Code : a5Q660MLEXlXIyAiz7FfDfe+QMLp02mgOELlHQMTDg16gVkJ/QF3Jg==

프로그램분석

Code : a5Q660MLEXlXIyAiz7FfDfe+QMLp02mgOELlHQMTDg16gVkJ/QF3Jg==

프로세스 천국 2013. 8. 10. 22:40

[00-PROCESS]**13b3 -/- c:\Users\Administrator\appdata\roaming\13b3.exe
[00-PROCESS]**14ea -/- c:\Users\Administrator\appdata\roaming\14ea.exe
[00-PROCESS]**2d99 -/- c:\Users\Administrator\appdata\roaming\2d99.exe
[00-PROCESS]**31a0 -/- c:\Users\Administrator\appdata\roaming\31a0.exe
[00-PROCESS]**408e -/- c:\Users\Administrator\appdata\roaming\408e.exe
[00-PROCESS]**47F5 -/- C:\Users\Administrator\AppData\Roaming\47F5.exe
[00-PROCESS]**4cde -/- c:\Users\Administrator\appdata\roaming\4cde.exe
[00-PROCESS]**55e3 -/- c:\Users\Administrator\appdata\roaming\55e3.exe
[00-PROCESS]**60fb -/- c:\Users\Administrator\appdata\roaming\60fb.exe
[00-PROCESS]**638b -/- c:\Users\Administrator\appdata\roaming\638b.exe
[00-PROCESS]**741f -/- c:\Users\Administrator\appdata\roaming\741f.exe
[00-PROCESS]**7844 -/- c:\Users\Administrator\appdata\roaming\7844.exe
[00-PROCESS]**9095 -/- c:\Users\Administrator\appdata\roaming\9095.exe
[00-PROCESS]**90F8 -/- C:\Users\Administrator\AppData\Roaming\90F8.exe
[00-PROCESS]**923a -/- c:\Users\Administrator\appdata\roaming\923a.exe
[00-PROCESS]**93F5 -/- C:\Users\Administrator\AppData\Roaming\93F5.exe
[00-PROCESS]**a204 -/- c:\Users\Administrator\appdata\roaming\a204.exe
[00-PROCESS]**a732 -/- c:\Users\Administrator\appdata\roaming\a732.exe
[00-PROCESS]**aara9 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-82290\aara9.exe
[00-PROCESS]**alg -/- C:\Windows\System32\alg.exe
[00-PROCESS]**atiesrxx -/- C:\Windows\system32\atiesrxx.exe
[00-PROCESS]**azza9 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-861390\azza9.exe
[00-PROCESS]**b4ba -/- c:\Users\Administrator\appdata\roaming\b4ba.exe
[00-PROCESS]**c212 -/- c:\Users\Administrator\appdata\roaming\c212.exe
[00-PROCESS]**CCC -/- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
[00-PROCESS]**ce -/- c:\Users\Administrator\appdata\roaming\ce.exe
[00-PROCESS]**CLIStart -/- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
[00-PROCESS]**ctfmon -/- C:\Windows\system32\ctfmon.exe
[00-PROCESS]**d6c0 -/- c:\Users\Administrator\appdata\roaming\d6c0.exe
[00-PROCESS]**dllhost -/- C:\Windows\system32\dllhost.exe
[00-PROCESS]**Dwm -/- C:\Windows\system32\Dwm.exe
[00-PROCESS]**e726 -/- c:\Users\Administrator\appdata\roaming\e726.exe
[00-PROCESS]**ehRecvr -/- C:\Windows\ehome\ehRecvr.exe
[00-PROCESS]**ehsched -/- C:\Windows\ehome\ehsched.exe
[00-PROCESS]**Explorer -/- C:\Windows\Explorer.EXE
[00-PROCESS]**f01a -/- c:\Users\Administrator\appdata\roaming\f01a.exe
[00-PROCESS]**fe7d -/- c:\Users\Administrator\appdata\roaming\fe7d.exe
[00-PROCESS]**firefox -/- C:\Program Files\Aurora\firefox.exe
[00-PROCESS]**FlashPlayerPlugin_11_8_800_94 -/- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
[00-PROCESS]**FlashPlayerUpdateService -/- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00-PROCESS]**Fuel.Service -/- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
[00-PROCESS]**fxssvc -/- C:\Windows\system32\fxssvc.exe
[00-PROCESS]**GoogleUpdate -/- C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe
[00-PROCESS]**IDMan -/- C:\Program Files\Internet Download Manager\IDMan.exe
[00-PROCESS]**IEMonitor -/- C:\Program Files\Internet Download Manager\IEMonitor.exe
[00-PROCESS]**iexplore -/- C:\Program Files\Internet Explorer\iexplore.exe
[00-PROCESS]**infocard -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
[00-PROCESS]**locator -/- C:\Windows\system32\locator.exe
[00-PROCESS]**lsass -/- C:\Windows\system32\lsass.exe
[00-PROCESS]**maintenanceservice -/- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
[00-PROCESS]**MOM -/- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
[00-PROCESS]**msdtc -/- C:\Windows\System32\msdtc.exe
[00-PROCESS]**msiexec -/- C:\Windows\system32\msiexec.exe
[00-PROCESS]**mspaint -/- C:\Windows\system32\mspaint.exe
[00-PROCESS]**perfhost -/- C:\Windows\system32\perfhost.exe
