Code : r5H4AxSwlmzRML9YJHbLbIDCBQBfH/qqyuYdw32oTThQw1z0UAgv2g==

프로그램분석

Code : r5H4AxSwlmzRML9YJHbLbIDCBQBfH/qqyuYdw32oTThQw1z0UAgv2g==

프로세스 천국 2013. 9. 9. 22:42

[00-PROCESS]**AdobeARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[00-PROCESS]**AESTSr64 -/- C:\Program Files\IDT\WDM\AESTSr64.exe
[00-PROCESS]**alg -/- C:\Windows\System32\alg.exe
[00-PROCESS]**armsvc -/- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
[00-PROCESS]**ascsvc -/- C:\Program Files\IObit\Advanced SystemCare Ultimate\ascsvc.exe
[00-PROCESS]**aspnet_state -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
[00-PROCESS]**atiesrxx -/- C:\Windows\system32\atiesrxx.exe
[00-PROCESS]**browser -/- C:\Users\Administrator\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
[00-PROCESS]**CISVC -/- C:\Windows\system32\CISVC.EXE
[00-PROCESS]**dllhost -/- C:\Windows\system32\dllhost.exe
[00-PROCESS]**Dwm -/- C:\Windows\system32\Dwm.exe
[00-PROCESS]**ehRecvr -/- C:\Windows\ehome\ehRecvr.exe
[00-PROCESS]**ehsched -/- C:\Windows\ehome\ehsched.exe
[00-PROCESS]**Explorer -/- C:\Windows\Explorer.exe
[00-PROCESS]**FlashPlayerUpdateService -/- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00-PROCESS]**FlashUtil64_11_8_800_94_ActiveX -/- C:\Windows\system32\Macromed\Flash\FlashUtil64_11_8_800_94_ActiveX.exe
[00-PROCESS]**Hpservice -/- C:\Windows\system32\Hpservice.exe
[00-PROCESS]**iexplore -/- C:\Program Files\Internet Explorer\iexplore.exe
[00-PROCESS]**IEXPLORE -/- C:\Program Files\Internet Explorer\IEXPLORE.EXE
[00-PROCESS]**infocard -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
[00-PROCESS]**locator -/- C:\Windows\system32\locator.exe
[00-PROCESS]**lsass -/- C:\Windows\system32\lsass.exe
[00-PROCESS]**mqsvc -/- C:\Windows\system32\mqsvc.exe
[00-PROCESS]**mqtgsvc -/- C:\Windows\system32\mqtgsvc.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
[00-PROCESS]**msdtc -/- C:\Windows\System32\msdtc.exe
[00-PROCESS]**msiexec -/- C:\Windows\system32\msiexec.exe
[00-PROCESS]**perfhost -/- C:\Windows\system32\perfhost.exe
[00-PROCESS]**PresentationFontCache -/- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
[00-PROCESS]**rundll32 -/- C:\Windows\system32\rundll32.exe
[00-PROCESS]**SearchIndexer -/- C:\Windows\system32\SearchIndexer.exe
[00-PROCESS]**SMSvcHost -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
[00-PROCESS]**snmp -/- C:\Windows\System32\snmp.exe
[00-PROCESS]**snmptrap -/- C:\Windows\System32\snmptrap.exe
[00-PROCESS]**splwow64 -/- C:\Windows\splwow64.exe
[00-PROCESS]**spoolsv -/- C:\Windows\System32\spoolsv.exe
[00-PROCESS]**sppsvc -/- C:\Windows\system32\sppsvc.exe
[00-PROCESS]**ssb6msm -/- C:\windows\system32\spool\drivers\x64\3\ssb6msm.exe
[00-PROCESS]**STacSV64 -/- C:\Program Files\IDT\WDM\STacSV64.exe
[00-PROCESS]**sttray64 -/- C:\Program Files\IDT\WDM\sttray64.exe
[00-PROCESS]**tcpsvcs -/- C:\Windows\System32\tcpsvcs.exe
[00-PROCESS]**tlntsvr -/- C:\Windows\System32\tlntsvr.exe
[00-PROCESS]**TrustedInstaller -/- C:\Windows\servicing\TrustedInstaller.exe
[00-PROCESS]**UI0Detect -/- C:\Windows\system32\UI0Detect.exe
[00-PROCESS]**vds -/- C:\Windows\System32\vds.exe
[00-PROCESS]**vssvc -/- C:\Windows\system32\vssvc.exe
[00-PROCESS]**WatAdminSvc -/- C:\Windows\system32\Wat\WatAdminSvc.exe
[00-PROCESS]**wbengine -/- C:\Windows\system32\wbengine.exe
[00-PROCESS]**WmiApSrv -/- C:\Windows\system32\wbem\WmiApSrv.exe
[00-PROCESS]**wmpnetwk -/- C:\Program Files\Windows Media Player\wmpnetwk.exe
[01-HKCUREG]**Adobe ARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[01-HKCUREG]**Advanced SystemCare Ultimate -/- C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe /AutoStart
[01-HKCUREG]**ConvertAd -/- C:\Users\Administrator\AppData\Local\ConvertAd\ConvertAd.exe
[01-HKCUREG]**NTRedirect -/- C:\Windows\system32\rundll32.exe C:\Users\Administrator\AppData\Roaming\BabSolution\Shared\enhancedNT.dllRun
[01-HKCUREG]**SysTrayApp -/- C:\Program Files\IDT\WDM\sttray64.exe
[02-HKLMREG]**Adobe ARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[02-HKLMREG]**Advanced SystemCare Ultimate -/- C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe /AutoStart
[02-HKLMREG]**ConvertAd -/- C:\Users\Administrator\AppData\Local\ConvertAd\ConvertAd.exe
[02-HKLMREG]**NTRedirect -/- C:\Windows\system32\rundll32.exe C:\Users\Administrator\AppData\Roaming\BabSolution\Shared\enhancedNT.dllRun
[02-HKLMREG]**SysTrayApp -/- C:\Program Files\IDT\WDM\sttray64.exe
[03-BHOCLSD]**Advanced SystemCare Browser Protection -/- C:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL -/- {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[03-BHOCLSD]**DealPly -/- C:\Program Files\DealPly\DealPlyIE.dll -/- {EF7BD87A-8024-11E2-F316-F3E56188709B}
[03-BHOCLSD]**Java(tm) Plug-In 2 SSV Helper -/- C:\Program Files\Java\jre7\bin\jp2ssv.dll -/- {DBC80044-A445-435b-BC74-9C25C1C588A9}
[03-BHOCLSD]**Java(tm) Plug-In SSV Helper -/- C:\Program Files\Java\jre7\bin\ssv.dll -/- {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
[03-BHOCLSD]**N.A -/- N.A -/- {8984B388-A5BB-4DF7-B274-77B879E179DB}
[03-BHOCLSD]**Визуальные закладки -/- C:\Program Files\Yandex\FastDial\fastdialHost.dll -/- {D5FEC983-01DB-414a-9456-AF95AC9ED7B5}
[04-TOOLBAR]**Элементы Яндекса -/- C:\Program Files\Yandex\Elements\bartabhost.dll -/- {91397D20-1446-11D4-8AF4-0040CA1127B6}
[05-SERVICE]**AdobeARMservice -/- Adobe Acrobat Update Service -/- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
[05-SERVICE]**AdobeFlashPlayerUpdateSvc -/- Adobe Flash Player Update Service -/- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[05-SERVICE]**AdvancedSystemCareService6 -/- Advanced SystemCare Service 6 -/- C:\Program Files\IObit\Advanced SystemCare Ultimate\ascsvc.exe
[05-SERVICE]**AESTFilters -/- Andrea ST Filters Service -/- C:\Program Files\IDT\WDM\AESTSr64.exe
[05-SERVICE]**AMD External Events Utility -/- AMD External Events Utility -/- C:\Windows\system32\atiesrxx.exe
[05-SERVICE]**AppHostSvc -/- AppHostSvc -/- %windir%\system32\svchost.exe -/- %windir%\system32\inetsrv\apphostsvc.dll
[05-SERVICE]**ASCAntivirusSrv -/- AdvancedSystemCareAntivirus -/- C:\Program Files\IObit\Advanced SystemCare Ultimate\ascavsvc.exe
[05-SERVICE]**FontCache -/- Служба кэша шрифтов Windows -/- C:\Windows\system32\svchost.exe -/- C:\Windows\system32\FntCache.dll
[05-SERVICE]**hpsrv -/- HP Service -/- C:\Windows\system32\Hpservice.exe
[05-SERVICE]**IISADMIN -/- IISADMIN -/- %windir%\system32\inetsrv\inetinfo.exe
[05-SERVICE]**iprip -/- Прослушиватель RIP -/- C:\Windows\System32\svchost.exe -/- C:\Windows\System32\iprip.dll
[05-SERVICE]**KMService -/- KMService -/- C:\Windows\system32\srvany.exe
[05-SERVICE]**lmhosts -/- Модуль поддержки NetBIOS через TCP/IP -/- C:\Windows\system32\svchost.exe -/- C:\Windows\System32\lltdsvc.dll
[05-SERVICE]**MSMQ -/- Очередь сообщений -/- C:\Windows\system32\mqsvc.exe
[05-SERVICE]**MSMQTriggers -/- Триггеры очереди сообщений -/- C:\Windows\system32\mqtgsvc.exe
[05-SERVICE]**NetMsmqActivator -/- Адаптер прослушивателя Net.Msmq -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe -NetMsmqActivator
[05-SERVICE]**NetPipeActivator -/- Адаптер прослушивателя Net.Pipe -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
[05-SERVICE]**NetTcpActivator -/- Адаптер прослушивателя Net.Tcp -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
[05-SERVICE]**NetTcpPortSharing -/- Служба общего доступа к портам Net.Tcp -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
[05-SERVICE]**NlaSvc -/- Служба сведений о подключенных сетях -/- C:\Windows\System32\svchost.exe
[05-SERVICE]**nsi -/- Служба интерфейса сохранения сети -/- C:\Windows\system32\svchost.exe
[05-SERVICE]**PerfHost -/- Хост библиотеки счетчика производительности -/- C:\Windows\system32\perfhost.exe
[05-SERVICE]**QWAVE -/- Quality Windows Audio Video Experience -/- %windir%\system32\svchost.exe -/- %windir%\system32\qwave.dll
[05-SERVICE]**seclogon -/- Вторичный вход в систему -/- %windir%\system32\svchost.exe -/- %windir%\system32\seclogon.dll
[05-SERVICE]**simptcp -/- Простые службы TCP/IP -/- C:\Windows\System32\tcpsvcs.exe -/- C:\Windows\System32\shsvcs.dll
[05-SERVICE]**SNMP -/- Служба SNMP -/- C:\Windows\System32\snmp.exe
[05-SERVICE]**STacSV -/- Audio Service -/- C:\Program Files\IDT\WDM\STacSV64.exe
[05-SERVICE]**W3SVC -/- W3SVC -/- %windir%\system32\svchost.exe -/- %windir%\system32\inetsrv\iisw3adm.dll
[05-SERVICE]**WAS -/- WAS -/- %windir%\system32\svchost.exe -/- %windir%\system32\inetsrv\iisw3adm.dll
[05-SERVICE]**WMSVC -/- WMSVC -/- %windir%\system32\inetsrv\wmsvc.exe