Code : 5pZmq8hr7xXQlhIYsMUR5H63/Ix4Gyit

프로그램분석

Code : 5pZmq8hr7xXQlhIYsMUR5H63/Ix4Gyit

프로세스 천국 2013. 4. 15. 21:28

[00-PROCESS]**Adobelmsvc -/- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
[00-PROCESS]**Ati2evxx -/- C:\WINDOWS\system32\Ati2evxx.exe
[00-PROCESS]**AvastEmUpdate -/- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
[00-PROCESS]**AvastSvc -/- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
[00-PROCESS]**avastUI -/- C:\Program Files\AVAST Software\Avast\avastUI.exe
[00-PROCESS]**avastUI -/- C:\Program Files\AVAST Software\Avast\avastUI.exe
[00-PROCESS]**CrazyRemote -/- C:\Program Files\CrazyRemote\CrazyRemote.exe
[00-PROCESS]**CrazyRemoteCommand -/- C:\Program Files\CrazyRemote\CrazyRemoteCommand.exe
[00-PROCESS]**CrazyRemoteServer -/- C:\Program Files\CrazyRemote\CrazyRemoteServer.exe
[00-PROCESS]**FlashPlayerUpdateService -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00-PROCESS]**FlashPlayerUpdateService -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00-PROCESS]**FNPLicensingService -/- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
[00-PROCESS]**GoogleUpdate -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
[00-PROCESS]**hpqwmiex -/- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
[00-PROCESS]**IEXPLORE -/- C:\Program Files\Internet Explorer\IEXPLORE.EXE
[00-PROCESS]**ImageSAFERSvc -/- C:\WINDOWS\ImageSAFERSvc.exe
[00-PROCESS]**IMJPMIG -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
[00-PROCESS]**IMKRMIG -/- C:\Program Files\Common Files\Microsoft Shared\IME12\IMEKR\IMKRMIG.EXE
[00-PROCESS]**NDriveSVC -/- C:\Program Files\Naver\NaverNDrive\NDriveSVC.exe
[00-PROCESS]**ODSERV -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[00-PROCESS]**OSE -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[00-PROCESS]**RPGSvcMan -/- C:\Documents and Settings\Administrator\Application Data\RapidGet\RPGSvcMan.exe
[00-PROCESS]**sfenceagt -/- C:\Program Files\safe fence\sfenceagt.exe
[00-PROCESS]**sfencefw -/- C:\Program Files\safe fence\sfencefw.exe
[00-PROCESS]**SMAgent -/- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
[00-PROCESS]**SmartSwitch -/- C:\Program Files\Grid Switch\SmartSwitch.exe
[00-PROCESS]**Smax4 -/- C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
[00-PROCESS]**TINTSETP -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
[00-PROCESS]**WinHdrt32 -/- C:\WINDOWS\system32\WinHdrt32.exe
[00-PROCESS]**WMPNetwk -/- C:\Program Files\Windows Media Player\WMPNetwk.exe
[00-PROCESS]**wscntfy -/- C:\WINDOWS\system32\wscntfy.exe
[01-HKCUREG]**avast -/- C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui
[01-HKCUREG]**CrazyRemote -/- C:\Program Files\CrazyRemote\CrazyRemote.exe
[01-HKCUREG]**CrazyRemoteCommand -/- C:\Program Files\CrazyRemote\CrazyRemoteCommand.exe
[01-HKCUREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[01-HKCUREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[01-HKCUREG]**Korean IME Migration -/- C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
[01-HKCUREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[01-HKCUREG]**safefence firewall -/- C:\Program Files\safe fence\sfencefw.exe startup
[01-HKCUREG]**safefence_realtime_agent -/- C:\Program Files\safe fence\sfenceagt.exe
[01-HKCUREG]**SoundMAX -/- C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
[02-HKLMREG]**avast -/- C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui
[02-HKLMREG]**CrazyRemote -/- C:\Program Files\CrazyRemote\CrazyRemote.exe
[02-HKLMREG]**CrazyRemoteCommand -/- C:\Program Files\CrazyRemote\CrazyRemoteCommand.exe
[02-HKLMREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[02-HKLMREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[02-HKLMREG]**Korean IME Migration -/- C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
[02-HKLMREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[02-HKLMREG]**safefence firewall -/- C:\Program Files\safe fence\sfencefw.exe startup
[02-HKLMREG]**safefence_realtime_agent -/- C:\Program Files\safe fence\sfenceagt.exe
[02-HKLMREG]**SoundMAX -/- C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
[05-SERVICE]**Adobe LM Service -/- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
[05-SERVICE]**AdobeFlashPlayerUpdateSvc -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[05-SERVICE]**Ati HotKey Poller -/- C:\WINDOWS\system32\Ati2evxx.exe
[05-SERVICE]**avast! Antivirus -/- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
[05-SERVICE]**CrazyRemoteServer -/- C:\Program Files\CrazyRemote\CrazyRemoteServer.exe
[05-SERVICE]**FLEXnet Licensing Service -/- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
[05-SERVICE]**hpqwmiex -/- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
[05-SERVICE]**Image Protection -/- C:\WINDOWS\ImageSAFERSvc.exe
[05-SERVICE]**napagent -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\System32\qagentrt.dll
[05-SERVICE]**NDrive Service -/- C:\Program Files\Naver\NaverNDrive\NDriveSVC.exe
[05-SERVICE]**odserv -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[05-SERVICE]**ose -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[05-SERVICE]**phqghumeay -/- C:\WINDOWS\system32\xkjtks.exe
[05-SERVICE]**RPGSvcman -/- C:\Documents and Settings\Administrator\Application Data\RapidGet\RPGSvcMan.exe
[05-SERVICE]**SmartSwitch -/- C:\Program Files\Grid Switch\SmartSwitch.exe
[05-SERVICE]**SoundMAX Agent Service (default) -/- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
[05-SERVICE]**stmwcysyyc -/- C:\WINDOWS\system32\lcnpqs.exe
[05-SERVICE]**TCCheckAgent -/- C:\Program Files\AdvTopC\TCCheckAgent.exe
[05-SERVICE]**WinHhmix32 -/- C:\WINDOWS\system32\WinHdrt32.exe
[05-SERVICE]**WLTRYSVC -/- C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe
[05-SERVICE]**Yontoo Desktop Updater -/- C:\Program Files\Yontoo\Y2Desktop.Updater.exe C:\Documents and Settings\Administrator\Application Data\Yontoo\YontooDesktop.exe