Code : gYB4o73ofb4/573vIQXPArBBCIYxSYJHv3X6CUbUtDc=

프로그램분석

Code : gYB4o73ofb4/573vIQXPArBBCIYxSYJHv3X6CUbUtDc=

프로세스 천국 2013. 7. 30. 12:13

[00-PROCESS]**AdvTCApp -/- C:\Program Files\AdvTopC\AdvTCApp.exe
[00-PROCESS]**alg -/- C:\WINDOWS\System32\alg.exe
[00-PROCESS]**aspnet_state -/- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
[00-PROCESS]**cisvc -/- C:\WINDOWS\system32\cisvc.exe
[00-PROCESS]**clipsrv -/- C:\WINDOWS\system32\clipsrv.exe
[00-PROCESS]**ctfmon -/- C:\WINDOWS\system32\ctfmon.exe
[00-PROCESS]**dllhost -/- C:\WINDOWS\system32\dllhost.exe
[00-PROCESS]**Explorer -/- C:\WINDOWS\Explorer.EXE
[00-PROCESS]**f_LPS -/- C:\Program Files\Fasoo DRM\f_LPS.exe
[00-PROCESS]**fclient -/- C:\Program Files\Fasoo DRM\fclient.exe
[00-PROCESS]**FlashPlayerUpdateService -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00-PROCESS]**fph -/- C:\Program Files\Fasoo DRM\fph.exe
[00-PROCESS]**gostyles -/- C:\Documents and Settings\Administrator\Application Data\gostyle\gostyles.exe
[00-PROCESS]**iexplore -/- C:\Program Files\Internet Explorer\iexplore.exe
[00-PROCESS]**imapi -/- C:\WINDOWS\system32\imapi.exe
[00-PROCESS]**IMJPMIG -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
[00-PROCESS]**infocard -/- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
[00-PROCESS]**IPPDSAgent -/- C:\Program Files\IPPDSAgent\IPPDSAgent.exe
[00-PROCESS]**IPPDSManager -/- C:\IPPDSManager\IPPDSManager.exe
[00-PROCESS]**locator -/- C:\WINDOWS\system32\locator.exe
[00-PROCESS]**lsass -/- C:\WINDOWS\system32\lsass.exe
[00-PROCESS]**Maxthon -/- C:\Program Files\Maxthon\Bin\Maxthon.exe
[00-PROCESS]**mnmsrvc -/- C:\WINDOWS\system32\mnmsrvc.exe
[00-PROCESS]**mscorsvw -/- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[00-PROCESS]**msdtc -/- C:\WINDOWS\system32\msdtc.exe
[00-PROCESS]**msiexec -/- C:\WINDOWS\system32\msiexec.exe
[00-PROCESS]**nateon -/- c:\program files\nateon\bin\nateon.exe
[00-PROCESS]**NATEONMain -/- C:\program files\nateon\BIN\NATEONMain.exe
[00-PROCESS]**netdde -/- C:\WINDOWS\system32\netdde.exe
[00-PROCESS]**NOTEPAD -/- C:\WINDOWS\system32\NOTEPAD.EXE
[00-PROCESS]**powertime_mon -/- C:\Program Files\powertime\powertime_mon.exe
[00-PROCESS]**powertime_uc -/- C:\Program Files\powertime\powertime_uc.exe
[00-PROCESS]**PresentationFontCache -/- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
[00-PROCESS]**rsvp -/- C:\WINDOWS\system32\rsvp.exe
[00-PROCESS]**SCardSvr -/- C:\WINDOWS\System32\SCardSvr.exe
[00-PROCESS]**services -/- C:\WINDOWS\system32\services.exe
[00-PROCESS]**sessmgr -/- C:\WINDOWS\system32\sessmgr.exe
[00-PROCESS]**smlogsvc -/- C:\WINDOWS\system32\smlogsvc.exe
[00-PROCESS]**smss -/- C:\WINDOWS\System32\smss.exe
[00-PROCESS]**SNUpdate -/- C:\Program Files\SearchN\SNUpdate.exe
[00-PROCESS]**spoolsv -/- C:\WINDOWS\system32\spoolsv.exe
[00-PROCESS]**SubWing -/- C:\Documents and Settings\Administrator\Application Data\SubWing\SubWing.exe
[00-PROCESS]**svchost -/- C:\WINDOWS\system32\svchost.exe
[00-PROCESS]**TCSearch -/- C:\Program Files\AdvTopC\TCSearch.exe
[00-PROCESS]**TINTSETP -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
[00-PROCESS]**tlntsvr -/- C:\WINDOWS\system32\tlntsvr.exe
[00-PROCESS]**ups -/- C:\WINDOWS\System32\ups.exe
[00-PROCESS]**vssvc -/- C:\WINDOWS\System32\vssvc.exe
[00-PROCESS]**weblinkup -/- C:\Documents and Settings\Administrator\Application Data\iniweblink\weblinkup.exe
[00-PROCESS]**winlogon -/- C:\WINDOWS\system32\winlogon.exe
[00-PROCESS]**wmiapsrv -/- C:\WINDOWS\system32\wbem\wmiapsrv.exe
[00-PROCESS]**WMPNetwk -/- C:\Program Files\Windows Media Player\WMPNetwk.exe
[00-PROCESS]**wuauclt -/- C:\WINDOWS\system32\wuauclt.exe
[01-HKCUREG]**Adv_TopC -/- C:\Program Files\AdvTopC\TCSearch.exe
[01-HKCUREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[01-HKCUREG]**FPH Exe -/- C:\Program Files\Fasoo DRM\fph.exe
[01-HKCUREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[01-HKCUREG]**iniweblink -/- C:\Documents and Settings\Administrator\Application Data\iniweblink\weblinkup.exe
[01-HKCUREG]**NATEON -/- c:\program files\nateon\bin\nateon.exe -as
[01-HKCUREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[01-HKCUREG]**PHIME2002ASync -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
[01-HKCUREG]**powertime -/- C:\Program Files\powertime\powertime_uc.exe /run
[01-HKCUREG]**SearchN -/- C:\Program Files\SearchN\SNUpdate.exe
[01-HKCUREG]**SubWing -/- C:\Documents and Settings\Administrator\Application Data\SubWing\SubWing.exe
[01-HKCUREG]**zcl -/- C:\Program Files\Fasoo DRM\fclient.exe
[02-HKLMREG]**Adv_TopC -/- C:\Program Files\AdvTopC\TCSearch.exe
[02-HKLMREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[02-HKLMREG]**FPH Exe -/- C:\Program Files\Fasoo DRM\fph.exe
[02-HKLMREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[02-HKLMREG]**iniweblink -/- C:\Documents and Settings\Administrator\Application Data\iniweblink\weblinkup.exe
[02-HKLMREG]**NATEON -/- c:\program files\nateon\bin\nateon.exe -as
[02-HKLMREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[02-HKLMREG]**PHIME2002ASync -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
[02-HKLMREG]**powertime -/- C:\Program Files\powertime\powertime_uc.exe /run
[02-HKLMREG]**SearchN -/- C:\Program Files\SearchN\SNUpdate.exe
[02-HKLMREG]**SubWing -/- C:\Documents and Settings\Administrator\Application Data\SubWing\SubWing.exe
[02-HKLMREG]**zcl -/- C:\Program Files\Fasoo DRM\fclient.exe
[03-BHOCLSD]**SearchNCtrl Class -/- C:\Program Files\SearchN\SearchN.dll -/- {FE14A4CA-5CFA-4C05-9274-6006397B68C9}
[03-BHOCLSD]**Smart TC -/- C:\Program Files\AdvTopC\TCHelper.dll -/- {3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}
[05-SERVICE]**AdobeFlashPlayerUpdateSvc -/- Adobe Flash Player Update Service -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[05-SERVICE]**Fasoo Process Service -/- Fasoo Process Service -/- C:\Program Files\Fasoo DRM\f_LPS.exe
[05-SERVICE]**gostyle -/- ADCool System -/- C:\Documents and Settings\Administrator\Application Data\gostyle\gostyles.exe
[05-SERVICE]**napagent -/- Network Access Protection Agent -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\System32\qagentrt.dll
[05-SERVICE]**uywvpt -/- PowerTime Manager -/- C:\Program Files\powertime\powertime_mon.exe