Code : 25l/dVzb/QpyZfsyQEunRbeJe2M8YAeI

프로그램분석

Code : 25l/dVzb/QpyZfsyQEunRbeJe2M8YAeI

프로세스 천국 2013. 4. 13. 00:34

[00-PROCESS]**AdobeARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[00-PROCESS]**auction -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\Auction\auction.exe
[00-PROCESS]**AYLaunch -/- C:\Program Files\ESTsoft\ALYac\AYLaunch.exe
[00-PROCESS]**ctpop -/- C:\Program Files\ctpop\ctpop.exe
[00-PROCESS]**daemonu -/- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
[00-PROCESS]**FlashPlayerUpdateService -/- C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00-PROCESS]**FNPLicensingService -/- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
[00-PROCESS]**GoogleUpdate -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[00-PROCESS]**HD-Agent -/- C:\Program Files\BlueStacks\HD-Agent.exe
[00-PROCESS]**HD-BlockDevice -/- C:\Program Files\BlueStacks\HD-BlockDevice.exe
[00-PROCESS]**HD-LogRotatorService -/- C:\Program Files\BlueStacks\HD-LogRotatorService.exe
[00-PROCESS]**HD-Network -/- C:\Program Files\BlueStacks\HD-Network.exe
[00-PROCESS]**HD-Service -/- C:\Program Files\BlueStacks\HD-Service.exe
[00-PROCESS]**HD-SharedFolder -/- C:\Program Files\BlueStacks\HD-SharedFolder.exe
[00-PROCESS]**iexplore -/- C:\Program Files\Internet Explorer\iexplore.exe
[00-PROCESS]**IMKRMIG -/- C:\Program Files\Common Files\Microsoft Shared\IME12\IMEKR\IMKRMIG.EXE
[00-PROCESS]**IProtect -/- C:\Program Files\IProtect\IProtect.exe
[00-PROCESS]**IProtectUpdate -/- C:\Program Files\IProtect\IProtectUpdate.exe
[00-PROCESS]**jqs -/- C:\Program Files\Java\jre6\bin\jqs.exe
[00-PROCESS]**mDNSResponder -/- C:\Program Files\Bonjour\mDNSResponder.exe
[00-PROCESS]**metablogagent -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\MetablogNewIssues\metablogagent.exe
[00-PROCESS]**MetablogNewIssues -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\MetablogNewIssues\MetablogNewIssues.exe
[00-PROCESS]**NBService -/- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
[00-PROCESS]**NediskService -/- C:\Program Files\NeDisk\NediskService.exe
[00-PROCESS]**NetworkEditing -/- C:\Program Files\NetworkEditing\NetworkEditing.exe
[00-PROCESS]**NexonPlug -/- C:\Nexon\NexonPlug\NexonPlug.exe
[00-PROCESS]**NMIndexingService -/- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
[00-PROCESS]**nmnewmgr -/- C:\Program Files\addendum_sb\nmnewmgr.exe
[00-PROCESS]**nmnewup -/- C:\Program Files\addendum_sb\nmnewup.exe
[00-PROCESS]**npkcmsvc -/- C:\windows\system32\npkcmsvc.exe
[00-PROCESS]**npkfxsvc -/- C:\windows\system32\npkfxsvc.exe
[00-PROCESS]**nvsvc32 -/- C:\windows\system32\nvsvc32.exe
[00-PROCESS]**ODSERV -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[00-PROCESS]**OSE -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[00-PROCESS]**RalinkRegistryWriter -/- C:\Program Files\EFM\Common\RalinkRegistryWriter.exe
[00-PROCESS]**SeaPort -/- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
[00-PROCESS]**tcpsvcs -/- C:\windows\system32\tcpsvcs.exe
[00-PROCESS]**weblink -/- C:\Documents and Settings\Administrator\Application Data\iniweblink\weblink.exe
[00-PROCESS]**weblinkup -/- C:\Documents and Settings\Administrator\Application Data\iniweblink\weblinkup.exe
[00-PROCESS]**WinCloud -/- C:\Program Files\Nedisk\WinCloud.exe
[00-PROCESS]**windowstab -/- C:\Documents and Settings\Administrator\Application Data\WindowsTab\windowstab.exe
[00-PROCESS]**windowstabup -/- C:\Documents and Settings\Administrator\Application Data\WindowsTab\windowstabup.exe
[00-PROCESS]**winst -/- C:\Documents and Settings\Administrator\Application Data\winsigntool\winst.exe
[00-PROCESS]**WLIDSVC -/- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
[00-PROCESS]**WLIDSvcM -/- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
[00-PROCESS]**WMPNetwk -/- C:\Program Files\Windows Media Player\WMPNetwk.exe
[01-HKCUREG]**Adobe ARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[01-HKCUREG]**ALYac -/- C:\Program Files\ESTsoft\ALYac\AYLaunch.exe /run
[01-HKCUREG]**BlueStacks Agent -/- C:\Program Files\BlueStacks\HD-Agent.exe
[01-HKCUREG]**ctdata -/- C:\Documents and Settings\Administrator\LOCALS~1\Temp\data.exe
[01-HKCUREG]**ctfmon.exe -/- C:\windows\system32\ctfmon.exe
[01-HKCUREG]**ctpop -/- C:\Program Files\ctpop\ctpop.exe
[01-HKCUREG]**iniweblink -/- C:\Documents and Settings\Administrator\Application Data\iniweblink\weblinkup.exe
[01-HKCUREG]**IProtect -/- C:\Program Files\IProtect\IProtectUpdate.exe
[01-HKCUREG]**Korean IME Migration -/- C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
[01-HKCUREG]**metablogagent -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\MetablogNewIssues\metablogagent.exe
[01-HKCUREG]**MetablogNewIssues -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\MetablogNewIssues\MetablogNewIssues.exe /byboot
[01-HKCUREG]**NetworkEditing.exe -/- C:\Program Files\NetworkEditing\NetworkEditing.exe
[01-HKCUREG]**NexonPlug -/- C:\Nexon\NexonPlug\NexonPlug.exe
[01-HKCUREG]**nmnew -/- C:\Program Files\addendum_sb\nmnewup.exe
[01-HKCUREG]**WindowsTab -/- C:\Documents and Settings\Administrator\Application Data\WindowsTab\windowstabup.exe
[01-HKCUREG]**winsigntool -/- C:\Documents and Settings\Administrator\Application Data\winsigntool\winst.exe update
[02-HKLMREG]**Adobe ARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[02-HKLMREG]**ALYac -/- C:\Program Files\ESTsoft\ALYac\AYLaunch.exe /run
[02-HKLMREG]**BlueStacks Agent -/- C:\Program Files\BlueStacks\HD-Agent.exe
[02-HKLMREG]**ctdata -/- C:\Documents and Settings\Administrator\LOCALS~1\Temp\data.exe
[02-HKLMREG]**ctfmon.exe -/- C:\windows\system32\ctfmon.exe
[02-HKLMREG]**ctpop -/- C:\Program Files\ctpop\ctpop.exe
[02-HKLMREG]**iniweblink -/- C:\Documents and Settings\Administrator\Application Data\iniweblink\weblinkup.exe
[02-HKLMREG]**IProtect -/- C:\Program Files\IProtect\IProtectUpdate.exe
[02-HKLMREG]**Korean IME Migration -/- C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
[02-HKLMREG]**metablogagent -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\MetablogNewIssues\metablogagent.exe
[02-HKLMREG]**MetablogNewIssues -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\MetablogNewIssues\MetablogNewIssues.exe /byboot
[02-HKLMREG]**NetworkEditing.exe -/- C:\Program Files\NetworkEditing\NetworkEditing.exe
[02-HKLMREG]**NexonPlug -/- C:\Nexon\NexonPlug\NexonPlug.exe
[02-HKLMREG]**nmnew -/- C:\Program Files\addendum_sb\nmnewup.exe
[02-HKLMREG]**WindowsTab -/- C:\Documents and Settings\Administrator\Application Data\WindowsTab\windowstabup.exe
[02-HKLMREG]**winsigntool -/- C:\Documents and Settings\Administrator\Application Data\winsigntool\winst.exe update
[03-BHOCLSD]**{18DF081C-E8AD-4283-A596-FA578C2EBDC3} -/- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
[03-BHOCLSD]**{2F40ECDC-6F7B-4CF3-B1D0-ED8845084912} -/- C:\Program Files\addendum_sb\nmnewim.dll
[03-BHOCLSD]**{5732A6EC-AA3D-45D4-829C-6A2A39FF5CFA} -/- C:\Program Files\vaccinetoolbar\vaccinetoolbar.dll
