Code : iqA+uCfaVb0TtYnp3IiyrakhW2zexBBpE0s/ydR2sD4=

프로그램분석

Code : iqA+uCfaVb0TtYnp3IiyrakhW2zexBBpE0s/ydR2sD4=

프로세스 천국 2013. 9. 11. 13:43

[00-PROCESS]**13 -/- C:\Documents and Settings\Administrator\Application Data\13.exe
[00-PROCESS]**alg -/- C:\WINDOWS\System32\alg.exe
[00-PROCESS]**appis -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\AppIs\appis.exe
[00-PROCESS]**aspnet_state -/- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
[00-PROCESS]**AYLaunch -/- C:\Program Files\ESTsoft\ALYac\AYLaunch.exe
[00-PROCESS]**cisvc -/- C:\WINDOWS\system32\cisvc.exe
[00-PROCESS]**clipsrv -/- C:\WINDOWS\system32\clipsrv.exe
[00-PROCESS]**conime -/- C:\WINDOWS\system32\conime.exe
[00-PROCESS]**csrss -/- C:\WINDOWS\system32\csrss.exe
[00-PROCESS]**ctfmon -/- C:\WINDOWS\system32\ctfmon.exe
[00-PROCESS]**dc -/- C:\WINDOWS\dc.exe
[00-PROCESS]**dllhost -/- C:\WINDOWS\system32\dllhost.exe
[00-PROCESS]**Explorer -/- C:\WINDOWS\Explorer.exe
[00-PROCESS]**FsUsbExService -/- C:\WINDOWS\system32\FsUsbExService.Exe
[00-PROCESS]**Fun -/- C:\WINDOWS\system\Fun.exe
[00-PROCESS]**HncChecker -/- C:\Program Files\Common Files\Hnc\HncUtils\HncChecker.exe
[00-PROCESS]**hpqgpc01 -/- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
[00-PROCESS]**IETab -/- C:\Program Files\IETab\IETab.exe
[00-PROCESS]**iexplore -/- C:\Program Files\Internet Explorer\iexplore.exe
[00-PROCESS]**imapi -/- C:\WINDOWS\system32\imapi.exe
[00-PROCESS]**IMJPMIG -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
[00-PROCESS]**IMKRMIG -/- C:\Program Files\Common Files\Microsoft Shared\IME12\IMEKR\IMKRMIG.EXE
[00-PROCESS]**locator -/- C:\WINDOWS\system32\locator.exe
[00-PROCESS]**lsass -/- C:\WINDOWS\system32\lsass.exe
[00-PROCESS]**minerd -/- C:\Documents and Settings\Administrator\Local Settings\Temp\minerd.exe
[00-PROCESS]**mnmsrvc -/- C:\WINDOWS\system32\mnmsrvc.exe
[00-PROCESS]**mscorsvw -/- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[00-PROCESS]**mscorsvw -/- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
[00-PROCESS]**msdtc -/- C:\WINDOWS\system32\msdtc.exe
[00-PROCESS]**msfeedssync -/- C:\WINDOWS\system32\msfeedssync.exe
[00-PROCESS]**msiexec -/- C:\WINDOWS\system32\msiexec.exe
[00-PROCESS]**natsvc -/- C:\Program Files\NAT Service\natsvc.exe
[00-PROCESS]**netdde -/- C:\WINDOWS\system32\netdde.exe
[00-PROCESS]**npkcmsvc -/- C:\WINDOWS\system32\npkcmsvc.exe
[00-PROCESS]**ODSERV -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[00-PROCESS]**OSE -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[00-PROCESS]**rsvp -/- C:\WINDOWS\system32\rsvp.exe
[00-PROCESS]**SCardSvr -/- C:\WINDOWS\System32\SCardSvr.exe
[00-PROCESS]**ScsiCommandService2 -/- C:\WINDOWS\system32\ScsiCommandService2.exe
[00-PROCESS]**services -/- C:\WINDOWS\system32\services.exe
[00-PROCESS]**sessmgr -/- C:\WINDOWS\system32\sessmgr.exe
[00-PROCESS]**smlogsvc -/- C:\WINDOWS\system32\smlogsvc.exe
[00-PROCESS]**smss -/- C:\WINDOWS\System32\smss.exe
[00-PROCESS]**SOUNDMAN -/- C:\WINDOWS\SOUNDMAN.EXE
[00-PROCESS]**spoolsv -/- C:\WINDOWS\system32\spoolsv.exe
[00-PROCESS]**svchost -/- C:\WINDOWS\system32\svchost.exe
[00-PROCESS]**SVIQ -/- C:\WINDOWS\SVIQ.EXE
[00-PROCESS]**TINTSETP -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
[00-PROCESS]**tlntsvr -/- C:\WINDOWS\system32\tlntsvr.exe
[00-PROCESS]**Tvzizb -/- C:\Documents and Settings\Administrator\Application Data\Tvzizb.exe
[00-PROCESS]**ups -/- C:\WINDOWS\System32\ups.exe
[00-PROCESS]**UtilZone -/- C:\Program Files\UtilZone\UtilZone.exe
[00-PROCESS]**vssvc -/- C:\WINDOWS\System32\vssvc.exe
[00-PROCESS]**winlogon -/- C:\WINDOWS\system32\winlogon.exe
[00-PROCESS]**wmiapsrv -/- C:\WINDOWS\system32\wbem\wmiapsrv.exe
[00-PROCESS]**wmiprvse -/- C:\WINDOWS\system32\wbem\wmiprvse.exe
[00-PROCESS]**WMPNetwk -/- C:\Program Files\Windows Media Player\WMPNetwk.exe
[00-PROCESS]**WPFFontCache_v0400 -/- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
[01-HKCUREG]**ALYac -/- C:\Program Files\ESTsoft\ALYac\AYLaunch.exe /run
[01-HKCUREG]**appis.exe -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\AppIs\appis.exe
[01-HKCUREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[01-HKCUREG]**dc -/- C:\WINDOWS\dc.exe
[01-HKCUREG]**dc2k5 -/- C:\WINDOWS\SVIQ.EXE
[01-HKCUREG]**Fun -/- C:\WINDOWS\system\Fun.exe
[01-HKCUREG]**HncUpdate -/- C:\Program Files\Common Files\Hnc\HncUtils\HncChecker.exe
[01-HKCUREG]**IETab -/- C:\Program Files\IETab\IETab.exe
[01-HKCUREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[01-HKCUREG]**KiesAirMessage -/- C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
[01-HKCUREG]**KiesPreload -/- C:\Program Files\Samsung\Kies\Kies.exe /preload
[01-HKCUREG]**KiesTrayAgent -/- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
[01-HKCUREG]**Microsoft DLL Registration -/- C:\Documents and Settings\Administrator\Application Data\regsrv64.exe
[01-HKCUREG]**NBKeyScan -/- C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
[01-HKCUREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[01-HKCUREG]**PHIME2002ASync -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
[01-HKCUREG]**SoundMan -/- SOUNDMAN.EXE
[01-HKCUREG]**Tvzizb -/- C:\Documents and Settings\Administrator\Application Data\Tvzizb.exe
[01-HKCUREG]**UtilZone -/- C:\Program Files\UtilZone\UtilZone.exe
[01-HKCUREG]**WINSXS32 -/- C:\Documents and Settings\Administrator\Application Data\13.exe
[02-HKLMREG]**ALYac -/- C:\Program Files\ESTsoft\ALYac\AYLaunch.exe /run
[02-HKLMREG]**appis.exe -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\AppIs\appis.exe
[02-HKLMREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[02-HKLMREG]**dc -/- C:\WINDOWS\dc.exe
[02-HKLMREG]**dc2k5 -/- C:\WINDOWS\SVIQ.EXE
[02-HKLMREG]**Fun -/- C:\WINDOWS\system\Fun.exe
[02-HKLMREG]**HncUpdate -/- C:\Program Files\Common Files\Hnc\HncUtils\HncChecker.exe
[02-HKLMREG]**IETab -/- C:\Program Files\IETab\IETab.exe
[02-HKLMREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[02-HKLMREG]**KiesAirMessage -/- C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
[02-HKLMREG]**KiesPreload -/- C:\Program Files\Samsung\Kies\Kies.exe /preload
[02-HKLMREG]**KiesTrayAgent -/- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
[02-HKLMREG]**Microsoft DLL Registration -/- C:\Documents and Settings\Administrator\Application Data\regsrv64.exe
[02-HKLMREG]**NBKeyScan -/- C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
[02-HKLMREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[02-HKLMREG]**PHIME2002ASync -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
[02-HKLMREG]**SoundMan -/- SOUNDMAN.EXE
[02-HKLMREG]**Tvzizb -/- C:\Documents and Settings\Administrator\Application Data\Tvzizb.exe
[02-HKLMREG]**UtilZone -/- C:\Program Files\UtilZone\UtilZone.exe
[02-HKLMREG]**WINSXS32 -/- C:\Documents and Settings\Administrator\Application Data\13.exe
[03-BHOCLSD]**Adobe PDF Link Helper -/- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll -/- {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
[03-BHOCLSD]**IETab -/- C:\Program Files\IETab\IETab.dll -/- {1EB1BC6A-0A39-420F-8F7B-9E797426A792}
[03-BHOCLSD]**IETab -/- C:\Program Files\IETab\IETab.dll -/- {B60FE1D2-2F84-42a7-AE04-03284738CC24}
[03-BHOCLSD]**NateSearchSafeBHO Class -/- C:\Program Files\NATEON\BIN\NateSearchSafe.dll -/- {39AA03A6-B5D9-4F47-99DF-1666A7B8D8E8}
[03-BHOCLSD]**UtilZone -/- C:\Program Files\UtilZone\UtilZone.dll -/- {1C5099DD-7923-45e8-9680-5F285DC61213}
[04-TOOLBAR]**N.A -/- N.A -/- {9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}
[05-SERVICE]**ALYac_RTSrv -/- ALYac RealTime Service -/- C:\Program Files\ESTsoft\ALYac\AYRTSrv.aye
[05-SERVICE]**ALYac_UpdSrv -/- ALYac Update Service -/- C:\Program Files\ESTsoft\ALYac\AYUpdSrv.aye
[05-SERVICE]**FsUsbExService -/- FsUsbExService -/- C:\WINDOWS\system32\FsUsbExService.Exe
[05-SERVICE]**hpqcxs08 -/- hpqcxs08 -/- C:\WINDOWS\system32\svchost.exe -/- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
[05-SERVICE]**napagent -/- Network Access Protection Agent -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\System32\qagentrt.dll
[05-SERVICE]**NATService -/- NATService -/- C:\Program Files\NAT Service\natsvc.exe
[05-SERVICE]**Net Driver HPZ12 -/- Net Driver HPZ12 -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\system32\HPZinw12.dll
[05-SERVICE]**NetTcpPortSharing -/- Net.Tcp Port Sharing Service -/- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
[05-SERVICE]**npkcmsvc -/- npkcmsvc -/- C:\WINDOWS\system32\npkcmsvc.exe
[05-SERVICE]**NWCWorkstation -/- Client Service for NetWare -/- C:\WINDOWS\system32\svchost.exe -/- C:\WINDOWS\System32\nwwks.dll
[05-SERVICE]**NwSapAgent -/- SAP Agent -/- C:\WINDOWS\system32\svchost.exe -/- C:\WINDOWS\System32\ipxsap.dll
[05-SERVICE]**odserv -/- Microsoft Office Diagnostics Service -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[05-SERVICE]**ose -/- Office Source Engine -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[05-SERVICE]**Pml Driver HPZ12 -/- Pml Driver HPZ12 -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\system32\HPZipm12.dll
[05-SERVICE]**ScsiCommandService2 -/- SCSI command service -/- C:\WINDOWS\system32\ScsiCommandService2.exe
[05-SERVICE]**WPFFontCache_v0400 -/- Windows Presentation Foundation Font Cache 4.0.0.0 -/- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe