/- C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\mxwho\upmxwho.exe
[02-HKLMREG]**UtilZone -/- C:\Program Files\UtilZone\UtilZone.exe
[02-HKLMREG]**WindowsTab -/- C:\ProgramData\WindowsTab\windowstabup.exe
[02-HKLMREG]**windviewer -/- C:\Program Files\windviewer\windviewer.exe
[02-HKLMREG]**windvieweragent -/- C:\Program Files\windviewer\windvieweragent.exe
[02-HKLMREG]**windvieweropt -/- C:\Program Files\windviewer\windopt.exe
[02-HKLMREG]**WingGo -/- C:\Users\Administrator\AppData\Roaming\WingGo\winggou.exe UPDATE
[02-HKLMREG]**winsigntool -/- C:\Users\Administrator\AppData\Roaming\winsigntool\winst.exe update
[03-BHOCLSD]**{002B9765-AB24-47E6-8DB6-6A1A0CE11BC9} -/- C:\Users\Administrator\AppData\Roaming\WingGo\winggo.dll
[03-BHOCLSD]**{18DF081C-E8AD-4283-A596-FA578C2EBDC3} -/- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
[03-BHOCLSD]**{19217B99-F935-4A39-B857-A68A68D5BEBB} -/- C:\Program Files\AhnLab\SiteGuard2\SGAgenti.dll
[03-BHOCLSD]**{1A64F9EC-2126-45FB-9598-7A918ADBAAB0} -/- C:\ProgramData\Microsoft\popmulticare\popmulticare_v1.dll
[03-BHOCLSD]**{2F40ECDC-6F7B-4CF3-B1D0-ED8845084912} -/- C:\Users\Administrator\AppData\Roaming\addendum_sb\nmnewim.dll
[03-BHOCLSD]**{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -/- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
[03-BHOCLSD]**{6D53EC84-6AAE-4787-AEEE-F4628F01010C} -/- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL
[03-BHOCLSD]**{7760E6D4-CC93-4495-981B-5E23919D602A} -/- C:\Program Files\NetMWin\NMHelper.dll
[03-BHOCLSD]**{AA58ED58-01DD-4d91-8333-CF10577473F7} -/- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
[03-BHOCLSD]**{CC34B3C3-3904-4D0E-8035-536715B28BBA} -/- C:\Program Files\windviewer\windviewer.dll
[04-TOOLBAR]**!{03ea5b10-2efa-4311-ac10-04427b02d663} -/- N.A
[04-TOOLBAR]**!{2318C2B1-4965-11d4-9B18-009027A5CD4F} -/- N.A
[04-TOOLBAR]**!{5402F30A-DE34-4240-A594-132217F7D52D} -/- N.A
[04-TOOLBAR]**!{D09CFF09-A42A-4EDC-9804-E61224F59CA1} -/- N.A
[04-TOOLBAR]**{003B9765-AB24-47E6-8DB6-6A1A0CE11BC9} -/- C:\Users\Administrator\AppData\Roaming\WingGo\winggo.dll
[04-TOOLBAR]**{2318C2B1-4965-11d4-9B18-009027A5CD4F} -/- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
[04-TOOLBAR]**{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -/- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
[04-TOOLBAR]**{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD} -/- C:\Program Files\Racl\RaclTB.dll
[05-SERVICE]**AdobeARMservice -/- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
[05-SERVICE]**AppCatroots -/- C:\WINDOWS\system32\AppCompat\catroot\catroot.exe
[05-SERVICE]**ApplicationSpecialManagement -/- C:\WINDOWS\system32\WindowServiceNT.exe
[05-SERVICE]**barocn -/- C:\Program Files\barocn\barosvc.exe
[05-SERVICE]**Bondisk Update Service -/- C:\Program Files\BonDisk.com\BonDisk(normal)\BonUpdate.exe
[05-SERVICE]**cnbarod -/- C:\Program Files\cnbarod\cnbasvc.exe
[05-SERVICE]**FBDSvcman -/- C:\Users\Administrator\AppData\Roaming\SpeedDownload\FBDSvcMan.exe
[05-SERVICE]**FsUsbExService -/- C:\windows\system32\FsUsbExService.Exe
[05-SERVICE]**gupdate -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**gupdatem -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**gusvc -/- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[05-SERVICE]**Image Protection -/- C:\windows\ImageSAFERSvc.exe
[05-SERVICE]**LMS -/- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
[05-SERVICE]**Miconsoft_s -/- C:\Program Files\Miconsoft\miconsoft_s.exe
[05-SERVICE]**Microsoft Office Groove Audit Service -/- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
[05-SERVICE]**NATService -/- C:\Program Files\NAT Service\natsvc.exe
[05-SERVICE]**Naver Updater -/- C:\Program Files\Naver\NaverCommon\NaverAdminAPISvc.exe
[05-SERVICE]**NetAccelerator -/- C:\Program Files\BonDisk.com\Bondisk(normal)\NetAccelerator.exe
[05-SERVICE]**NIS -/- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
[05-SERVICE]**npggsvc -/- C:\windows\system32\GameMon.des -service
[05-SERVICE]**npkcmsvc -/- C:\windows\system32\npkcmsvc.exe
[05-SERVICE]**npkfxsvc -/- C:\windows\system32\npkfxsvc.exe
[05-SERVICE]**NVSvc -/- C:\windows\system32\nvvsvc.exe
[05-SERVICE]**optimaspeed -/- C:\Program Files\optimaspeed\optimaspeedsvc.exe
[05-SERVICE]**RichVideo -/- C:\Program Files\CyberLink\Shared files\RichVideo.exe
[05-SERVICE]**Samsung UPD Service -/- C:\windows\System32\SUPDSvc.exe
[05-SERVICE]**sgsvc -/- C:\Program Files\AhnLab\SiteGuard2\sgsvc.exe
[05-SERVICE]**TCCheckAgent -/- C:\Program Files\AdvTopC\TCCheckAgent.exe
[05-SERVICE]**UNS -/- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
[05-SERVICE]**vaccineweb Update Service -/- C:\windows\infocontroluser.exe
[05-SERVICE]**windowfaster Update Service -/- C:\windows\userinforesetupdate.exe
[05-SERVICE]**Windows Wizeni Diagnostics Service -/- C:\windows\System32\wdrwzsvc.exe
[05-SERVICE]**WindowsDriver -/- C:\windows\system32\svchost.exe -/- C:\windows\system32\WindowsDriver.dll
[05-SERVICE]**Wizeni Service -/- C:\windows\System32\svcwin.exe
[05-SERVICE]**wlcrasvc -/- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
[05-SERVICE]**wlidsvc -/- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE