Code : yBImrqqlZfsHn3xjrPMoUuLKZddwXp2KQC1HVWl4zUArLzVyoJdsNA==

프로그램분석

Code : yBImrqqlZfsHn3xjrPMoUuLKZddwXp2KQC1HVWl4zUArLzVyoJdsNA==

프로세스 천국 2013. 8. 19. 12:55

[00-PROCESS]**1 -/- C:\Documents and Settings\Administrator\Application Data\1.exe
[00-PROCESS]**2 -/- C:\Documents and Settings\Administrator\Application Data\2.exe
[00-PROCESS]**alg -/- C:\WINDOWS\System32\alg.exe
[00-PROCESS]**aspnet_state -/- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
[00-PROCESS]**Bgrkrl -/- C:\Documents and Settings\Administrator\Application Data\Microsoft\Bgrkrl.exe
[00-PROCESS]**Cgrkrm -/- C:\Documents and Settings\Administrator\Application Data\Microsoft\Cgrkrm.exe
[00-PROCESS]**cisvc -/- C:\WINDOWS\system32\cisvc.exe
[00-PROCESS]**clipsrv -/- C:\WINDOWS\system32\clipsrv.exe
[00-PROCESS]**csrss -/- C:\WINDOWS\system32\csrss.exe
[00-PROCESS]**ctfmon -/- C:\WINDOWS\system32\ctfmon.exe
[00-PROCESS]**dllhost -/- C:\WINDOWS\system32\dllhost.exe
[00-PROCESS]**dmadmin -/- C:\WINDOWS\System32\dmadmin.exe
[00-PROCESS]**Explorer -/- C:\WINDOWS\Explorer.EXE
[00-PROCESS]**firefox -/- C:\Program Files\Mozilla Firefox\firefox.exe
[00-PROCESS]**iexplore -/- C:\Program Files\Internet Explorer\iexplore.exe
[00-PROCESS]**imapi -/- C:\WINDOWS\system32\imapi.exe
[00-PROCESS]**inetb123 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-121921\inetb123.exe
[00-PROCESS]**infocard -/- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
[00-PROCESS]**locator -/- C:\WINDOWS\system32\locator.exe
[00-PROCESS]**lsass -/- C:\WINDOWS\system32\lsass.exe
[00-PROCESS]**mnmsrvc -/- C:\WINDOWS\system32\mnmsrvc.exe
[00-PROCESS]**mscorsvw -/- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[00-PROCESS]**msdtc -/- C:\WINDOWS\system32\msdtc.exe
[00-PROCESS]**msiexec -/- C:\WINDOWS\system32\msiexec.exe
[00-PROCESS]**netdde -/- C:\WINDOWS\system32\netdde.exe
[00-PROCESS]**NMIndexingService -/- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
[00-PROCESS]**notepad -/- C:\WINDOWS\system32\notepad.exe
[00-PROCESS]**nvsvc32 -/- C:\WINDOWS\system32\nvsvc32.exe
[00-PROCESS]**PresentationFontCache -/- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
[00-PROCESS]**rsvp -/- C:\WINDOWS\system32\rsvp.exe
[00-PROCESS]**s222h10 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-22892\s222h10.exe
[00-PROCESS]**SCardSvr -/- C:\WINDOWS\System32\SCardSvr.exe
[00-PROCESS]**services -/- C:\WINDOWS\system32\services.exe
[00-PROCESS]**sessmgr -/- C:\WINDOWS\system32\sessmgr.exe
[00-PROCESS]**smlogsvc -/- C:\WINDOWS\system32\smlogsvc.exe
[00-PROCESS]**smss -/- C:\WINDOWS\System32\smss.exe
[00-PROCESS]**SMSvcHost -/- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
[00-PROCESS]**spoolsv -/- C:\WINDOWS\system32\spoolsv.exe
[00-PROCESS]**Styler -/- C:\Program Files\ESAP 3\Windows 7 - Styler\Styler.exe
[00-PROCESS]**svchost -/- C:\WINDOWS\system32\svchost.exe
[00-PROCESS]**sxsh10 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-87891\sxsh10.exe
[00-PROCESS]**tlntsvr -/- C:\WINDOWS\system32\tlntsvr.exe
[00-PROCESS]**ups -/- C:\WINDOWS\System32\ups.exe
[00-PROCESS]**vssvc -/- C:\WINDOWS\System32\vssvc.exe
[00-PROCESS]**winlogon -/- C:\WINDOWS\system32\winlogon.exe
[00-PROCESS]**wmiapsrv -/- C:\WINDOWS\system32\wbem\wmiapsrv.exe
[00-PROCESS]**wmiprvse -/- C:\WINDOWS\system32\wbem\wmiprvse.exe
[01-HKCUREG]**Bgrkrl -/- C:\Documents and Settings\Administrator\Application Data\Microsoft\Bgrkrl.exe
[01-HKCUREG]**Cgrkrm -/- C:\Documents and Settings\Administrator\Application Data\Microsoft\Cgrkrm.exe
[01-HKCUREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[01-HKCUREG]**inetb123 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-121921\inetb123.exe
[01-HKCUREG]**NvCplDaemon -/- RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dllNvStartup
[01-HKCUREG]**SkyTel -/- SkyTel.EXE
[01-HKCUREG]**Styler -/- C:\Program Files\ESAP 3\Windows 7 - Styler\Styler.exe
[01-HKCUREG]**x222n9 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-22892\s222h10.exe
[02-HKLMREG]**Bgrkrl -/- C:\Documents and Settings\Administrator\Application Data\Microsoft\Bgrkrl.exe
[02-HKLMREG]**Cgrkrm -/- C:\Documents and Settings\Administrator\Application Data\Microsoft\Cgrkrm.exe
[02-HKLMREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[02-HKLMREG]**inetb123 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-121921\inetb123.exe
[02-HKLMREG]**NvCplDaemon -/- RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dllNvStartup
[02-HKLMREG]**SkyTel -/- SkyTel.EXE
[02-HKLMREG]**Styler -/- C:\Program Files\ESAP 3\Windows 7 - Styler\Styler.exe
[02-HKLMREG]**x222n9 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-22892\s222h10.exe
[04-TOOLBAR]**StylerToolBar -/- C:\Program Files\ESAP 3\Windows 7 - Styler\TB\StylerTB.dll -/- {D2F8F919-690B-4EA2-9FA7-A203D1E04F75}
[05-SERVICE]**napagent -/- Network Access Protection Agent -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\System32\qagentrt.dll
[05-SERVICE]**NMIndexingService -/- NMIndexingService -/- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
[05-SERVICE]**NVSvc -/- NVIDIA Display Driver Service -/- C:\WINDOWS\system32\nvsvc32.exe