Code : 1G0AxShM2Ub4TsToSN5kX+iHUbmdpFdYyfdg2M8HZzGuvVP1f4pWJQ==

프로그램분석

Code : 1G0AxShM2Ub4TsToSN5kX+iHUbmdpFdYyfdg2M8HZzGuvVP1f4pWJQ==

프로세스 천국 2013. 6. 9. 11:47

[00-PROCESS]**AppleMobileDeviceService -/- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
[00-PROCESS]**armsvc -/- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
[00-PROCESS]**chrome -/- C:\Program Files\Google\Chrome\Application\chrome.exe
[00-PROCESS]**DaumCleanerService -/- C:\Program Files\Daum\Cleaner\DaumCleanerService.exe
[00-PROCESS]**DaumStationService -/- C:\Program Files\Daum\DaumStation\DaumStationService.exe
[00-PROCESS]**DefaultTabSearch -/- C:\Program Files\DefaultTab\DefaultTabSearch.exe
[00-PROCESS]**DTUpdate -/- C:\Users\Administrator\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
[00-PROCESS]**FileDoumiUpgrade -/- C:\Users\Administrator\AppData\Roaming\FileDoumi\FileDoumiUpgrade.exe
[00-PROCESS]**filedoumiuphp -/- c:\Users\Administrator\appdata\roaming\filedoumi\filedoumiuphp.exe
[00-PROCESS]**FlashPlayerUpdateService -/- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00-PROCESS]**fsssvc -/- C:\Program Files\Windows Live\Family Safety\fsssvc.exe
[00-PROCESS]**GoogleUpdate -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[00-PROCESS]**hkcmd -/- C:\Windows\system32\hkcmd.exe
[00-PROCESS]**hpqSRMon -/- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
[00-PROCESS]**HpqSRmon -/- C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
[00-PROCESS]**hsssrv -/- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
[00-PROCESS]**HssTrayService -/- C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
[00-PROCESS]**hsswd -/- C:\Program Files\Hotspot Shield\bin\hsswd.exe
[00-PROCESS]**ImageSAFERSvc -/- C:\Windows\ImageSAFERSvc.exe
[00-PROCESS]**infocard -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
[00-PROCESS]**InstHelper -/- C:\Program Files\ESTsoft\ALToolBar\InstHelper.exe
[00-PROCESS]**iPodService -/- C:\Program Files\iPod\bin\iPodService.exe
[00-PROCESS]**IProsetMonitor -/- C:\Windows\system32\IProsetMonitor.exe
[00-PROCESS]**isvsrv -/- C:\Program Files\ISafesvc\isvsrv.exe
[00-PROCESS]**mDNSResponder -/- C:\Program Files\Bonjour\mDNSResponder.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
[00-PROCESS]**MsMpEng -/- C:\Program Files\Microsoft Security Client\MsMpEng.exe
[00-PROCESS]**msseces -/- C:\Program Files\Microsoft Security Client\msseces.exe
[00-PROCESS]**napsvc -/- C:\Program Files\ISafesvc\napsvc.exe
[00-PROCESS]**nateon -/- c:\program files\nateon\bin\nateon.exe
[00-PROCESS]**NATEONMain -/- C:\Program Files\NATEON\BIN\NATEONMain.exe
[00-PROCESS]**netsession_win -/- C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe
[00-PROCESS]**NisSrv -/- C:\Program Files\Microsoft Security Client\NisSrv.exe
[00-PROCESS]**npkcmsvc -/- C:\Windows\system32\npkcmsvc.exe
[00-PROCESS]**npkfxsvc -/- C:\Windows\system32\npkfxsvc.exe
[00-PROCESS]**nvvsvc -/- C:\Windows\system32\nvvsvc.exe
[00-PROCESS]**ODSERV -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[00-PROCESS]**Opentab -/- C:\Users\Administrator\AppData\Roaming\OpenTab\Opentab.exe
[00-PROCESS]**Opentabhper -/- C:\Users\Administrator\AppData\Roaming\Opentab\Opentabhper.exe
[00-PROCESS]**Opentabhper -/- C:\Users\Administrator\AppData\Roaming\OpenTab\Opentabhper.exe
[00-PROCESS]**opentabup -/- c:\Users\Administrator\appdata\roaming\opentab\opentabup.exe
[00-PROCESS]**openvpnas -/- C:\Program Files\Hotspot Shield\bin\openvpnas.exe
[00-PROCESS]**OSE -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[00-PROCESS]**PresentationFontCache -/- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
[00-PROCESS]**ProcService -/- C:\Users\Administrator\Documents\ProcessClean\ProcService.exe
[00-PROCESS]**RAVCpl64 -/- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
[00-PROCESS]**RPGSvcMan -/- C:\Users\Administrator\AppData\Roaming\RapidGet\RPGSvcMan.exe
[00-PROCESS]**sfencertsvc -/- C:\Program Files\safe fence\sfencertsvc.exe
[00-PROCESS]**SMSvcHost -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
[00-PROCESS]**SpellerSvc -/- C:\Program Files\Speller\SpellerSvc.exe
[00-PROCESS]**SsDdosSvcV -/- C:\Windows\SoftSecurity\TouchEn\Safe\AntiDDOSPro\SsDdosSvcV.exe
[00-PROCESS]**userconfigwinreset -/- C:\Windows\userconfigwinreset.exe
[00-PROCESS]**V3LSvc -/- C:\Program Files\AhnLab\V3Lite\V3LSvc.exe
[00-PROCESS]**v3ltray -/- C:\Program Files\AhnLab\V3Lite\v3ltray.exe
[00-PROCESS]**V3LTray -/- C:\Program Files\AhnLab\V3Lite\V3LTray.exe
[00-PROCESS]**WatAdminSvc -/- C:\Windows\system32\Wat\WatAdminSvc.exe
[00-PROCESS]**wlcrasvc -/- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
[00-PROCESS]**WLIDSVC -/- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
[00-PROCESS]**wmpnetwk -/- C:\Program Files\Windows Media Player\wmpnetwk.exe
[01-HKCUREG]**AhnLab V3Lite Tray Process -/- C:\Program Files\AhnLab\V3Lite\V3LTray.exe /logon
[01-HKCUREG]**Akamai NetSession Interface -/- C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe
[01-HKCUREG]**ALToolBar -/- C:\Program Files\ESTsoft\ALToolBar\InstHelper.exe -boot
[01-HKCUREG]**FDoumiStart -/- C:\Users\Administrator\AppData\Roaming\FileDoumi\FileDoumiUpgrade.exe
[01-HKCUREG]**FDoumiup2Start -/- c:\Users\Administrator\appdata\roaming\filedoumi\filedoumiuphp.exe
[01-HKCUREG]**HotKeysCmds -/- C:\Windows\system32\hkcmd.exe
[01-HKCUREG]**hpqSRMon -/- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
[01-HKCUREG]**MSC -/- C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey
[01-HKCUREG]**NATEON -/- c:\program files\nateon\bin\nateon.exe -as
[01-HKCUREG]**Opentab -/- C:\Users\Administrator\AppData\Roaming\OpenTab\Opentabhper.exe
[01-HKCUREG]**Opentabhper -/- C:\Users\Administrator\AppData\Roaming\Opentab\Opentabhper.exe
[01-HKCUREG]**Opentabup -/- c:\Users\Administrator\appdata\roaming\opentab\opentabup.exe
[01-HKCUREG]**ProcessClean -/- C:\Program Files\ProcessClean\ProcessClean.exe
[01-HKCUREG]**RtHDVCpl -/- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
[01-HKCUREG]**Speller -/- C:\Program Files\Speller\SpellerSvc.exe
[02-HKLMREG]**AhnLab V3Lite Tray Process -/- C:\Program Files\AhnLab\V3Lite\V3LTray.exe /logon
[02-HKLMREG]**Akamai NetSession Interface -/- C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe
[02-HKLMREG]**ALToolBar -/- C:\Program Files\ESTsoft\ALToolBar\InstHelper.exe -boot
[02-HKLMREG]**FDoumiStart -/- C:\Users\Administrator\AppData\Roaming\FileDoumi\FileDoumiUpgrade.exe
[02-HKLMREG]**FDoumiup2Start -/- c:\Users\Administrator\appdata\roaming\filedoumi\filedoumiuphp.exe
[02-HKLMREG]**HotKeysCmds -/- C:\Windows\system32\hkcmd.exe
[02-HKLMREG]**hpqSRMon -/- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
[02-HKLMREG]**MSC -/- C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey
[02-HKLMREG]**NATEON -/- c:\program files\nateon\bin\nateon.exe -as
[02-HKLMREG]**Opentab -/- C:\Users\Administrator\AppData\Roaming\OpenTab\Opentabhper.exe
[02-HKLMREG]**Opentabhper -/- C:\Users\Administrator\AppData\Roaming\Opentab\Opentabhper.exe
[02-HKLMREG]**Opentabup -/- c:\Users\Administrator\appdata\roaming\opentab\opentabup.exe
[02-HKLMREG]**ProcessClean -/- C:\Program Files\ProcessClean\ProcessClean.exe
[02-HKLMREG]**RtHDVCpl -/- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
[02-HKLMREG]**Speller -/- C:\Program Files\Speller\SpellerSvc.exe
[03-BHOCLSD]**ALToolbarBho -/- C:\Program Files\ESTsoft\ALToolBar\ALToolBar_3100.dll -/- {7F1A79F9-78D1-4186-9F60-EE0B63DF042A}
[03-BHOCLSD]**GretechBHO Class -/- C:\Program Files\GRETECH\GomPicker\GomPickerBHO.dll -/- {F0181C6E-9218-4792-9F3C-E8DF52B2F1AC}
[03-BHOCLSD]**Hotspot Shield Class -/- C:\Program Files\Hotspot Shield\HssIE\HssIE_64.dll -/- {F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
[03-BHOCLSD]**N.A -/- N.A -/- {27360831-6138-4CC5-A6CD-877981C67625}
[03-BHOCLSD]**N.A -/- N.A -/- {FFDE727F-3330-45EB-B9F9-C1668E6E08B2}
[03-BHOCLSD]**TouchEn safe Toolbar Loader x64 -/- C:\Windows\SoftSecurity\TouchEn\Safe\bin\TouchEnsafeToolbar64.dll -/- {AD65D410-9475-41eb-B0BB-4B75F2967B13}
[03-BHOCLSD]**Windows Live ID Sign-in Helper -/- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll -/- {9030D464-4C02-4ABF-8ECC-5164760863C6}
[03-BHOCLSD]**오픈탭 -/- C:\Users\Administrator\AppData\Roaming\OpenTab\OpenTab.dll -/- {DA742A73-CFA7-4DE2-BF28-1FC51CF214BC}
[04-TOOLBAR]**ALToolBar -/- C:\Program Files\ESTsoft\ALToolBar\ALToolBar_3100.dll -/- {38FBE93D-4CA1-4414-AF6A-94920C5BD8DA}
[04-TOOLBAR]**N.A -/- N.A -/- {95080B13-AA71-4EE8-B951-7E98221E1ED5}
[04-TOOLBAR]**N.A -/- N.A -/- Locked
[04-TOOLBAR]**TouchEn safe Toolbar x64 -/- C:\Windows\SoftSecurity\TouchEn\Safe\bin\TouchEnsafeToolbar64.dll -/- {1779B635-3C29-499f-A21D-E67325A1A777}
[04-TOOLBAR]**스펠러 -/- C:\Program Files\Speller\SpellerCtrl.dll -/- {41ED1FD7-8C37-4806-AF9E-D5238A30E56F}
[05-SERVICE]**AdobeARMservice -/- Adobe Acrobat Update Service -/- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
[05-SERVICE]**AdobeFlashPlayerUpdateSvc -/- Adobe Flash Player Update Service -/- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[05-SERVICE]**Apple Mobile Device -/- Apple Mobile Device -/- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
[05-SERVICE]**Bonjour Service -/- Bonjour 서비스 -/- C:\Program Files\Bonjour\mDNSResponder.exe
[05-SERVICE]**DaumCleanerService -/- DaumCleanerService -/- C:\Program Files\Daum\Cleaner\DaumCleanerService.exe
[05-SERVICE]**DaumStationService -/- DaumStationService -/- C:\Program Files\Daum\DaumStation\DaumStationService.exe
[05-SERVICE]**DefaultTabSearch -/- DefaultTabSearch -/- C:\Program Files\DefaultTab\DefaultTabSearch.exe
[05-SERVICE]**DefaultTabUpdate -/- DefaultTabUpdate -/- C:\Users\Administrator\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
[05-SERVICE]**fsssvc -/- Windows Live Family Safety Service -/- C:\Program Files\Windows Live\Family Safety\fsssvc.exe
[05-SERVICE]**gupdate -/- Google 업데이트 서비스 (gupdate) -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**gupdatem -/- Google 업데이트 서비스 (gupdatem) -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**hpqcxs08 -/- hpqcxs08 -/- C:\Windows\system32\svchost.exe -/- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
[05-SERVICE]**hpqddsvc -/- HP CUE DeviceDiscovery 서비스 -/- C:\Windows\system32\svchost.exe -/- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
[05-SERVICE]**HPSLPSVC -/- HP Network Devices Support -/- C:\Windows\system32\svchost.exe -/- C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC64.DLL
[05-SERVICE]**hshld -/- Hotspot Shield Service -/- C:\Program Files\Hotspot Shield\bin\openvpnas.exe
[05-SERVICE]**HssSrv -/- Hotspot Shield Routing Service -/- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
[05-SERVICE]**HssTrayService -/- Hotspot Shield Tray Service -/- C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
[05-SERVICE]**HssWd -/- Hotspot Shield Monitoring Service -/- C:\Program Files\Hotspot Shield\bin\hsswd.exe
[05-SERVICE]**Image Protection -/- Image Protect Service -/- C:\Windows\ImageSAFERSvc.exe
[05-SERVICE]**Intel(R) PROSet Monitoring Service -/- Intel(R) PROSet Monitoring Service -/- C:\Windows\system32\IProsetMonitor.exe
[05-SERVICE]**Internet Security ISvrAuthService -/- Internet Security ISafesvr Authorization Service -/- C:\Program Files\ISafesvc\isvsrv.exe
[05-SERVICE]**iPod Service -/- iPod 서비스 -/- C:\Program Files\iPod\bin\iPodService.exe
[05-SERVICE]**lmhosts -/- TCP/IP NetBIOS Helper -/- C:\Windows\system32\svchost.exe -/- C:\Windows\System32\lltdsvc.dll
[05-SERVICE]**MsMpSvc -/- Microsoft Antimalware Service -/- C:\Program Files\Microsoft Security Client\MsMpEng.exe
[05-SERVICE]**multiboan Update Service -/- multiboan Support Service -/- C:\Windows\userconfigwinreset.exe
[05-SERVICE]**napsvc -/- Windows NAP -/- C:\Program Files\ISafesvc\napsvc.exe
[05-SERVICE]**NDrive Service -/- NDrive Service -/- C:\Program Files\Naver\NaverNDrive\NDriveSVC.exe
[05-SERVICE]**Net Driver HPZ12 -/- Net Driver HPZ12 -/- C:\Windows\System32\svchost.exe -/- C:\Windows\system32\HPZinw12.dll
[05-SERVICE]**NetTcpPortSharing -/- Net.Tcp Port Sharing Service -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
[05-SERVICE]**NisSrv -/- Microsoft 네트워크 검사 -/- C:\Program Files\Microsoft Security Client\NisSrv.exe
[05-SERVICE]**NlaSvc -/- Network Location Awareness -/- C:\Windows\System32\svchost.exe
[05-SERVICE]**NoPhishing -/- NoPhishing -/- C:\Users\Administrator\SoftRun\NoPhishing\NPNTService
[05-SERVICE]**npggsvc -/- nProtect GameGuard Service -/- C:\Windows\system32\GameMon.des -service
[05-SERVICE]**npkcmsvc -/- npkcmsvc -/- C:\Windows\system32\npkcmsvc.exe
[05-SERVICE]**npkfxsvc -/- npkfxsvc -/- C:\Windows\system32\npkfxsvc.exe
[05-SERVICE]**nPStarterSVC -/- nProtect Starter -/- C:\Windows\system32\nPStarterSVC.exe
[05-SERVICE]**nsi -/- Network Store Interface Service -/- C:\Windows\system32\svchost.exe
[05-SERVICE]**nvsvc -/- NVIDIA Display Driver Service -/- C:\Windows\system32\nvvsvc.exe
[05-SERVICE]**odserv -/- Microsoft Office Diagnostics Service -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[05-SERVICE]**ose -/- Office Source Engine -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[05-SERVICE]**pdfexportsvc -/- PDF Export Service -/- C:\Windows\system32\PDFExport20.exe
[05-SERVICE]**PerfHost -/- Performance Counter DLL Host -/- C:\Windows\system32\perfhost.exe
[05-SERVICE]**Pml Driver HPZ12 -/- Pml Driver HPZ12 -/- C:\Windows\System32\svchost.exe -/- C:\Windows\system32\HPZipm12.dll
[05-SERVICE]**Process Clean Service -/- Process Clean Service -/- C:\Users\Administrator\Documents\ProcessClean\ProcService.exe
[05-SERVICE]**RPGSvcman -/- RPGSvcman -/- C:\Users\Administrator\AppData\Roaming\RapidGet\RPGSvcMan.exe
[05-SERVICE]**SafefenceRtSvc -/- Safe fence Realtime Agent Service -/- C:\Program Files\safe fence\sfencertsvc.exe
[05-SERVICE]**TouchEnSvc -/- TouchEnSvc -/- C:\Windows\SoftSecurity\TouchEn\Safe\AntiDDOSPro\SsDdosSvcV.exe
[05-SERVICE]**V3 Lite Service -/- V3 Lite Service -/- C:\Program Files\AhnLab\V3Lite\V3LSvc.exe
[05-SERVICE]**Windows MineService Update Class___1.1.39.0 -/- Windows MineService Update Class (ym) -/- C:\Program Files\ModenKuc\mdkucymsvc.exe
[05-SERVICE]**wlcrasvc -/- Windows Live Mesh remote connections service -/- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
[05-SERVICE]**wlidsvc -/- Windows Live ID Sign-in Assistant -/- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE