Code : 38xZAD8l4m8q8VJCag+ilzwhX1/FLoRmUbbf2ISfYQY=

프로그램분석

Code : 38xZAD8l4m8q8VJCag+ilzwhX1/FLoRmUbbf2ISfYQY=

프로세스 천국 2013. 7. 30. 12:01

[00-PROCESS]**alg -/- C:\Windows\System32\alg.exe
[00-PROCESS]**boanfile -/- C:\Program Files\boanfile\boanfile.exe
[00-PROCESS]**boanfilecnt -/- C:\Users\Administrator\AppData\Roaming\boanfile\boanfilecnt.exe
[00-PROCESS]**boanfilemon -/- C:\Program Files\boanfile\boanfilemon.exe
[00-PROCESS]**boanfilesvc -/- C:\Program Files\boanfile\boanfilesvc.exe
[00-PROCESS]**csrss -/- C:\Windows\system32\csrss.exe
[00-PROCESS]**dllhost -/- C:\Windows\system32\dllhost.exe
[00-PROCESS]**Dwm -/- C:\Windows\system32\Dwm.exe
[00-PROCESS]**e_signkey -/- C:\Users\Administrator\AppData\Local\signkey\e_signkey.exe
[00-PROCESS]**ehRecvr -/- C:\Windows\ehome\ehRecvr.exe
[00-PROCESS]**ehsched -/- C:\Windows\ehome\ehsched.exe
[00-PROCESS]**enumerate_gtu -/- C:\Program Files\enumerate\gt\enumerate_gtu.exe
[00-PROCESS]**enumst -/- C:\Program Files\enumerate\gt\enumst.exe
[00-PROCESS]**Explorer -/- C:\Windows\Explorer.EXE
[00-PROCESS]**fxssvc -/- C:\Windows\system32\fxssvc.exe
[00-PROCESS]**IDCLauncher -/- C:\Program Files\IDCLauncher\IDCLauncher.exe
[00-PROCESS]**infocard -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
[00-PROCESS]**InsideTool -/- C:\Program Files\InsideTool\InsideTool.exe
[00-PROCESS]**koreamessenger_CP -/- C:\Program Files\KoreaMessenger CP\koreamessenger_CP.exe
[00-PROCESS]**koreamessenger_CP_updater -/- C:\Program Files\KoreaMessenger CP\koreamessenger_CP_updater.exe
[00-PROCESS]**locator -/- C:\Windows\system32\locator.exe
[00-PROCESS]**lsass -/- C:\Windows\system32\lsass.exe
[00-PROCESS]**lsm -/- C:\Windows\system32\lsm.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
[00-PROCESS]**msdtc -/- C:\Windows\System32\msdtc.exe
[00-PROCESS]**msiexec -/- C:\Windows\system32\msiexec.exe
[00-PROCESS]**perfhost -/- C:\Windows\system32\perfhost.exe
[00-PROCESS]**Prepodo -/- C:\Users\Administrator\AppData\Roaming\Prepodo\Prepodo.exe
[00-PROCESS]**PrepodoRep -/- C:\Users\Administrator\AppData\Roaming\Prepodo\PrepodoRep.exe
[00-PROCESS]**PrepodoSvr -/- C:\Users\Administrator\AppData\Roaming\Prepodo\PrepodoSvr.exe
[00-PROCESS]**PresentationFontCache -/- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
[00-PROCESS]**RaclSvc -/- C:\Program Files\Racl\RaclSvc.exe
[00-PROCESS]**RaclUninst -/- C:\Program Files\Racl\RaclUninst.exe
[00-PROCESS]**SearchIndexer -/- C:\Windows\system32\SearchIndexer.exe
[00-PROCESS]**serbarmgr -/- C:\Users\Administrator\AppData\Roaming\addendum_sb\serbarmgr.exe
[00-PROCESS]**serbarup -/- C:\Users\Administrator\AppData\Roaming\addendum_sb\serbarup.exe
[00-PROCESS]**services -/- C:\Windows\system32\services.exe
[00-PROCESS]**signkey -/- C:\Users\Administrator\AppData\Local\signkey\signkey.exe
[00-PROCESS]**skun -/- C:\Users\Administrator\AppData\Local\signkey\skun.exe
[00-PROCESS]**snmptrap -/- C:\Windows\System32\snmptrap.exe
[00-PROCESS]**spoolsv -/- C:\Windows\System32\spoolsv.exe
[00-PROCESS]**sppsvc -/- C:\Windows\system32\sppsvc.exe
[00-PROCESS]**STool -/- C:\Program Files\STool\STool.exe
[00-PROCESS]**svchost -/- C:\Windows\system32\svchost.exe
[00-PROCESS]**taskhost -/- C:\Windows\system32\taskhost.exe
[00-PROCESS]**TPAutoConnSvc -/- C:\Program Files\VMware\VMware Tools\TPAutoConnSvc.exe
[00-PROCESS]**TPVCGateway -/- C:\Program Files\VMware\VMware Tools\TPVCGateway.exe
[00-PROCESS]**Trendpopup -/- C:\Program Files\Trendpopup\Trendpopup.exe
[00-PROCESS]**TrustedInstaller -/- C:\Windows\servicing\TrustedInstaller.exe
[00-PROCESS]**UI0Detect -/- C:\Windows\system32\UI0Detect.exe
[00-PROCESS]**vds -/- C:\Windows\System32\vds.exe
[00-PROCESS]**vmtoolsd -/- C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
[00-PROCESS]**vssvc -/- C:\Windows\system32\vssvc.exe
[00-PROCESS]**wbengine -/- C:\Windows\system32\wbengine.exe
[00-PROCESS]**windowchecker -/- C:\Program Files\windowchecker\windowchecker.exe
[00-PROCESS]**windowcheckerse -/- C:\Program Files\windowchecker\windowcheckerse.exe
[00-PROCESS]**windowcheckerU -/- C:\Program Files\windowchecker\windowcheckerU.exe
[00-PROCESS]**WindowNetworkManager -/- C:\Program Files\Window Network Manager\WindowNetworkManager.exe
[00-PROCESS]**WindowNetworkManagerUninstall -/- C:\Program Files\Window Network Manager\WindowNetworkManagerUninstall.exe
[00-PROCESS]**wininit -/- C:\Windows\system32\wininit.exe
[00-PROCESS]**winlogon -/- C:\Windows\system32\winlogon.exe
[00-PROCESS]**winpop -/- C:\Users\Administrator\AppData\Roaming\Prepodo\winpop.exe
[00-PROCESS]**winuserconfigdata -/- C:\Windows\winuserconfigdata.exe
[00-PROCESS]**WmiApSrv -/- C:\Windows\system32\wbem\WmiApSrv.exe
[00-PROCESS]**wmiprvse -/- C:\Windows\system32\wbem\wmiprvse.exe
[00-PROCESS]**wmpnetwk -/- C:\Program Files\Windows Media Player\wmpnetwk.exe
[01-HKCUREG]**clover -/- C:\Program Files\KoreaMessenger CP\koreamessenger_CP.exe
[01-HKCUREG]**clover_u -/- C:\Program Files\KoreaMessenger CP\koreamessenger_CP_updater.exe
[01-HKCUREG]**Enumerate_gt -/- C:\Program Files\enumerate\gt\enumerate_gtu.exe subcmd
[01-HKCUREG]**IDCLauncher.exe -/- C:\Program Files\IDCLauncher\IDCLauncher.exe
[01-HKCUREG]**InsideTool -/- C:\Program Files\InsideTool\InsideTool.exe
[01-HKCUREG]**Racl -/- C:\Program Files\Racl\RaclSvc.exe
[01-HKCUREG]**serbar -/- C:\Users\Administrator\AppData\Roaming\addendum_sb\serbarup.exe
[01-HKCUREG]**signkey -/- C:\Users\Administrator\AppData\Local\signkey\signkey.exe
[01-HKCUREG]**STool -/- C:\Program Files\STool\STool.exe
[01-HKCUREG]**Trendpopup -/- C:\Program Files\Trendpopup\Trendpopup.exe
[01-HKCUREG]**VMware Tools -/- C:\Program Files\VMware\VMware Tools\VMwareTray.exe
[01-HKCUREG]**VMware User Process -/- C:\Program Files\VMware\VMware Tools\vmtoolsd.exe -n vmusr
[01-HKCUREG]**Window Network Manager -/- C:\Program Files\Window Network Manager\WindowNetworkManager.exe
[02-HKLMREG]**clover -/- C:\Program Files\KoreaMessenger CP\koreamessenger_CP.exe
[02-HKLMREG]**clover_u -/- C:\Program Files\KoreaMessenger CP\koreamessenger_CP_updater.exe
[02-HKLMREG]**Enumerate_gt -/- C:\Program Files\enumerate\gt\enumerate_gtu.exe subcmd
[02-HKLMREG]**IDCLauncher.exe -/- C:\Program Files\IDCLauncher\IDCLauncher.exe
[02-HKLMREG]**InsideTool -/- C:\Program Files\InsideTool\InsideTool.exe
[02-HKLMREG]**Racl -/- C:\Program Files\Racl\RaclSvc.exe
[02-HKLMREG]**serbar -/- C:\Users\Administrator\AppData\Roaming\addendum_sb\serbarup.exe
[02-HKLMREG]**signkey -/- C:\Users\Administrator\AppData\Local\signkey\signkey.exe
[02-HKLMREG]**STool -/- C:\Program Files\STool\STool.exe
[02-HKLMREG]**Trendpopup -/- C:\Program Files\Trendpopup\Trendpopup.exe
[02-HKLMREG]**VMware Tools -/- C:\Program Files\VMware\VMware Tools\VMwareTray.exe
[02-HKLMREG]**VMware User Process -/- C:\Program Files\VMware\VMware Tools\vmtoolsd.exe -n vmusr
[02-HKLMREG]**Window Network Manager -/- C:\Program Files\Window Network Manager\WindowNetworkManager.exe
[03-BHOCLSD]**Enumerate Top Search - GT -/- C:\Program Files\enumerate\gt\enumerate_gt.dll -/- {D128F178-5FD2-4DF6-8BE9-D001B5382AB5}
[03-BHOCLSD]**IESMon.Mon12 -/- C:\Users\Administrator\AppData\Roaming\addendum_sb\serbarim.dll -/- {DB2B86D2-1996-4755-93F4-0D799A1CB567}
[03-BHOCLSD]**InsideTool -/- C:\Program Files\InsideTool\InsideTool.dll -/- {0B3B9D03-5E08-4E48-BF77-FC88443F3DC2}
[03-BHOCLSD]**STool -/- C:\Program Files\STool\STool.dll -/- {88B3E7BD-0AD1-44FD-823F-9E880D871D5D}
[04-TOOLBAR]**잠김영역복사 -/- C:\Program Files\Racl\RaclTB.dll -/- {BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}
[05-SERVICE]**boanfile -/- boanfile svc -/- C:\Program Files\boanfile\boanfilesvc.exe
[05-SERVICE]**NetTcpPortSharing -/- Net.Tcp Port Sharing Service -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
[05-SERVICE]**PerfHost -/- Performance Counter DLL Host -/- C:\Windows\system32\perfhost.exe
[05-SERVICE]**PrepodoSvr -/- SubShop -/- C:\Users\Administrator\AppData\Roaming\Prepodo\PrepodoSvr.exe
[05-SERVICE]**TPAutoConnSvc -/- TP AutoConnect Service -/- C:\Program Files\VMware\VMware Tools\TPAutoConnSvc.exe
[05-SERVICE]**TPVCGateway -/- TP VC Gateway Service -/- C:\Program Files\VMware\VMware Tools\TPVCGateway.exe
[05-SERVICE]**VMTools -/- VMware Tools -/- C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
[05-SERVICE]**vmvss -/- VMware Snapshot Provider -/- C:\Windows\system32\dllhost.exe
[05-SERVICE]**windowchecker Update Service -/- windowchecker Support Service -/- C:\Windows\winuserconfigdata.exe
[05-SERVICE]**windowcheckerService -/- windowchecker Service -/- C:\Program Files\windowchecker\windowcheckerse.exe