Code : PWvLEnaXZ/makGHCGHsy2qJ74hFA+YI81/BYu0MvX1F32kRNqWqaWw==

프로그램분석

Code : PWvLEnaXZ/makGHCGHsy2qJ74hFA+YI81/BYu0MvX1F32kRNqWqaWw==

프로세스 천국 2013. 7. 8. 11:02

[00-PROCESS]**BTray -/- C:\Windows\system32\BTray.exe
[00-PROCESS]**C2Setup -/- C:\WINDOWS\C2Setup.exe
[00-PROCESS]**conditionuserinfo -/- C:\WINDOWS\conditionuserinfo.exe
[00-PROCESS]**daemonu -/- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
[00-PROCESS]**FGSVC32 -/- C:\Program Files\freegu\FGSVC32.exe
[00-PROCESS]**FlashPlayerUpdateService -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00-PROCESS]**Hwp -/- C:\HNC\Hwp70\Hwp.exe
[00-PROCESS]**IEXPLORE -/- C:\Program Files\Internet Explorer\IEXPLORE.EXE
[00-PROCESS]**IMJPMIG -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
[00-PROCESS]**ispex -/- C:\Program Files\ISPSvc\ispex.exe
[00-PROCESS]**ispmgr -/- C:\Program Files\ISPSvc\ispmgr.exe
[00-PROCESS]**ispnk -/- C:\Program Files\ISPSvc\ispnk.exe
[00-PROCESS]**jqs -/- C:\Program Files\Java\jre6\bin\jqs.exe
[00-PROCESS]**metablogagent -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\MetablogNewIssues\metablogagent.exe
[00-PROCESS]**MetablogNewIssues -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\MetablogNewIssues\MetablogNewIssues.exe
[00-PROCESS]**napctr -/- C:\Program Files\ISPSvc\napctr.exe
[00-PROCESS]**natsvc -/- C:\Program Files\NAT Service\natsvc.exe
[00-PROCESS]**NBJ -/- C:\Program Files\Ahead\Nero BackItUp\NBJ.exe
[00-PROCESS]**npkcmsvc -/- C:\WINDOWS\system32\npkcmsvc.exe
[00-PROCESS]**nvsvc32 -/- C:\WINDOWS\system32\nvsvc32.exe
[00-PROCESS]**ODSERV -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[00-PROCESS]**OSE -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[00-PROCESS]**PeiheXin -/- C:\WINDOWS\system32\PeiheXin.exe
[00-PROCESS]**RtlExUpd16 -/- C:\WINDOWS\RtlExUpd16.exe
[00-PROCESS]**sibarmgr -/- C:\Program Files\addendum_sb\sibarmgr.exe
[00-PROCESS]**sibarup -/- C:\Program Files\addendum_sb\sibarup.exe
[00-PROCESS]**SMSvcHost -/- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
[00-PROCESS]**SpellerSvc -/- C:\Program Files\Speller\SpellerSvc.exe
[00-PROCESS]**tamguard -/- C:\Documents and Settings\Administrator\Application Data\theam\common\bin\tamguard.exe
[00-PROCESS]**TAMUpdate -/- C:\Documents and Settings\Administrator\Application Data\theam\common\bin\TAMUpdate.exe
[00-PROCESS]**TheAm -/- C:\Documents and Settings\Administrator\Application Data\theam\common\bin\TheAm.exe
[00-PROCESS]**TINTSETP -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
[00-PROCESS]**uphclean -/- C:\Program Files\UPHClean\uphclean.exe
[00-PROCESS]**wcbdps -/- C:\WINDOWS\system32\wcbdps.exe
[00-PROCESS]**win_aplussvc -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows aplus\win_aplussvc.exe
[00-PROCESS]**wmpnetwk -/- C:\Program Files\Windows Media Player\wmpnetwk.exe
[00-PROCESS]**ysuuwjhxen -/- C:\Documents and Settings\Administrator\Local Settings\Temp\ysuuwjhxen.exe
[01-HKCUREG]**496C9BF9 -/- C:\WINDOWS\496C9BF9\svchsot.exe
[01-HKCUREG]**640EAB2B -/- C:\WINDOWS\640EAB2B\svchsot.exe
[01-HKCUREG]**9FC45FE9 -/- C:\WINDOWS\9FC45FE9\svchsot.exe
[01-HKCUREG]**BTray -/- C:\Windows\system32\BTray.exe
[01-HKCUREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[01-HKCUREG]**FullUtilService -/- C:\Program Files\FullUtil\FullUtilService.exe run
[01-HKCUREG]**guardtam -/- C:\Documents and Settings\Administrator\Application Data\theam\common\bin\tamguard.exe
[01-HKCUREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[01-HKCUREG]**ISPSvcStart -/- C:\Program Files\ISPSvc\ispmgr.exe
[01-HKCUREG]**metablogagent -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\MetablogNewIssues\metablogagent.exe
[01-HKCUREG]**MetablogNewIssues -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\MetablogNewIssues\MetablogNewIssues.exe /byboot
[01-HKCUREG]**NBJ -/- C:\Program Files\Ahead\Nero BackItUp\NBJ.exe
[01-HKCUREG]**NvCplDaemon -/- RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dllNvStartup
[01-HKCUREG]**PeiheXin -/- C:\WINDOWS\system32\PeiheXin.exe
[01-HKCUREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[01-HKCUREG]**PHIME2002ASync -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
[01-HKCUREG]**RtlExUpd16 -/- C:\WINDOWS\RtlExUpd16.exe
[01-HKCUREG]**sibar -/- C:\Program Files\addendum_sb\sibarup.exe
[01-HKCUREG]**signkey -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\signkey\signkey.exe
[01-HKCUREG]**Speller -/- C:\Program Files\Speller\SpellerSvc.exe
[01-HKCUREG]**tamgrd -/- C:\Documents and Settings\Administrator\Application Data\theam\common\bin\TheAm.exe
[01-HKCUREG]**TheAM -/- C:\Documents and Settings\Administrator\Application Data\theam\common\bin\TAMUpdate.exe
[02-HKLMREG]**496C9BF9 -/- C:\WINDOWS\496C9BF9\svchsot.exe
[02-HKLMREG]**640EAB2B -/- C:\WINDOWS\640EAB2B\svchsot.exe
[02-HKLMREG]**9FC45FE9 -/- C:\WINDOWS\9FC45FE9\svchsot.exe
[02-HKLMREG]**BTray -/- C:\Windows\system32\BTray.exe
[02-HKLMREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[02-HKLMREG]**FullUtilService -/- C:\Program Files\FullUtil\FullUtilService.exe run
[02-HKLMREG]**guardtam -/- C:\Documents and Settings\Administrator\Application Data\theam\common\bin\tamguard.exe
[02-HKLMREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[02-HKLMREG]**ISPSvcStart -/- C:\Program Files\ISPSvc\ispmgr.exe
[02-HKLMREG]**metablogagent -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\MetablogNewIssues\metablogagent.exe
[02-HKLMREG]**MetablogNewIssues -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\MetablogNewIssues\MetablogNewIssues.exe /byboot
[02-HKLMREG]**NBJ -/- C:\Program Files\Ahead\Nero BackItUp\NBJ.exe
[02-HKLMREG]**NvCplDaemon -/- RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dllNvStartup
[02-HKLMREG]**PeiheXin -/- C:\WINDOWS\system32\PeiheXin.exe
[02-HKLMREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[02-HKLMREG]**PHIME2002ASync -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
[02-HKLMREG]**RtlExUpd16 -/- C:\WINDOWS\RtlExUpd16.exe
[02-HKLMREG]**sibar -/- C:\Program Files\addendum_sb\sibarup.exe
[02-HKLMREG]**signkey -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\signkey\signkey.exe
[02-HKLMREG]**Speller -/- C:\Program Files\Speller\SpellerSvc.exe
[02-HKLMREG]**tamgrd -/- C:\Documents and Settings\Administrator\Application Data\theam\common\bin\TheAm.exe
[02-HKLMREG]**TheAM -/- C:\Documents and Settings\Administrator\Application Data\theam\common\bin\TAMUpdate.exe
[03-BHOCLSD]**IESMon.Mon10 -/- C:\Program Files\addendum_sb\sibarim.dll -/- {36D35550-682F-4083-8E7D-1DC8708F80F8}
[03-BHOCLSD]**Java(tm) Plug-In 2 SSV Helper -/- C:\Program Files\Java\jre6\bin\jp2ssv.dll -/- {DBC80044-A445-435b-BC74-9C25C1C588A9}
[03-BHOCLSD]**Java(tm) Plug-In SSV Helper -/- C:\Program Files\Java\jre6\bin\ssv.dll -/- {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
[03-BHOCLSD]**JQSIEStartDetectorImpl Class -/- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll -/- {E7E6F031-17CE-4C07-BC86-EABFE594F69C}
[03-BHOCLSD]**N.A -/- N.A -/- {354569A1-F753-4F90-B993-6CE219F55595}
[03-BHOCLSD]**N.A -/- N.A -/- {80783E2F-7044-406B-8D1D-6F30639EBC2F}
[03-BHOCLSD]**N.A -/- N.A -/- {C3D0EC98-F75D-4F36-A1A0-87DCA5E47581}
[04-TOOLBAR]**N.A -/- N.A -/- Locked
[04-TOOLBAR]**SimilarSites -/- C:\Program Files\SimilarSites\similarsites.dll -/- {FE69C007-C452-4d3e-86D2-1730DF8BC871}
[04-TOOLBAR]**스펠러 -/- C:\Program Files\Speller\SpellerCtrl.dll -/- {41ED1FD7-8C37-4806-AF9E-D5238A30E56F}
[05-SERVICE]**AdobeFlashPlayerUpdateSvc -/- Adobe Flash Player Update Service -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[05-SERVICE]**aspnet_statea -/- ASP.NET Stata Services -/- C:\WINDOWS\system32\wcbdps.exe
[05-SERVICE]**aspnet_statesuep -/- ASP.NET State Servicesbga Transaction Coordinator Service -/- C:\Documents and Settings\Administrator\LOCALS~1\Temp\ysuuwjhxen.exe
[05-SERVICE]**FGSVC32 -/- freeguService32 -/- C:\Program Files\freegu\FGSVC32.exe
[05-SERVICE]**highspeed Update Service -/- highspeed Support Service -/- C:\WINDOWS\conditionuserinfo.exe
[05-SERVICE]**Irmon -/- Infrared Monitor -/- C:\WINDOWS\system32\svchost.exe -/- C:\WINDOWS\System32\irmon.dll
[05-SERVICE]**JavaQuickStarterService -/- Java Quick Starter -/- C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf
[05-SERVICE]**napagent -/- Network Access Protection Agent -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\System32\qagentrt.dll
[05-SERVICE]**NATService -/- NATService -/- C:\Program Files\NAT Service\natsvc.exe
[05-SERVICE]**npkcmsvc -/- npkcmsvc -/- C:\WINDOWS\system32\npkcmsvc.exe
[05-SERVICE]**NVSvc -/- NVIDIA Driver Helper Service -/- C:\WINDOWS\system32\nvsvc32.exe
[05-SERVICE]**nvUpdatusService -/- NVIDIA Update Service Daemon -/- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
[05-SERVICE]**odserv -/- Microsoft Office Diagnostics Service -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[05-SERVICE]**ose -/- Office Source Engine -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[05-SERVICE]**UPHClean -/- User Profile Hive Cleanup -/- C:\Program Files\UPHClean\uphclean.exe
[05-SERVICE]**Windows aplus -/- Windows aplus -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows aplus\win_aplussvc.exe