[00-PROCESS]**plugin-container -/- C:\Program Files\Aurora\plugin-container.exe
[00-PROCESS]**PresentationFontCache -/- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
[00-PROCESS]**realsched -/- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[00-PROCESS]**s1sh10 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-87892\s1sh10.exe
[00-PROCESS]**SearchIndexer -/- C:\Windows\system32\SearchIndexer.exe
[00-PROCESS]**SMSvcHost -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
[00-PROCESS]**Snagit32 -/- C:\Program Files\TechSmith\Snagit 10\Snagit32.exe
[00-PROCESS]**snagiteditor -/- C:\Program Files\TechSmith\Snagit 10\snagiteditor.exe
[00-PROCESS]**snmptrap -/- C:\Windows\System32\snmptrap.exe
[00-PROCESS]**spoolsv -/- C:\Windows\System32\spoolsv.exe
[00-PROCESS]**sppsvc -/- C:\Windows\system32\sppsvc.exe
[00-PROCESS]**svchost -/- C:\Windows\system32\svchost.exe
[00-PROCESS]**sxshin1 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-81140\sxshin1.exe
[00-PROCESS]**sxshin1 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-81240\sxshin1.exe
[00-PROCESS]**sxshin3 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-81340\sxshin3.exe
[00-PROCESS]**sxshin4 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-81350\sxshin4.exe
[00-PROCESS]**sxshin5 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-81650\sxshin5.exe
[00-PROCESS]**sxshin6 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-86650\sxshin6.exe
[00-PROCESS]**sxshin7 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-87650\sxshin7.exe
[00-PROCESS]**sxshin8 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-87850\sxshin8.exe
[00-PROCESS]**sxshin9 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-87890\sxshin9.exe
[00-PROCESS]**taskhost -/- C:\Windows\system32\taskhost.exe
[00-PROCESS]**TrustedInstaller -/- C:\Windows\servicing\TrustedInstaller.exe
[00-PROCESS]**TSCHelp -/- C:\Program Files\TechSmith\Snagit 10\TSCHelp.exe
[00-PROCESS]**UI0Detect -/- C:\Windows\system32\UI0Detect.exe
[00-PROCESS]**vds -/- C:\Windows\System32\vds.exe
[00-PROCESS]**vssvc -/- C:\Windows\system32\vssvc.exe
[00-PROCESS]**wbengine -/- C:\Windows\system32\wbengine.exe
[00-PROCESS]**Whqmqi -/- C:\Users\Administrator\AppData\Roaming\Microsoft\Whqmqi.exe
[00-PROCESS]**WmiApSrv -/- C:\Windows\system32\wbem\WmiApSrv.exe
[00-PROCESS]**wmpnetwk -/- C:\Program Files\Windows Media Player\wmpnetwk.exe
[00-PROCESS]**Xhqmqj -/- C:\Users\Administrator\AppData\Roaming\Microsoft\Xhqmqj.exe
[01-HKCUREG]**aa0rab9 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-82290\aara9.exe
[01-HKCUREG]**azzrab9 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-861390\azza9.exe
[01-HKCUREG]**Google Update -/- C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe /c
[01-HKCUREG]**IDMan -/- C:\Program Files\Internet Download Manager\IDMan.exe /onboot
[01-HKCUREG]**Screen Saver Pro 3.1 -/- C:\Users\Administrator\AppData\Roaming\ScreenSaverPro.scr
[01-HKCUREG]**StartCCC -/- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun
[01-HKCUREG]**TkBellExe -/- C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
[01-HKCUREG]**Whqmqi -/- C:\Users\Administrator\AppData\Roaming\Microsoft\Whqmqi.exe
[01-HKCUREG]**x1h2n9 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-87892\s1sh10.exe
[01-HKCUREG]**Xhqmqj -/- C:\Users\Administrator\AppData\Roaming\Microsoft\Xhqmqj.exe
[01-HKCUREG]**xsh2n1 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-81240\sxshin1.exe
[01-HKCUREG]**xsh2n3 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-81340\sxshin3.exe
[01-HKCUREG]**xsh2n4 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-81350\sxshin4.exe
[01-HKCUREG]**xsh2n5 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-81650\sxshin5.exe
[01-HKCUREG]**xsh2n6 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-86650\sxshin6.exe
[01-HKCUREG]**xsh2n7 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-87650\sxshin7.exe
[01-HKCUREG]**xsh2n8 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-87850\sxshin8.exe
