Code : aR/i5zksvdj7fg7W9e3AJjkC29HgJaKcC8an+bTaOZB/EG1yAX5aZw==

프로그램분석

Code : aR/i5zksvdj7fg7W9e3AJjkC29HgJaKcC8an+bTaOZB/EG1yAX5aZw==

프로세스 천국 2013. 8. 5. 22:50

[00-PROCESS]**alg -/- C:\WINDOWS\System32\alg.exe
[00-PROCESS]**aspnet_state -/- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
[00-PROCESS]**cisvc -/- C:\WINDOWS\system32\cisvc.exe
[00-PROCESS]**clipsrv -/- C:\WINDOWS\system32\clipsrv.exe
[00-PROCESS]**conime -/- C:\WINDOWS\system32\conime.exe
[00-PROCESS]**ctfmon -/- C:\WINDOWS\system32\ctfmon.exe
[00-PROCESS]**dllhost -/- C:\WINDOWS\system32\dllhost.exe
[00-PROCESS]**dmadmin -/- C:\WINDOWS\System32\dmadmin.exe
[00-PROCESS]**Explorer -/- C:\WINDOWS\Explorer.EXE
[00-PROCESS]**GuardConvert -/- C:\Documents and Settings\Administrator\Application Data\GuardSupport\GuardConvert.exe
[00-PROCESS]**HPBOID -/- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
[00-PROCESS]**HPBPRO -/- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
[00-PROCESS]**imapi -/- C:\WINDOWS\system32\imapi.exe
[00-PROCESS]**IMEKRMIG -/- C:\Program Files\Common Files\Microsoft Shared\IME\IMKR7\IMEKRMIG.EXE
[00-PROCESS]**IMJPMIG -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
[00-PROCESS]**infocard -/- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
[00-PROCESS]**locator -/- C:\WINDOWS\system32\locator.exe
[00-PROCESS]**lsass -/- C:\WINDOWS\system32\lsass.exe
[00-PROCESS]**MicroProCon -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProCon.exe
[00-PROCESS]**MicroProProc -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProProc.exe
[00-PROCESS]**mnmsrvc -/- C:\WINDOWS\system32\mnmsrvc.exe
[00-PROCESS]**mscorsvw -/- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[00-PROCESS]**msdtc -/- C:\WINDOWS\system32\msdtc.exe
[00-PROCESS]**msiexec -/- C:\WINDOWS\system32\msiexec.exe
[00-PROCESS]**netdde -/- C:\WINDOWS\system32\netdde.exe
[00-PROCESS]**nTuneService -/- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
[00-PROCESS]**nvsvc32 -/- C:\WINDOWS\system32\nvsvc32.exe
[00-PROCESS]**OSE -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[00-PROCESS]**PresentationFontCache -/- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
[00-PROCESS]**regsvr32 -/- C:\WINDOWS\system32\regsvr32.exe
[00-PROCESS]**rsvp -/- C:\WINDOWS\system32\rsvp.exe
[00-PROCESS]**RUNDLL32 -/- C:\WINDOWS\system32\RUNDLL32.EXE
[00-PROCESS]**SCardSvr -/- C:\WINDOWS\System32\SCardSvr.exe
[00-PROCESS]**SecureUpdate -/- C:\Program Files\Secure Speed Dial\IE\SecureUpdate.exe
[00-PROCESS]**services -/- C:\WINDOWS\system32\services.exe
[00-PROCESS]**sessmgr -/- C:\WINDOWS\system32\sessmgr.exe
[00-PROCESS]**smlogsvc -/- C:\WINDOWS\system32\smlogsvc.exe
[00-PROCESS]**smss -/- C:\WINDOWS\System32\smss.exe
[00-PROCESS]**SMSvcHost -/- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
[00-PROCESS]**spoolsv -/- C:\WINDOWS\system32\spoolsv.exe
[00-PROCESS]**svchost -/- C:\WINDOWS\system32\svchost.exe
[00-PROCESS]**TINTSETP -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
[00-PROCESS]**tlntsvr -/- C:\WINDOWS\system32\tlntsvr.exe
[00-PROCESS]**ups -/- C:\WINDOWS\System32\ups.exe
[00-PROCESS]**vssvc -/- C:\WINDOWS\System32\vssvc.exe
[00-PROCESS]**winlogon -/- C:\WINDOWS\system32\winlogon.exe
[00-PROCESS]**wmiapsrv -/- C:\WINDOWS\system32\wbem\wmiapsrv.exe
[01-HKCUREG]**GuardSupport -/- C:\Documents and Settings\Administrator\Application Data\GuardSupport\GuardConvert.exe -LfWMalTTG
[01-HKCUREG]**imekrmig7.0 -/- C:\Program Files\Common Files\Microsoft Shared\IME\IMKR7\IMEKRMIG.EXE
[01-HKCUREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[01-HKCUREG]**KernelFaultCheck -/- %systemroot%\system32\dumprep 0 -k
[01-HKCUREG]**MicroLabCon -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProCon.exe -Zukbp
[01-HKCUREG]**MicroLabProc -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProProc.exe -Zukbp
[01-HKCUREG]**MicroProCon -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProCon.exe -LfWMalTTG
[01-HKCUREG]**MicroProProc -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProProc.exe -LfWMalTTG
[01-HKCUREG]**NvCplDaemon -/- RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dllNvStartup
[01-HKCUREG]**NvMediaCenter -/- RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dllNvTaskbarInit
[01-HKCUREG]**nwiz -/- nwiz.exe /install
[01-HKCUREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[01-HKCUREG]**PHIME2002ASync -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
[01-HKCUREG]**signkey -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\signkey\signkey.exe
[02-HKLMREG]**GuardSupport -/- C:\Documents and Settings\Administrator\Application Data\GuardSupport\GuardConvert.exe -LfWMalTTG
[02-HKLMREG]**imekrmig7.0 -/- C:\Program Files\Common Files\Microsoft Shared\IME\IMKR7\IMEKRMIG.EXE
[02-HKLMREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[02-HKLMREG]**KernelFaultCheck -/- %systemroot%\system32\dumprep 0 -k
[02-HKLMREG]**MicroLabCon -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProCon.exe -Zukbp
[02-HKLMREG]**MicroLabProc -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProProc.exe -Zukbp
[02-HKLMREG]**MicroProCon -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProCon.exe -LfWMalTTG
[02-HKLMREG]**MicroProProc -/- C:\Documents and Settings\Administrator\Application Data\MicroLab\MyEngin\Common\MicroProProc.exe -LfWMalTTG
[02-HKLMREG]**NvCplDaemon -/- RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dllNvStartup
[02-HKLMREG]**NvMediaCenter -/- RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dllNvTaskbarInit
[02-HKLMREG]**nwiz -/- nwiz.exe /install
[02-HKLMREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[02-HKLMREG]**PHIME2002ASync -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
[02-HKLMREG]**signkey -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\signkey\signkey.exe
[03-BHOCLSD]**IEHlprObj Class -/- C:\WINDOWS\system32\kakutk.dll -/- {AB705622-B25B-491B-A6BF-4A46FDDBC88E}
[05-SERVICE]**gnab_device -/- gnab_device -/- C:\WINDOWS\system32\GNabcoms.exe -service
[05-SERVICE]**HP Port Resolver -/- HP Port Resolver -/- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
[05-SERVICE]**HP Status Server -/- HP Status Server -/- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
[05-SERVICE]**napagent -/- Network Access Protection Agent -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\System32\qagentrt.dll
[05-SERVICE]**Net Driver HPZ12 -/- Net Driver HPZ12 -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\system32\HPZinw12.dll
[05-SERVICE]**nosGetPlusHelper -/- getPlus(R) Helper 3004 -/- C:\WINDOWS\System32\svchost.exe -/- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
[05-SERVICE]**npggsvc -/- nProtect GameGuard Service -/- C:\WINDOWS\system32\GameMon.des -service
[05-SERVICE]**nTuneService -/- nTune Service -/- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
[05-SERVICE]**NVSvc -/- NVIDIA Display Driver Service -/- C:\WINDOWS\system32\nvsvc32.exe
[05-SERVICE]**ose -/- Office Source Engine -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[05-SERVICE]**Pml Driver HPZ12 -/- Pml Driver HPZ12 -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\system32\HPZipm12.dll
[05-SERVICE]**SecureUpdateSvc -/- SecureUpdate -/- C:\Program Files\Secure Speed Dial\IE\SecureUpdate.exe
[05-SERVICE]**TCCheckAgent -/- TCCheckAgent -/- C:\Program Files\AdvTopC\TCCheckAgent.exe
[05-SERVICE]**usprserv -/- User Privilege Service -/- C:\WINDOWS\System32\svchost.exe
[05-SERVICE]**uvebfm -/- Monitor Microsoft -/- C:\WINDOWS\System32\svchost.exe