[03-BHOCLSD]**{8D26D304-3890-4ED7-9A8E-FBAC954440AE} -/- C:\windows\system32\crypt.dll
[04-TOOLBAR]**{5732A6EC-AA3D-45D4-829C-6A2A39FF5CFA} -/- C:\Program Files\vaccinetoolbar\vaccinetoolbar.dll
[05-SERVICE]**6to4 -/- C:\windows\System32\svchost.exe -/- C:\windows\system32\RrmqtrC.dll
[05-SERVICE]**AdobeFlashPlayerUpdateSvc -/- C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[05-SERVICE]**ALYac_RTSrv -/- C:\Program Files\ESTsoft\ALYac\AYRTSrv.aye
[05-SERVICE]**ALYac_UpdSrv -/- C:\Program Files\ESTsoft\ALYac\AYUpdSrv.aye
[05-SERVICE]**asas -/- C:\windows\System32\svchost.exe
[05-SERVICE]**Bonjour Service -/- C:\Program Files\Bonjour\mDNSResponder.exe
[05-SERVICE]**BstHdAndroidSvc -/- C:\Program Files\BlueStacks\HD-Service.exe BstHdAndroidSvc Android
[05-SERVICE]**BstHdLogRotatorSvc -/- C:\Program Files\BlueStacks\HD-LogRotatorService.exe
[05-SERVICE]**FIDownService -/- C:\Program Files\FileI\FIDownService.exe
[05-SERVICE]**FLEXnet Licensing Service -/- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
[05-SERVICE]**gupdate -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**gupdatem -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**IGImageCodec Service -/- C:\windows\System32\svcigimg.exe
[05-SERVICE]**JavaQuickStarterService -/- C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf
[05-SERVICE]**LPDSVC -/- C:\windows\system32\tcpsvcs.exe
[05-SERVICE]**napagent -/- C:\windows\System32\svchost.exe -/- C:\windows\System32\qagentrt.dll
[05-SERVICE]**NATService -/- C:\Program Files\NAT Service\natsvc.exe
[05-SERVICE]**NBService -/- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
[05-SERVICE]**NediskService -/- C:\Program Files\NeDisk\NediskService.exe
[05-SERVICE]**NetTcpPortSharing -/- C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
[05-SERVICE]**NMIndexingService -/- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
[05-SERVICE]**npggsvc -/- C:\windows\system32\GameMon.des -service
[05-SERVICE]**npkcmsvc -/- C:\windows\system32\npkcmsvc.exe
[05-SERVICE]**npkfxsvc -/- C:\windows\system32\npkfxsvc.exe
[05-SERVICE]**NVSvc -/- C:\windows\system32\nvsvc32.exe
[05-SERVICE]**nvUpdatusService -/- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
[05-SERVICE]**odserv -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[05-SERVICE]**ose -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[05-SERVICE]**pdsutil mgr -/- C:\Documents and Settings\Administrator\Application Data\winpdsutil\pdsutilsvc.exe
[05-SERVICE]**QuickDownload Agent -/- C:\Program Files\QuickDownloadService\qdownagent.exe
[05-SERVICE]**QuickDownload Service -/- C:\Program Files\QuickDownloadService\qdownservice.exe
[05-SERVICE]**QUploader -/- C:\Program Files\qdown.com\Qdown(fast3)\QUploadService.exe
[05-SERVICE]**RalinkRegistryWriter -/- C:\Program Files\EFM\Common\RalinkRegistryWriter.exe
[05-SERVICE]**SeaPort -/- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
[05-SERVICE]**tyzrtmm3 -/- C:\Program Files\MiniMP3/minimp3_mon.exe
[05-SERVICE]**update utilprods -/- C:\Documents and Settings\Administrator\Application Data\util2prods\utilpsvc.exe
[05-SERVICE]**usprserv -/- C:\windows\System32\svchost.exe
[05-SERVICE]**VaccineToolbar Service -/- C:\Program Files\vaccinetoolbar\vaccinetoolbarsvc.exe
[05-SERVICE]**WinCloud -/- C:\Program Files\Nedisk\WinCloud.exe
[05-SERVICE]**wlidsvc -/- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
[05-SERVICE]**WPFFontCache_v0400 -/- C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
[05-SERVICE]**xsherlock -/- C:\windows\system32\xsherlock.xem