[01-HKCUREG]**xsh2n9 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-87890\sxshin9.exe
[01-HKCUREG]**xshin1 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-81140\sxshin1.exe
[01-HKCUREG]**Yahoo Messengger -/- C:\Windows\system32\SSVICHOSST.exe
[02-HKLMREG]**aa0rab9 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-82290\aara9.exe
[02-HKLMREG]**azzrab9 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-861390\azza9.exe
[02-HKLMREG]**Google Update -/- C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe /c
[02-HKLMREG]**IDMan -/- C:\Program Files\Internet Download Manager\IDMan.exe /onboot
[02-HKLMREG]**Screen Saver Pro 3.1 -/- C:\Users\Administrator\AppData\Roaming\ScreenSaverPro.scr
[02-HKLMREG]**StartCCC -/- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun
[02-HKLMREG]**TkBellExe -/- C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
[02-HKLMREG]**Whqmqi -/- C:\Users\Administrator\AppData\Roaming\Microsoft\Whqmqi.exe
[02-HKLMREG]**x1h2n9 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-87892\s1sh10.exe
[02-HKLMREG]**Xhqmqj -/- C:\Users\Administrator\AppData\Roaming\Microsoft\Xhqmqj.exe
[02-HKLMREG]**xsh2n1 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-81240\sxshin1.exe
[02-HKLMREG]**xsh2n3 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-81340\sxshin3.exe
[02-HKLMREG]**xsh2n4 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-81350\sxshin4.exe
[02-HKLMREG]**xsh2n5 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-81650\sxshin5.exe
[02-HKLMREG]**xsh2n6 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-86650\sxshin6.exe
[02-HKLMREG]**xsh2n7 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-87650\sxshin7.exe
[02-HKLMREG]**xsh2n8 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-87850\sxshin8.exe
[02-HKLMREG]**xsh2n9 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-87890\sxshin9.exe
[02-HKLMREG]**xshin1 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-81140\sxshin1.exe
[02-HKLMREG]**Yahoo Messengger -/- C:\Windows\system32\SSVICHOSST.exe
[03-BHOCLSD]**IDMIEHlprObj Class -/- C:\Program Files\Internet Download Manager\IDMIECC.dll -/- {0055C089-8582-441B-A0BF-17B458C2A3A8}
[03-BHOCLSD]**IDMIEHlprObj Class -/- C:\Program Files\Internet Download Manager\IDMIECC64.dll -/- {0055C089-8582-441B-A0BF-17B458C2A3A8}
[03-BHOCLSD]**RealPlayer Download and Record Plugin for Internet Explorer -/- C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll -/- {3049C3E9-B461-4BC5-8870-4C09146192CA}
[03-BHOCLSD]**SnagIt Toolbar Loader -/- C:\Program Files\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll -/- {00C6482D-C502-44C8-8409-FCE54AD9C208}
[03-BHOCLSD]**SnagIt Toolbar Loader -/- C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll -/- {00C6482D-C502-44C8-8409-FCE54AD9C208}
[04-TOOLBAR]**Snagit -/- C:\Program Files\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll -/- {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}
[04-TOOLBAR]**Snagit -/- C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll -/- {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}
[05-SERVICE]**AdobeFlashPlayerUpdateSvc -/- Adobe Flash Player Update Service -/- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[05-SERVICE]**AMD External Events Utility -/- AMD External Events Utility -/- C:\Windows\system32\atiesrxx.exe
[05-SERVICE]**AMD FUEL Service -/- AMD FUEL Service -/- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
[05-SERVICE]**lmhosts -/- TCP/IP NetBIOS Helper -/- C:\Windows\system32\svchost.exe -/- C:\Windows\System32\lltdsvc.dll
[05-SERVICE]**MozillaMaintenance -/- Mozilla Maintenance Service -/- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
[05-SERVICE]**NetTcpPortSharing -/- Net.Tcp Port Sharing Service -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
[05-SERVICE]**NlaSvc -/- Network Location Awareness -/- C:\Windows\System32\svchost.exe
[05-SERVICE]**nsi -/- Network Store Interface Service -/- C:\Windows\system32\svchost.exe
[05-SERVICE]**PerfHost -/- Performance Counter DLL Host -/- C:\Windows\system32\perfhost.exe