Code : ssmF4s3/f/qH4uZabXLlvQWMq+Lk5TkWC1a5vx1UTmU=

프로그램분석

Code : ssmF4s3/f/qH4uZabXLlvQWMq+Lk5TkWC1a5vx1UTmU=

프로세스 천국 2013. 7. 31. 20:58

[00-PROCESS]**alg -/- C:\Windows\System32\alg.exe
[00-PROCESS]**aplus -/- C:\Users\Administrator\AppData\Local\Microsoft\Windows aplus\aplus.exe
[00-PROCESS]**atieclxx -/- C:\Windows\system32\atieclxx.exe
[00-PROCESS]**atiesrxx -/- C:\Windows\system32\atiesrxx.exe
[00-PROCESS]**AUDIODG -/- C:\Windows\system32\AUDIODG.EXE
[00-PROCESS]**csrss -/- C:\Windows\system32\csrss.exe
[00-PROCESS]**DaumCleaner -/- C:\Program Files\Daum\Cleaner\DaumCleaner.exe
[00-PROCESS]**DaumCleanerService -/- C:\Program Files\Daum\Cleaner\DaumCleanerService.exe
[00-PROCESS]**DaumStation -/- C:\Program Files\Daum\DaumStation\DaumStation.exe
[00-PROCESS]**DaumStationService -/- C:\Program Files\Daum\DaumStation\DaumStationService.exe
[00-PROCESS]**dllhost -/- C:\Windows\system32\dllhost.exe
[00-PROCESS]**Dwm -/- C:\Windows\system32\Dwm.exe
[00-PROCESS]**ehRecvr -/- C:\Windows\ehome\ehRecvr.exe
[00-PROCESS]**ehsched -/- C:\Windows\ehome\ehsched.exe
[00-PROCESS]**Explorer -/- C:\Windows\Explorer.EXE
[00-PROCESS]**FlashPlayerUpdateService -/- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00-PROCESS]**FNPLicensingService -/- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
[00-PROCESS]**fxssvc -/- C:\Windows\system32\fxssvc.exe
[00-PROCESS]**GoogleUpdate -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[00-PROCESS]**GoogleUpdaterService -/- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[00-PROCESS]**GROOVE -/- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
[00-PROCESS]**HeciServer -/- c:\Program Files\Intel\iCLS Client\HeciServer.exe
[00-PROCESS]**ICCProxy -/- C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
[00-PROCESS]**iexplore -/- C:\Program Files\Internet Explorer\iexplore.exe
[00-PROCESS]**ImageSAFERStart_X64 -/- C:\Windows\system32\ImageSAFERStart_X64.exe
[00-PROCESS]**ImageSAFERStart_X86 -/- C:\Windows\system32\ImageSAFERStart_X86.exe
[00-PROCESS]**ImageSAFERSvc -/- C:\Windows\ImageSAFERSvc.exe
[00-PROCESS]**IMEDICTUPDATE -/- C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE
[00-PROCESS]**infocard -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
[00-PROCESS]**IntelCpHeciSvc -/- C:\Windows\system32\IntelCpHeciSvc.exe
[00-PROCESS]**IntelMeFWService -/- C:\Program Files\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
[00-PROCESS]**jhi_service -/- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
[00-PROCESS]**jusched -/- C:\Program Files\Common Files\Java\Java Update\jusched.exe
[00-PROCESS]**Kies -/- C:\Program Files\Samsung\Kies\Kies.exe
[00-PROCESS]**KiesPDLR -/- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
[00-PROCESS]**KiesTrayAgent -/- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
[00-PROCESS]**koreamessenger_CP_updater -/- C:\Program Files\KoreaMessenger CP\koreamessenger_CP_updater.exe
[00-PROCESS]**LMS -/- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
[00-PROCESS]**locator -/- C:\Windows\system32\locator.exe
[00-PROCESS]**lsass -/- C:\Windows\system32\lsass.exe
[00-PROCESS]**lsm -/- C:\Windows\system32\lsm.exe
[00-PROCESS]**mDNSResponder -/- C:\Program Files\Bonjour\mDNSResponder.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
[00-PROCESS]**msdtc -/- C:\Windows\System32\msdtc.exe
[00-PROCESS]**msiexec -/- C:\Windows\system32\msiexec.exe
[00-PROCESS]**MSOSYNC -/- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
[00-PROCESS]**NaverAdminAPISvc -/- C:\Program Files\Naver\NaverCommon\NaverAdminAPISvc.exe
[00-PROCESS]**NaverAgent -/- C:\Program Files\naver\NaverAgent\NaverAgent.exe
[00-PROCESS]**ncleaner -/- C:\Program Files\naver\NaverCleaner\ncleaner.exe
[00-PROCESS]**NCleanService -/- C:\Program Files\naver\NaverCleaner\NCleanService.exe
[00-PROCESS]**ONENOTEM -/- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
[00-PROCESS]**OSE -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[00-PROCESS]**OSPPSVC -/- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
[00-PROCESS]**perfhost -/- C:\Windows\system32\perfhost.exe
[00-PROCESS]**PopupClean -/- C:\Program Files\PopupClean\PopupClean.exe
[00-PROCESS]**PresentationFontCache -/- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
[00-PROCESS]**RaclSvc -/- C:\Program Files\Racl\RaclSvc.exe
[00-PROCESS]**RashicInt -/- C:\Users\Administrator\AppData\Roaming\RashicInt\RashicInt.exe
[00-PROCESS]**RashicIntSvr -/- C:\Users\Administrator\AppData\Roaming\RashicInt\RashicIntSvr.exe
[00-PROCESS]**Reader_sl -/- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
[00-PROCESS]**RIconMan -/- C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
[00-PROCESS]**SearchIndexer -/- C:\Windows\system32\SearchIndexer.exe
[00-PROCESS]**services -/- C:\Windows\system32\services.exe
[00-PROCESS]**sidebar -/- C:\Program Files\Windows Sidebar\sidebar.exe
[00-PROCESS]**snmptrap -/- C:\Windows\System32\snmptrap.exe
[00-PROCESS]**spoolsv -/- C:\Windows\System32\spoolsv.exe
[00-PROCESS]**sppsvc -/- C:\Windows\system32\sppsvc.exe
[00-PROCESS]**svchost -/- C:\Windows\system32\svchost.exe
[00-PROCESS]**taskeng -/- C:\Windows\system32\taskeng.exe
[00-PROCESS]**taskhost -/- C:\Windows\system32\taskhost.exe
[00-PROCESS]**TrustedInstaller -/- C:\Windows\servicing\TrustedInstaller.exe
[00-PROCESS]**UI0Detect -/- C:\Windows\system32\UI0Detect.exe
[00-PROCESS]**UNS -/- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
[00-PROCESS]**UpdateModule -/- C:\Program Files\PopupClean\UpdateModule.exe
[00-PROCESS]**V3LSvc -/- C:\Program Files\AhnLab\V3Lite\V3LSvc.exe
[00-PROCESS]**V3LTray -/- C:\Program Files\AhnLab\V3Lite\V3LTray.exe
[00-PROCESS]**vds -/- C:\Windows\System32\vds.exe
[00-PROCESS]**vssvc -/- C:\Windows\system32\vssvc.exe
[00-PROCESS]**WatAdminSvc -/- C:\Windows\system32\Wat\WatAdminSvc.exe
[00-PROCESS]**wbengine -/- C:\Windows\system32\wbengine.exe
[00-PROCESS]**wininit -/- C:\Windows\system32\wininit.exe
[00-PROCESS]**winlogon -/- C:\Windows\system32\winlogon.exe
[00-PROCESS]**winpop -/- C:\Users\Administrator\AppData\Roaming\RashicInt\winpop.exe
[00-PROCESS]**WmiApSrv -/- C:\Windows\system32\wbem\WmiApSrv.exe
[00-PROCESS]**wmiprvse -/- C:\Windows\system32\wbem\wmiprvse.exe
[00-PROCESS]**wmpnetwk -/- C:\Program Files\Windows Media Player\wmpnetwk.exe
[00-PROCESS]**WUDFHost -/- C:\Windows\system32\WUDFHost.exe
[01-HKCUREG]**Adobe Reader Speed Launcher -/- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
[01-HKCUREG]**AdobePSL32 -/- C:\Windows\system32\AdobePSL32.exe
[01-HKCUREG]**AhnLab V3Lite Tray Process -/- C:\Program Files\AhnLab\V3Lite\V3LTray.exe /logon
[01-HKCUREG]**clover -/- C:\Program Files\KoreaMessenger CP\koreamessenger_CP.exe
[01-HKCUREG]**clover_u -/- C:\Program Files\KoreaMessenger CP\koreamessenger_CP_updater.exe
[01-HKCUREG]**DaumCleaner -/- C:\Program Files\Daum\Cleaner\DaumCleaner.exe /T
[01-HKCUREG]**DaumStation -/- C:\Program Files\Daum\DaumStation\DaumStation.exe
[01-HKCUREG]**FindLock -/- C:\Users\Administrator\AppData\Roaming\FindLock\fnlag.exe
[01-HKCUREG]**guardtam -/- C:\Users\Administrator\AppData\Roaming\theam\common\bin\tamguard.exe
[01-HKCUREG]**iniweblink -/- C:\ProgramData\iniweblink\weblinkup.exe
[01-HKCUREG]**KiesPreload -/- C:\Program Files\Samsung\Kies\Kies.exe /preload
[01-HKCUREG]**KiesTrayAgent -/- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
[01-HKCUREG]**NaverAgent -/- C:\Program Files\naver\NaverAgent\NaverAgent.exe /autorun
[01-HKCUREG]**NCleaner -/- C:\Program Files\naver\NaverCleaner\ncleaner.exe /reboot
[01-HKCUREG]**OfficeSyncProcess -/- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
[01-HKCUREG]**PopupClean -/- C:\Program Files\PopupClean\UpdateModule.exe S AUTORUN_TRAY
[01-HKCUREG]**primead.exe -/- C:\Program Files\primead\primead.exe
[01-HKCUREG]**Racl -/- C:\Program Files\Racl\RaclSvc.exe
[01-HKCUREG]**sbnew -/- C:\Users\Administrator\AppData\Roaming\addendum_sb\sbnewup.exe
[01-HKCUREG]**Sidebar -/- C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
[01-HKCUREG]**signkey -/- C:\Users\Administrator\AppData\Local\signkey\signkey.exe
[01-HKCUREG]**STool -/- C:\Program Files\STool\STool.exe
[01-HKCUREG]**SunJavaUpdateSched -/- C:\Program Files\Common Files\Java\Java Update\jusched.exe
[01-HKCUREG]**tamgrd -/- C:\Users\Administrator\AppData\Roaming\theam\common\bin\TheAm.exe
[01-HKCUREG]**TheAM -/- C:\Users\Administrator\AppData\Roaming\theam\common\bin\TAMUpdate.exe
[01-HKCUREG]**Window Network Manager -/- C:\Program Files\Window Network Manager\WindowNetworkManager.exe
[02-HKLMREG]**Adobe Reader Speed Launcher -/- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
[02-HKLMREG]**AdobePSL32 -/- C:\Windows\system32\AdobePSL32.exe
[02-HKLMREG]**AhnLab V3Lite Tray Process -/- C:\Program Files\AhnLab\V3Lite\V3LTray.exe /logon
[02-HKLMREG]**clover -/- C:\Program Files\KoreaMessenger CP\koreamessenger_CP.exe
[02-HKLMREG]**clover_u -/- C:\Program Files\KoreaMessenger CP\koreamessenger_CP_updater.exe
[02-HKLMREG]**DaumCleaner -/- C:\Program Files\Daum\Cleaner\DaumCleaner.exe /T
[02-HKLMREG]**DaumStation -/- C:\Program Files\Daum\DaumStation\DaumStation.exe
[02-HKLMREG]**FindLock -/- C:\Users\Administrator\AppData\Roaming\FindLock\fnlag.exe
[02-HKLMREG]**guardtam -/- C:\Users\Administrator\AppData\Roaming\theam\common\bin\tamguard.exe
[02-HKLMREG]**iniweblink -/- C:\ProgramData\iniweblink\weblinkup.exe
[02-HKLMREG]**KiesPreload -/- C:\Program Files\Samsung\Kies\Kies.exe /preload
[02-HKLMREG]**KiesTrayAgent -/- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
[02-HKLMREG]**NaverAgent -/- C:\Program Files\naver\NaverAgent\NaverAgent.exe /autorun
[02-HKLMREG]**NCleaner -/- C:\Program Files\naver\NaverCleaner\ncleaner.exe /reboot
[02-HKLMREG]**OfficeSyncProcess -/- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
[02-HKLMREG]**PopupClean -/- C:\Program Files\PopupClean\UpdateModule.exe S AUTORUN_TRAY
[02-HKLMREG]**primead.exe -/- C:\Program Files\primead\primead.exe
[02-HKLMREG]**Racl -/- C:\Program Files\Racl\RaclSvc.exe
[02-HKLMREG]**sbnew -/- C:\Users\Administrator\AppData\Roaming\addendum_sb\sbnewup.exe
[02-HKLMREG]**Sidebar -/- C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
[02-HKLMREG]**signkey -/- C:\Users\Administrator\AppData\Local\signkey\signkey.exe
[02-HKLMREG]**STool -/- C:\Program Files\STool\STool.exe
[02-HKLMREG]**SunJavaUpdateSched -/- C:\Program Files\Common Files\Java\Java Update\jusched.exe
[02-HKLMREG]**tamgrd -/- C:\Users\Administrator\AppData\Roaming\theam\common\bin\TheAm.exe
[02-HKLMREG]**TheAM -/- C:\Users\Administrator\AppData\Roaming\theam\common\bin\TAMUpdate.exe
[02-HKLMREG]**Window Network Manager -/- C:\Program Files\Window Network Manager\WindowNetworkManager.exe
[03-BHOCLSD]**Adobe PDF Reader 링크 도우미 -/- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll -/- {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
[03-BHOCLSD]**Daum 클리너 -/- C:\Program Files\Daum\Cleaner\DaumStart.1.5.0.131.dll -/- {BDDB5A00-D1EB-49D5-B197-72A06DF78AA1}
[03-BHOCLSD]**Groove GFS Browser Helper -/- C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL -/- {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
[03-BHOCLSD]**Office Document Cache Handler -/- C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL -/- {B4F3A835-0E21-4959-BA22-42B3008E02FF}
[05-SERVICE]**AdobeFlashPlayerUpdateSvc -/- Adobe Flash Player Update Service -/- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[05-SERVICE]**allpopup -/- allpopup svc -/- C:\Program Files\allpopup\allpopsvi.exe
[05-SERVICE]**AMD External Events Utility -/- AMD External Events Utility -/- C:\Windows\system32\atiesrxx.exe
[05-SERVICE]**Autodesk Licensing Service -/- Autodesk Licensing Service -/- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
[05-SERVICE]**Bonjour Service -/- ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## -/- C:\Program Files\Bonjour\mDNSResponder.exe
[05-SERVICE]**cphs -/- Intel(R) Content Protection HECI Service -/- C:\Windows\system32\IntelCpHeciSvc.exe
[05-SERVICE]**DaumCleanerService -/- DaumCleanerService -/- C:\Program Files\Daum\Cleaner\DaumCleanerService.exe
[05-SERVICE]**DaumStationService -/- DaumStationService -/- C:\Program Files\Daum\DaumStation\DaumStationService.exe
[05-SERVICE]**FLEXnet Licensing Service -/- FLEXnet Licensing Service -/- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
[05-SERVICE]**gupdate -/- Google 업데이트 서비스 (gupdate) -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**gupdatem -/- Google 업데이트 서비스 (gupdatem) -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**gusvc -/- Google Updater Service -/- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[05-SERVICE]**ICCS -/- Intel(R) Integrated Clock Controller Service - Intel(R) ICCS -/- C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
[05-SERVICE]**IconMan_R -/- IconMan_R -/- C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
[05-SERVICE]**Image Protection -/- Image Protect Service -/- C:\Windows\ImageSAFERSvc.exe
[05-SERVICE]**ImeDictUpdateService -/- Microsoft IME Dictionary Update -/- C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE
[05-SERVICE]**Intel(R) Capability Licensing Service Interface -/- Intel(R) Capability Licensing Service Interface -/- c:\Program Files\Intel\iCLS Client\HeciServer.exe
[05-SERVICE]**Intel(R) ME Service -/- Intel(R) ME Service -/- C:\Program Files\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
[05-SERVICE]**InternetSafer Protector -/- InternetSafer Protector Application -/- C:\Program Files\Windows InternetSafer\intsfsrv.exe
[05-SERVICE]**jhi_service -/- Intel(R) Dynamic Application Loader Host Interface Service -/- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
[05-SERVICE]**KMService -/- KMService -/- C:\Windows\system32\srvany.exe
[05-SERVICE]**LMS -/- Intel(R) Management and Security Application Local Management Service -/- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
[05-SERVICE]**Microsoft SharePoint Workspace Audit Service -/- Microsoft SharePoint Workspace Audit Service -/- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
[05-SERVICE]**Naver Updater -/- Naver Updater -/- C:\Program Files\Naver\NaverCommon\NaverAdminAPISvc.exe
[05-SERVICE]**NCleanService -/- Naver Cleaner Admin Service -/- C:\Program Files\naver\NaverCleaner\NCleanService.exe
[05-SERVICE]**NetTcpPortSharing -/- Net.Tcp Port Sharing Service -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
[05-SERVICE]**ose64 -/- Office 64 Source Engine -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[05-SERVICE]**osppsvc -/- Office Software Protection Platform -/- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
[05-SERVICE]**PerfHost -/- Performance Counter DLL Host -/- C:\Windows\system32\perfhost.exe
[05-SERVICE]**RashicIntSvr -/- SubShop -/- C:\Users\Administrator\AppData\Roaming\RashicInt\RashicIntSvr.exe
[05-SERVICE]**StorSvc -/- Storage Service -/- C:\Windows\System32\svchost.exe -/- C:\Windows\system32\storsvc.dll
[05-SERVICE]**UNS -/- Intel(R) Management and Security Application User Notification Service -/- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
[05-SERVICE]**V3 Lite Service -/- V3 Lite Service -/- C:\Program Files\AhnLab\V3Lite\V3LSvc.exe