Code : rniqz/SJsshIleBUC7MCxgLCnPvXqLZI5jEVfnwuCNM=

프로그램분석

Code : rniqz/SJsshIleBUC7MCxgLCnPvXqLZI5jEVfnwuCNM=

프로세스 천국 2013. 9. 20. 21:30

[00-PROCESS]**alg -/- C:\Windows\System32\alg.exe
[00-PROCESS]**armsvc -/- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
[00-PROCESS]**ASC -/- C:\Program Files\IObit\Advanced SystemCare 6\ASC.exe
[00-PROCESS]**ASCService -/- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
[00-PROCESS]**ASCTray -/- C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
[00-PROCESS]**aspnet_state -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
[00-PROCESS]**atbsvc -/- C:\Program Files\ESTsoft\ALToolBar\atbsvc.exe
[00-PROCESS]**atieclxx -/- C:\Windows\system32\atieclxx.exe
[00-PROCESS]**atiesrxx -/- C:\Windows\system32\atiesrxx.exe
[00-PROCESS]**AUDIODG -/- C:\Windows\system32\AUDIODG.EXE
[00-PROCESS]**c2c_service -/- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[00-PROCESS]**conhost -/- C:\Windows\system32\conhost.exe
[00-PROCESS]**csrss -/- C:\Windows\system32\csrss.exe
[00-PROCESS]**dausgqiz -/- C:\Windows\system32\dausgqiz.exe
[00-PROCESS]**DelayLoad -/- C:\Program Files\IObit\Advanced SystemCare 6\DelayLoad.exe
[00-PROCESS]**dllhost -/- C:\Windows\system32\dllhost.exe
[00-PROCESS]**Dwm -/- C:\Windows\system32\Dwm.exe
[00-PROCESS]**ehRecvr -/- C:\Windows\ehome\ehRecvr.exe
[00-PROCESS]**ehsched -/- C:\Windows\ehome\ehsched.exe
[00-PROCESS]**Explorer -/- C:\Windows\Explorer.EXE
[00-PROCESS]**FastLinkAgent -/- C:\Users\Administrator\AppData\Roaming\FastLink\FastLinkAgent.exe
[00-PROCESS]**FastPing -/- C:\Users\Administrator\AppData\Roaming\FastPing\FastPing.exe
[00-PROCESS]**FastPingAgent -/- C:\Users\Administrator\AppData\Roaming\FastPing\FastPingAgent.exe
[00-PROCESS]**FastPingLauncher -/- C:\Users\Administrator\AppData\Roaming\FastPing\FastPingLauncher.exe
[00-PROCESS]**FilenoriDownLoad -/- C:\Program Files\FileNori\FilenoriDownLoad.exe
[00-PROCESS]**FlashPlayerUpdateService -/- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00-PROCESS]**fxssvc -/- C:\Windows\system32\fxssvc.exe
[00-PROCESS]**hkcmd -/- C:\Windows\system32\hkcmd.exe
[00-PROCESS]**IEXPLORE -/- C:\Program Files\Internet Explorer\IEXPLORE.EXE
[00-PROCESS]**igfxpers -/- C:\Windows\system32\igfxpers.exe
[00-PROCESS]**igfxtray -/- C:\Windows\system32\igfxtray.exe
[00-PROCESS]**ImageSAFERSvc -/- C:\Windows\ImageSAFERSvc.exe
[00-PROCESS]**IMFsrv -/- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
[00-PROCESS]**infocard -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
[00-PROCESS]**InputPersonalization -/- C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
[00-PROCESS]**InstHelper -/- C:\Program Files\ESTsoft\ALToolBar\InstHelper.exe
[00-PROCESS]**IntelCpHeciSvc -/- C:\Windows\system32\IntelCpHeciSvc.exe
[00-PROCESS]**locator -/- C:\Windows\system32\locator.exe
[00-PROCESS]**lsass -/- C:\Windows\system32\lsass.exe
[00-PROCESS]**lsm -/- C:\Windows\system32\lsm.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
[00-PROCESS]**msdtc -/- C:\Windows\System32\msdtc.exe
[00-PROCESS]**msiexec -/- C:\Windows\system32\msiexec.exe
[00-PROCESS]**NaverAdminAPISvc -/- C:\Program Files\Naver\NaverCommon\NaverAdminAPISvc.exe
[00-PROCESS]**perfhost -/- C:\Windows\system32\perfhost.exe
[00-PROCESS]**PresentationFontCache -/- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
[00-PROCESS]**ProcessClean -/- C:\Program Files\ProcessClean\ProcessClean.exe
[00-PROCESS]**ProcessClean64 -/- C:\Users\Administrator\Documents\ProcessClean\ProcessClean64.exe
[00-PROCESS]**ProcLauncher -/- C:\Users\Administrator\Documents\ProcessClean\ProcLauncher.exe
[00-PROCESS]**ProcService -/- C:\Users\Administrator\Documents\ProcessClean\ProcService.exe
[00-PROCESS]**RAVCpl64 -/- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
[00-PROCESS]**SearchIndexer -/- C:\Windows\system32\SearchIndexer.exe
[00-PROCESS]**services -/- C:\Windows\system32\services.exe
[00-PROCESS]**snmptrap -/- C:\Windows\System32\snmptrap.exe
[00-PROCESS]**spoolsv -/- C:\Windows\System32\spoolsv.exe
[00-PROCESS]**sppsvc -/- C:\Windows\system32\sppsvc.exe
[00-PROCESS]**svchost -/- C:\Windows\system32\svchost.exe
[00-PROCESS]**taskhost -/- C:\Windows\system32\taskhost.exe
[00-PROCESS]**TrustedInstaller -/- C:\Windows\servicing\TrustedInstaller.exe
[00-PROCESS]**UI0Detect -/- C:\Windows\system32\UI0Detect.exe
[00-PROCESS]**Updater -/- C:\Program Files\Skype\Updater\Updater.exe
[00-PROCESS]**V3LSvc -/- C:\Program Files\AhnLab\V3Lite\V3LSvc.exe
[00-PROCESS]**V3LTray -/- C:\Program Files\AhnLab\V3Lite\V3LTray.exe
[00-PROCESS]**vds -/- C:\Windows\System32\vds.exe
[00-PROCESS]**vssvc -/- C:\Windows\system32\vssvc.exe
[00-PROCESS]**WatAdminSvc -/- C:\Windows\system32\Wat\WatAdminSvc.exe
[00-PROCESS]**wbengine -/- C:\Windows\system32\wbengine.exe
[00-PROCESS]**wininit -/- C:\Windows\system32\wininit.exe
[00-PROCESS]**winlogon -/- C:\Windows\system32\winlogon.exe
[00-PROCESS]**winnetplus -/- C:\Program Files\FileNori\winnetplus.exe
[00-PROCESS]**WLIDSVC -/- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
[00-PROCESS]**WLIDSvcM -/- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
[00-PROCESS]**WmiApSrv -/- C:\Windows\system32\wbem\WmiApSrv.exe
[00-PROCESS]**wmiprvse -/- C:\Windows\system32\wbem\wmiprvse.exe
[00-PROCESS]**wmpnetwk -/- C:\Program Files\Windows Media Player\wmpnetwk.exe
[01-HKCUREG]**Advanced SystemCare 6 -/- C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe /AutoStart
[01-HKCUREG]**AhnLab V3Lite Tray Process -/- C:\Program Files\AhnLab\V3Lite\V3LTray.exe /logon
[01-HKCUREG]**ALToolBar -/- C:\Program Files\ESTsoft\ALToolBar\InstHelper.exe -boot
[01-HKCUREG]**e10w -/- C:\Windows\system32\dausgqiz.exe
[01-HKCUREG]**FastLinkAgent -/- C:\Users\Administrator\AppData\Roaming\FastLink\FastLinkAgent.exe
[01-HKCUREG]**FastPingAgent -/- C:\Users\Administrator\AppData\Roaming\FastPing\FastPingAgent.exe
[01-HKCUREG]**HotKeysCmds -/- C:\Windows\system32\hkcmd.exe
[01-HKCUREG]**IgfxTray -/- C:\Windows\system32\igfxtray.exe
[01-HKCUREG]**Persistence -/- C:\Windows\system32\igfxpers.exe
[01-HKCUREG]**ProcessClean -/- C:\Program Files\ProcessClean\ProcessClean.exe
[01-HKCUREG]**RTHDVCPL -/- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
[02-HKLMREG]**Advanced SystemCare 6 -/- C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe /AutoStart
[02-HKLMREG]**AhnLab V3Lite Tray Process -/- C:\Program Files\AhnLab\V3Lite\V3LTray.exe /logon
[02-HKLMREG]**ALToolBar -/- C:\Program Files\ESTsoft\ALToolBar\InstHelper.exe -boot
[02-HKLMREG]**e10w -/- C:\Windows\system32\dausgqiz.exe
[02-HKLMREG]**FastLinkAgent -/- C:\Users\Administrator\AppData\Roaming\FastLink\FastLinkAgent.exe
[02-HKLMREG]**FastPingAgent -/- C:\Users\Administrator\AppData\Roaming\FastPing\FastPingAgent.exe
[02-HKLMREG]**HotKeysCmds -/- C:\Windows\system32\hkcmd.exe
[02-HKLMREG]**IgfxTray -/- C:\Windows\system32\igfxtray.exe
[02-HKLMREG]**Persistence -/- C:\Windows\system32\igfxpers.exe
[02-HKLMREG]**ProcessClean -/- C:\Program Files\ProcessClean\ProcessClean.exe
[02-HKLMREG]**RTHDVCPL -/- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
[03-BHOCLSD]**ALToolbarBho -/- C:\Program Files\ESTsoft\ALToolBar\ALToolBar_3100.dll -/- {7F1A79F9-78D1-4186-9F60-EE0B63DF042A}
[03-BHOCLSD]**Microsoft 계정 로그인 도우미 -/- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll -/- {9030D464-4C02-4ABF-8ECC-5164760863C6}
[03-BHOCLSD]**N.A -/- N.A -/- {000011A1-74C9-4c7e-9B4E-59B5765CF409}
[03-BHOCLSD]**N.A -/- N.A -/- {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[03-BHOCLSD]**N.A -/- N.A -/- {F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
[03-BHOCLSD]**Skype add-on for Internet Explorer -/- C:\Program Files\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll -/- {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
[03-BHOCLSD]**Windows Live ID Sign-in Helper -/- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll -/- {9030D464-4C02-4ABF-8ECC-5164760863C6}
[04-TOOLBAR]**ALToolBar -/- C:\Program Files\ESTsoft\ALToolBar\ALToolBar_3100.dll -/- {38FBE93D-4CA1-4414-AF6A-94920C5BD8DA}
[05-SERVICE]**AdobeARMservice -/- Adobe Acrobat Update Service -/- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
[05-SERVICE]**AdobeFlashPlayerUpdateSvc -/- Adobe Flash Player Update Service -/- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[05-SERVICE]**AdvancedSystemCareService6 -/- Advanced SystemCare Service 6 -/- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
[05-SERVICE]**AMD External Events Utility -/- AMD External Events Utility -/- C:\Windows\system32\atiesrxx.exe
[05-SERVICE]**cphs -/- Intel(R) Content Protection HECI Service -/- C:\Windows\system32\IntelCpHeciSvc.exe
[05-SERVICE]**FontCache -/- Windows Font Cache Service -/- C:\Windows\system32\svchost.exe -/- C:\Windows\system32\FntCache.dll
[05-SERVICE]**gpsvc -/- Group Policy Client -/- C:\Windows\system32\svchost.exe -/- C:\Windows\System32\gpsvc.dll
[05-SERVICE]**Image Protection -/- Image Protect Service -/- C:\Windows\ImageSAFERSvc.exe
[05-SERVICE]**IMFservice -/- IMF Service -/- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
[05-SERVICE]**Naver Updater -/- Naver Updater -/- C:\Program Files\Naver\NaverCommon\NaverAdminAPISvc.exe
[05-SERVICE]**NetMsmqActivator -/- Net.Msmq Listener Adapter -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe -NetMsmqActivator
[05-SERVICE]**NetPipeActivator -/- Net.Pipe Listener Adapter -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
[05-SERVICE]**NetTcpActivator -/- Net.Tcp Listener Adapter -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
[05-SERVICE]**NetTcpPortSharing -/- Net.Tcp Port Sharing Service -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
[05-SERVICE]**npggsvc -/- nProtect GameGuard Service -/- C:\Windows\system32\GameMon.des -service
[05-SERVICE]**PerfHost -/- Performance Counter DLL Host -/- C:\Windows\system32\perfhost.exe
[05-SERVICE]**PnkBstrA -/- PnkBstrA -/- C:\Windows\system32\PnkBstrA.exe
[05-SERVICE]**Process Clean Service -/- Process Clean Service -/- C:\Users\Administrator\Documents\ProcessClean\ProcService.exe
[05-SERVICE]**Skype C2C Service -/- Skype C2C Service -/- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[05-SERVICE]**SkypeUpdate -/- Skype Updater -/- C:\Program Files\Skype\Updater\Updater.exe
[05-SERVICE]**TCCheckAgent -/- TCCheckAgent -/- C:\Program Files\AdvTopC\TCCheckAgent.exe
[05-SERVICE]**V3 Lite Service -/- V3 Lite Service -/- C:\Program Files\AhnLab\V3Lite\V3LSvc.exe
[05-SERVICE]**WinnetPlusService -/- WinnetPlusService -/- C:\Program Files\FileNori\winnetplus.exe
[05-SERVICE]**wlidsvc -/- Windows Live ID Sign-in Assistant -/- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
[06-TASKLST]**Adobe Flash Player Updater -/- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe