프로그램분석

Code : 3tZcgpJNI3v9gus3x6lNpSGRakM0NndX2VEuojl6BDv7Vs7a9R3V+A==

프로세스 천국 2013. 5. 31. 21:21

[00-PROCESS]**aspnet_state -/- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe
[00-PROCESS]**ccApp -/- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
[00-PROCESS]**ccSvcHst -/- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
[00-PROCESS]**DFSRs -/- C:\Windows\system32\DFSRs.exe
[00-PROCESS]**dfssvc -/- C:\Windows\system32\dfssvc.exe
[00-PROCESS]**dns -/- C:\Windows\system32\dns.exe
[00-PROCESS]**GoogleUpdate -/- C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe
[00-PROCESS]**gserver -/- C:\Program Files\Windows NT\gserver.exe
[00-PROCESS]**iashost -/- C:\Windows\system32\iashost.exe
[00-PROCESS]**IBMWASR -/- C:\Windows\system32\IBMWASR.EXE
[00-PROCESS]**inetinfo -/- C:\Windows\system32\inetsrv\inetinfo.exe
[00-PROCESS]**infocard -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
[00-PROCESS]**ismserv -/- C:\Windows\System32\ismserv.exe
[00-PROCESS]**ksbinstaller_s_66_53586 -/- C:\WINDOWS\web\ksbinstaller_s_66_53586.exe
[00-PROCESS]**LogonUI -/- C:\Windows\system32\LogonUI.exe
[00-PROCESS]**LUCOMS~1 -/- C:\Program Files\Symantec\LiveUpdate\LUCOMS~1.EXE
[00-PROCESS]**Microsoft.ActiveDirectory.WebServices -/- C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe
[00-PROCESS]**MsDtsSrvr -/- C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe
[00-PROCESS]**msmdsrv -/- C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe
[00-PROCESS]**nfsclnt -/- C:\Windows\system32\nfsclnt.exe
[00-PROCESS]**nfssvc -/- C:\Windows\system32\nfssvc.exe
[00-PROCESS]**ntfrs -/- C:\Windows\system32\ntfrs.exe
[00-PROCESS]**OSE -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[00-PROCESS]**OSPPSVC -/- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
[00-PROCESS]**PresentationFontCache -/- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
[00-PROCESS]**ProtectionUtilSurrogate -/- C:\Program Files\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
[00-PROCESS]**rdpclip -/- C:\Windows\System32\rdpclip.exe
[00-PROCESS]**rqs -/- C:\Windows\system32\rqs.exe
[00-PROCESS]**RSoPProv -/- C:\Windows\system32\RSoPProv.exe
[00-PROCESS]**Rtvscan -/- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
[00-PROCESS]**SavUI -/- C:\Program Files\Symantec\Symantec Endpoint Protection\SavUI.exe
[00-PROCESS]**smbhash -/- C:\Windows\System32\smbhash.exe
[00-PROCESS]**Smc -/- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
[00-PROCESS]**SmcGui -/- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
[00-PROCESS]**SMSvcHost -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
[00-PROCESS]**SNAC64 -/- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC64.EXE
[00-PROCESS]**sqladhlp90 -/- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
[00-PROCESS]**SQLAGENT90 -/- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE
[00-PROCESS]**sqlbrowser -/- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
[00-PROCESS]**sqlservr -/- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
[00-PROCESS]**sqlwriter -/- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
[00-PROCESS]**srmhost -/- C:\Windows\system32\srmhost.exe
[00-PROCESS]**svchost -/- C:\Users\Administrator\Pictures\svchost.exe
[00-PROCESS]**SymCorpUI -/- C:\Program Files\Symantec\Symantec Endpoint Protection\SymCorpUI.exe
[00-PROCESS]**vmms -/- C:\Windows\system32\vmms.exe
[00-PROCESS]**w3wp -/- c:\windows\system32\inetsrv\w3wp.exe
[00-PROCESS]**wins -/- C:\Windows\System32\wins.exe
[01-HKCUREG]**360xxd -/- C:\WINDOWS\web\ksbinstaller_s_66_53586.exe
[01-HKCUREG]**baidu56g -/- C:\WINDOWS\web\ksbinstaller_s_66_53586.exe
[01-HKCUREG]**ccApp -/- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
[01-HKCUREG]**Google Update -/- C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe /c
[01-HKCUREG]**gserver -/- C:\Program Files\Windows NT\gserver.exe
[01-HKCUREG]**QLogicSaveSystemInfo -/- rundll32.exe qlco1009.dllQLSaveSystemInfo
[01-HKCUREG]**WJNews_2013523 -/- C:\Program Files\Wuji\2013523\WJNews.exe -mini
[01-HKCUREG]**WujiPlayer_2013523 -/- C:\Program Files\Wuji\2013523\WujiPlayer.exe -mini
[02-HKLMREG]**360xxd -/- C:\WINDOWS\web\ksbinstaller_s_66_53586.exe
[02-HKLMREG]**baidu56g -/- C:\WINDOWS\web\ksbinstaller_s_66_53586.exe
[02-HKLMREG]**ccApp -/- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
[02-HKLMREG]**Google Update -/- C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe /c
[02-HKLMREG]**gserver -/- C:\Program Files\Windows NT\gserver.exe
[02-HKLMREG]**QLogicSaveSystemInfo -/- rundll32.exe qlco1009.dllQLSaveSystemInfo
[02-HKLMREG]**WJNews_2013523 -/- C:\Program Files\Wuji\2013523\WJNews.exe -mini
[02-HKLMREG]**WujiPlayer_2013523 -/- C:\Program Files\Wuji\2013523\WujiPlayer.exe -mini
[03-BHOCLSD]**·çÐÐÊÓƵ²¥·Å¼°ÏÂÔØ×é¼þ -/- C:\Users\Administrator\funshion\funshiontools\FunshionHelper.dll -/- {4ADBABBD-E1CA-4f11-BD01-73B0B6E4B5BA}
[03-BHOCLSD]**Office Document Cache Handler -/- C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL -/- {B4F3A835-0E21-4959-BA22-42B3008E02FF}
[03-BHOCLSD]**Office Document Cache Handler -/- C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL -/- {B4F3A835-0E21-4959-BA22-42B3008E02FF}
[05-SERVICE]**ADWS -/- Active Directory Web Services -/- C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe
[05-SERVICE]**AppHostSvc -/- Application Host Helper Service -/- C:\Windows\system32\svchost.exe -/- C:\Windows\system32\inetsrv\apphostsvc.dll
[05-SERVICE]**aspnet_state -/- ASP.NET State Service -/- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe
[05-SERVICE]**ccEvtMgr -/- Symantec Event Manager -/- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
[05-SERVICE]**ccSetMgr -/- Symantec Settings Manager -/- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
[05-SERVICE]**Dfs -/- DFS Namespace -/- C:\Windows\system32\dfssvc.exe
[05-SERVICE]**DFSR -/- DFS Replication -/- C:\Windows\system32\DFSRs.exe
[05-SERVICE]**DHCPServer -/- DHCP Server -/- C:\Windows\system32\svchost.exe -/- C:\Windows\System32\dhcpssvc.dll
[05-SERVICE]**DNS -/- DNS Server -/- C:\Windows\system32\dns.exe
[05-SERVICE]**FCRegSvc -/- Microsoft Fibre Channel Platform Registration Service -/- C:\Windows\system32\svchost.exe -/- C:\Windows\system32\FCRegSvc.dll
[05-SERVICE]**FontCache -/- Windows Font Cache Service -/- C:\Windows\system32\svchost.exe -/- C:\Windows\system32\FntCache.dll
[05-SERVICE]**FunshionSvr -/- FSServicePlatform -/- C:\Windows\System32\svchost.exe -/- C:\Users\Administrator\funshion\funshiontools\FunshionSvr.dll
[05-SERVICE]**IAS -/- Network Policy Server -/- C:\Windows\System32\svchost.exe -/- C:\Windows\System32\ias.dll
[05-SERVICE]**ibmwasr -/- IBM Automatic Server Restart Service for IPMI -/- C:\Windows\system32\IBMWASR.EXE -255
[05-SERVICE]**IISADMIN -/- IIS Admin Service -/- C:\Windows\system32\inetsrv\inetinfo.exe
[05-SERVICE]**IsmServ -/- Intersite Messaging -/- C:\Windows\System32\ismserv.exe
[05-SERVICE]**kdc -/- Kerberos Key Distribution Center -/- C:\Windows\System32\lsass.exe
[05-SERVICE]**LiveUpdate -/- LiveUpdate -/- C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
[05-SERVICE]**MsDtsServer -/- SQL Server Integration Services -/- C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe
[05-SERVICE]**msftesql -/- SQL Server FullText Search (MSSQLSERVER) -/- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe -s:MSSQL.1 -f:MSSQLSERVER
[05-SERVICE]**MSSQLSERVER -/- SQL Server (MSSQLSERVER) -/- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -sMSSQLSERVER
[05-SERVICE]**MSSQLServerADHelper -/- SQL Server Active Directory Helper -/- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
[05-SERVICE]**MSSQLServerOLAPService -/- SQL Server Analysis Services (MSSQLSERVER) -/- C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe -s C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\Config
[05-SERVICE]**NetTcpPortSharing -/- Net.Tcp Port Sharing Service -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
[05-SERVICE]**NfsClnt -/- Client for NFS -/- C:\Windows\system32\nfsclnt.exe
[05-SERVICE]**NfsService -/- Server for NFS -/- C:\Windows\system32\nfssvc.exe
[05-SERVICE]**NTDS -/- Active Directory Domain Services -/- C:\Windows\System32\lsass.exe
[05-SERVICE]**NtFrs -/- File Replication -/- C:\Windows\system32\ntfrs.exe
[05-SERVICE]**nvspwmi -/- Hyper-V Networking Management Service -/- C:\Windows\system32\svchost -k nvspwmi -/- C:\Windows\system32\nvspwmi.dll
[05-SERVICE]**ose -/- Office  Source Engine -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[05-SERVICE]**osppsvc -/- Office Software Protection Platform -/- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
[05-SERVICE]**PerfHost -/- Performance Counter DLL Host -/- C:\Windows\system32\perfhost.exe
[05-SERVICE]**Print Device Synchronization -/- Print Device Synchronization -/- C:\Users\Administrator\Pictures\svchost.exe
[05-SERVICE]**rqs -/- Remote Access Quarantine Agent -/- C:\Windows\system32\rqs.exe
[05-SERVICE]**RSoPProv -/- Resultant Set of Policy Provider -/- C:\Windows\system32\RSoPProv.exe
[05-SERVICE]**sacsvr -/- Special Administration Console Helper -/- C:\Windows\System32\svchost.exe -/- C:\Windows\system32\sacsvr.dll
[05-SERVICE]**SmbHash -/- SMB Hash Generation Service -/- C:\Windows\System32\smbhash.exe
[05-SERVICE]**SmcService -/- Symantec Management Client -/- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
[05-SERVICE]**SNAC -/- Symantec Network Access Control -/- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC64.EXE
[05-SERVICE]**SQLBrowser -/- SQL Server Browser -/- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
[05-SERVICE]**SQLSERVERAGENT -/- SQL Server Agent (MSSQLSERVER) -/- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE -i MSSQLSERVER
[05-SERVICE]**SQLWriter -/- SQL Server VSS Writer -/- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
[05-SERVICE]**SrmReports -/- File Server Storage Reports Manager -/- C:\Windows\system32\srmhost.exe
[05-SERVICE]**SrmSvc -/- File Server Resource Manager -/- C:\Windows\system32\svchost -k srmsvcs -/- C:\Windows\system32\srmsvc.dll
[05-SERVICE]**Symantec AntiVirus -/- Symantec Endpoint Protection -/- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
[05-SERVICE]**TapiSrv -/- Telephony -/- C:\Windows\System32\svchost.exe -/- C:\Windows\System32\tapisrv.dll
[05-SERVICE]**TermService -/- Remote Desktop Services -/- C:\Windows\System32\svchost.exe -/- C:\Windows\System32\termsrv.dll
[05-SERVICE]**vhdsvc -/- Hyper-V Image Management Service -/- C:\Windows\system32\svchost -k virtsvcs -/- C:\Windows\system32\vhdsvc.dll
[05-SERVICE]**vmms -/- Hyper-V Virtual Machine Management -/- C:\Windows\system32\vmms.exe
[05-SERVICE]**W3SVC -/- World Wide Web Publishing Service -/- C:\Windows\system32\svchost.exe -/- C:\Windows\system32\inetsrv\iisw3adm.dll
[05-SERVICE]**WAS -/- Windows Process Activation Service -/- C:\Windows\system32\svchost.exe -/- C:\Windows\system32\inetsrv\iisw3adm.dll
[05-SERVICE]**WINS -/- WINS -/- C:\Windows\System32\wins.exe