Code : MVDJIor+NU/EQ7lWa83VW2Xz8z+NFuwKAfRQNAJNj5A=

프로그램분석

Code : MVDJIor+NU/EQ7lWa83VW2Xz8z+NFuwKAfRQNAJNj5A=

프로세스 천국 2013. 6. 15. 10:35

[00-PROCESS]**AdobeARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[00-PROCESS]**appis -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\AppIs\appis.exe
[00-PROCESS]**Ati2evxx -/- C:\WINDOWS\system32\Ati2evxx.exe
[00-PROCESS]**cmd -/- C:\WINDOWS\system32\cmd.exe
[00-PROCESS]**e_signkey -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\signkey\e_signkey.exe
[00-PROCESS]**FlashPlayerUpdateService -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00-PROCESS]**GuardConvert -/- C:\Documents and Settings\Administrator\Application Data\GuardSupport\GuardConvert.exe
[00-PROCESS]**iexplore -/- C:\Program Files\Internet Explorer\iexplore.exe
[00-PROCESS]**IMJPMIG -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
[00-PROCESS]**IMKRMIG -/- C:\Program Files\Common Files\Microsoft Shared\IME12\IMEKR\IMKRMIG.EXE
[00-PROCESS]**ismsvc -/- C:\Program Files\Windows ISM\ismsvc.exe
[00-PROCESS]**MicroProCon -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProCon.exe
[00-PROCESS]**MicroProProc -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProProc.exe
[00-PROCESS]**msfeedssync -/- C:\WINDOWS\system32\msfeedssync.exe
[00-PROCESS]**ODSERV -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[00-PROCESS]**OSE -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[00-PROCESS]**phanim -/- C:\Documents and Settings\Administrator\Application Data\wingphanim\phanim.exe
[00-PROCESS]**phanims -/- C:\Documents and Settings\Administrator\Application Data\wingphanim\phanims.exe
[00-PROCESS]**QTTask -/- C:\Program Files\QuickTime\QTTask.exe
[00-PROCESS]**RaclSvc -/- C:\Program Files\Racl\RaclSvc.exe
[00-PROCESS]**Reader_sl -/- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
[00-PROCESS]**signkey -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\signkey\signkey.exe
[00-PROCESS]**SpellerSvc -/- C:\Program Files\Speller\SpellerSvc.exe
[00-PROCESS]**svcwsmwin -/- C:\WINDOWS\System32\svcwsmwin.exe
[00-PROCESS]**TINTSETP -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
[00-PROCESS]**tooltip -/- C:\Program Files\tooltip\tooltip.exe
[00-PROCESS]**tooltip_mon -/- C:\Program Files\tooltip\tooltip_mon.exe
[00-PROCESS]**tooltip_uc -/- C:\Program Files\tooltip\tooltip_uc.exe
[00-PROCESS]**update -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\AppIs\update.exe
[00-PROCESS]**V3LSvc -/- C:\Program Files\AhnLab\V3Lite\V3LSvc.exe
[00-PROCESS]**V3LTray -/- C:\Program Files\AhnLab\V3Lite\V3LTray.exe
[00-PROCESS]**wdrwsmsvc -/- C:\WINDOWS\System32\wdrwsmsvc.exe
[00-PROCESS]**windowsphup -/- C:\Documents and Settings\Administrator\Application Data\WindowsPurchaseHelper\windowsphup.exe
[00-PROCESS]**windowstab_mon -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\windowstab\windowstab_mon.exe
[00-PROCESS]**winmax -/- C:\Documents and Settings\Administrator\Application Data\wingphanim\winmax.exe
[00-PROCESS]**winsmex -/- C:\Program Files\WinsManager\winsmex.exe
[00-PROCESS]**wmpnetwk -/- C:\Program Files\Windows Media Player\wmpnetwk.exe
[01-HKCUREG]**Adobe ARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[01-HKCUREG]**Adobe Reader Speed Launcher -/- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
[01-HKCUREG]**AhnLab V3Lite Tray Process -/- C:\Program Files\AhnLab\V3Lite\V3LTray.exe /logon
[01-HKCUREG]**appis.exe -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\AppIs\appis.exe
[01-HKCUREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[01-HKCUREG]**FindLock -/- C:\Documents and Settings\Administrator\Application Data\FindLock\fnlag.exe
[01-HKCUREG]**GuardSupport -/- C:\Documents and Settings\Administrator\Application Data\GuardSupport\GuardConvert.exe -lGwnBLu
[01-HKCUREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[01-HKCUREG]**ISZone -/- C:\Program Files\ISZone\ISZoneUpdate.exe
[01-HKCUREG]**Korean IME Migration -/- C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
[01-HKCUREG]**Kp -/- C:\Program Files\kpupdate\kpupdate.exe
[01-HKCUREG]**MicroLabCon -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProCon.exe -zTKAOZH
[01-HKCUREG]**MicroLabProc -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProProc.exe -zTKAOZH
[01-HKCUREG]**MicroProCon -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProCon.exe -lGwnBLu
[01-HKCUREG]**MicroProProc -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProProc.exe -lGwnBLu
[01-HKCUREG]**nextray -/- C:\Program Files\nextray\nextray.exe
[01-HKCUREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[01-HKCUREG]**PHIME2002ASync -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
[01-HKCUREG]**primead.exe -/- C:\Program Files\primead\primead.exe
[01-HKCUREG]**QuickTime Task -/- C:\Program Files\QuickTime\QTTask.exe -atboottime
[01-HKCUREG]**Racl -/- C:\Program Files\Racl\RaclSvc.exe
[01-HKCUREG]**signkey -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\signkey\signkey.exe
[01-HKCUREG]**Speller -/- C:\Program Files\Speller\SpellerSvc.exe
[01-HKCUREG]**STool -/- C:\Program Files\STool\STool.exe
[01-HKCUREG]**TOOLTIP_UC -/- C:\Program Files\tooltip\tooltip_uc.exe /run
[01-HKCUREG]**TopTool -/- C:\Program Files\TopTool\TopTool.exe
[01-HKCUREG]**TopUtilService -/- C:\Program Files\TopUtil\TopUtilService.exe run
[01-HKCUREG]**update.exe -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\AppIs\update.exe
[01-HKCUREG]**WindowsPurchaseHelper -/- C:\Documents and Settings\Administrator\Application Data\WindowsPurchaseHelper\windowsphup.exe
[01-HKCUREG]**winhelp.exe -/- C:\Program Files\winhelp\winhelp.exe
[01-HKCUREG]**winmax -/- C:\Documents and Settings\Administrator\Application Data\wingphanim\winmax.exe
[02-HKLMREG]**Adobe ARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[02-HKLMREG]**Adobe Reader Speed Launcher -/- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
[02-HKLMREG]**AhnLab V3Lite Tray Process -/- C:\Program Files\AhnLab\V3Lite\V3LTray.exe /logon
[02-HKLMREG]**appis.exe -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\AppIs\appis.exe
[02-HKLMREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[02-HKLMREG]**FindLock -/- C:\Documents and Settings\Administrator\Application Data\FindLock\fnlag.exe
[02-HKLMREG]**GuardSupport -/- C:\Documents and Settings\Administrator\Application Data\GuardSupport\GuardConvert.exe -lGwnBLu
[02-HKLMREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[02-HKLMREG]**ISZone -/- C:\Program Files\ISZone\ISZoneUpdate.exe
[02-HKLMREG]**Korean IME Migration -/- C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
[02-HKLMREG]**Kp -/- C:\Program Files\kpupdate\kpupdate.exe
[02-HKLMREG]**MicroLabCon -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProCon.exe -zTKAOZH
[02-HKLMREG]**MicroLabProc -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProProc.exe -zTKAOZH
[02-HKLMREG]**MicroProCon -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProCon.exe -lGwnBLu
[02-HKLMREG]**MicroProProc -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProProc.exe -lGwnBLu
[02-HKLMREG]**nextray -/- C:\Program Files\nextray\nextray.exe
[02-HKLMREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[02-HKLMREG]**PHIME2002ASync -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
[02-HKLMREG]**primead.exe -/- C:\Program Files\primead\primead.exe
[02-HKLMREG]**QuickTime Task -/- C:\Program Files\QuickTime\QTTask.exe -atboottime
[02-HKLMREG]**Racl -/- C:\Program Files\Racl\RaclSvc.exe
[02-HKLMREG]**signkey -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\signkey\signkey.exe
[02-HKLMREG]**Speller -/- C:\Program Files\Speller\SpellerSvc.exe
[02-HKLMREG]**STool -/- C:\Program Files\STool\STool.exe
[02-HKLMREG]**TOOLTIP_UC -/- C:\Program Files\tooltip\tooltip_uc.exe /run
[02-HKLMREG]**TopTool -/- C:\Program Files\TopTool\TopTool.exe
[02-HKLMREG]**TopUtilService -/- C:\Program Files\TopUtil\TopUtilService.exe run
[02-HKLMREG]**update.exe -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\AppIs\update.exe
[02-HKLMREG]**WindowsPurchaseHelper -/- C:\Documents and Settings\Administrator\Application Data\WindowsPurchaseHelper\windowsphup.exe
[02-HKLMREG]**winhelp.exe -/- C:\Program Files\winhelp\winhelp.exe
[02-HKLMREG]**winmax -/- C:\Documents and Settings\Administrator\Application Data\wingphanim\winmax.exe
[03-BHOCLSD]**Adobe PDF Link Helper -/- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll -/- {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
[03-BHOCLSD]**N.A -/- N.A -/- {80783E2F-7044-406B-8D1D-6F30639EBC2F}
[03-BHOCLSD]**winAPUMHelper Class -/- C:\Program Files\winAPUM\winAPUM.dll -/- {48B6053A-F6EC-4A30-AF7D-1F174DE8ABE1}
[04-TOOLBAR]**스펠러 -/- C:\Program Files\Speller\SpellerCtrl.dll -/- {41ED1FD7-8C37-4806-AF9E-D5238A30E56F}
[04-TOOLBAR]**잠김영역복사 -/- C:\Program Files\Racl\RaclTB.dll -/- {BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}
[05-SERVICE]**AdobeFlashPlayerUpdateSvc -/- Adobe Flash Player Update Service -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[05-SERVICE]**asppripo -/- asppripo -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\asppripo\asppripo.dll
[05-SERVICE]**Ati HotKey Poller -/- Ati HotKey Poller -/- C:\WINDOWS\system32\Ati2evxx.exe
[05-SERVICE]**ijovcajf -/- ijovcajf -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\ijovcajf\ijovcajf.dll
[05-SERVICE]**ismsvc -/- Windows ISM -/- C:\Program Files\Windows ISM\ismsvc.exe
[05-SERVICE]**napagent -/- Network Access Protection Agent -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\System32\qagentrt.dll
[05-SERVICE]**odserv -/- Microsoft Office Diagnostics Service -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[05-SERVICE]**ose -/- Office Source Engine -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[05-SERVICE]**phanim -/- Microsoft AD WS -/- C:\Documents and Settings\Administrator\Application Data\wingphanim\phanims.exe
[05-SERVICE]**rzuvxpop -/- Tooltip Manager -/- C:\Program Files\tooltip\tooltip_mon.exe
[05-SERVICE]**V3 Lite Service -/- V3 Lite Service -/- C:\Program Files\AhnLab\V3Lite\V3LSvc.exe
[05-SERVICE]**Windows WinsManager Diagnostics Service -/- Windows WinsManager Diagnostics Service -/- C:\WINDOWS\System32\wdrwsmsvc.exe
[05-SERVICE]**WindowsDriver -/- WindowsDriver -/- C:\WINDOWS\system32\svchost.exe -/- C:\WINDOWS\system32\WindowsDriver.dll
[05-SERVICE]**windowstab_mon -/- Windows Tab Manager -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\windowstab\windowstab_mon.exe
[05-SERVICE]**WinsManager Service -/- WinsManager Service -/- C:\WINDOWS\System32\svcwsmwin.exe