http://kanmay.cafe24.com/gfx.exe

프로그램분석

http://kanmay.cafe24.com/gfx.exe

프로세스 천국 2013. 10. 3. 09:35

[00-PROCESS]**alg -/- C:\Windows\System32\alg.exe
[00-PROCESS]**bkcount -/- C:\Program Files\UTECH\bkcount.exe
[00-PROCESS]**bkpops -/- C:\Program Files\bkpop\bkpops.exe
[00-PROCESS]**bksvc -/- C:\Program Files\UTECH\bksvc.exe
[00-PROCESS]**csrss -/- C:\Windows\system32\csrss.exe
[00-PROCESS]**dllhost -/- C:\Windows\system32\dllhost.exe
[00-PROCESS]**Dwm -/- C:\Windows\system32\Dwm.exe
[00-PROCESS]**ehRecvr -/- C:\Windows\ehome\ehRecvr.exe
[00-PROCESS]**ehsched -/- C:\Windows\ehome\ehsched.exe
[00-PROCESS]**Explorer -/- C:\Windows\Explorer.EXE
[00-PROCESS]**Foxcorn -/- C:\Users\Administrator\AppData\Roaming\Microsoft\FoxPlugin\Tools\Foxcorn.exe
[00-PROCESS]**FreeApp -/- C:\Windows\system32\MicrowindowSearch\FreeApp.exe
[00-PROCESS]**fxcom -/- C:\Users\Administrator\AppData\Roaming\Microsoft\FoxPlugin\Tools\fxcom.exe
[00-PROCESS]**fxssvc -/- C:\Windows\system32\fxssvc.exe
[00-PROCESS]**infocard -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
[00-PROCESS]**locator -/- C:\Windows\system32\locator.exe
[00-PROCESS]**lsass -/- C:\Windows\system32\lsass.exe
[00-PROCESS]**lsm -/- C:\Windows\system32\lsm.exe
[00-PROCESS]**metablogagent -/- C:\Users\Administrator\AppData\Local\MetablogNewIssues\metablogagent.exe
[00-PROCESS]**MetablogNewIssues -/- C:\Users\Administrator\AppData\Local\MetablogNewIssues\MetablogNewIssues.exe
[00-PROCESS]**MicrowindowSearch -/- C:\Windows\system32\MicrowindowSearch\MicrowindowSearch.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
[00-PROCESS]**msdtc -/- C:\Windows\System32\msdtc.exe
[00-PROCESS]**msiexec -/- C:\Windows\system32\msiexec.exe
[00-PROCESS]**pcm -/- C:\Users\Administrator\AppData\Roaming\pcm\pcm.exe
[00-PROCESS]**pcmagent -/- C:\Users\Administrator\AppData\Roaming\pcm\pcmagent.exe
[00-PROCESS]**perfhost -/- C:\Windows\system32\perfhost.exe
[00-PROCESS]**pmu -/- C:\Users\Administrator\AppData\Roaming\pmu\pmu.exe
[00-PROCESS]**pmuagent -/- C:\Users\Administrator\AppData\Roaming\pmu\pmuagent.exe
[00-PROCESS]**PresentationFontCache -/- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
[00-PROCESS]**SearchIndexer -/- C:\Windows\system32\SearchIndexer.exe
[00-PROCESS]**services -/- C:\Windows\system32\services.exe
[00-PROCESS]**SmartWeb -/- C:\Program Files\SmartWeb\SmartWeb.exe
[00-PROCESS]**SmartWebAgent -/- C:\Program Files\SmartWeb\SmartWebAgent.exe
[00-PROCESS]**snmptrap -/- C:\Windows\System32\snmptrap.exe
[00-PROCESS]**speedscan -/- C:\Program Files\speedscan\speedscan.exe
[00-PROCESS]**speedscanse -/- C:\Program Files\speedscan\speedscanse.exe
[00-PROCESS]**speedscanu -/- C:\Program Files\speedscan\speedscanu.exe
[00-PROCESS]**spoolsv -/- C:\Windows\System32\spoolsv.exe
[00-PROCESS]**sppsvc -/- C:\Windows\system32\sppsvc.exe
[00-PROCESS]**svchost -/- C:\Windows\system32\svchost.exe
[00-PROCESS]**taskeng -/- C:\Windows\system32\taskeng.exe
[00-PROCESS]**taskhost -/- C:\Windows\system32\taskhost.exe
[00-PROCESS]**TrustedInstaller -/- C:\Windows\servicing\TrustedInstaller.exe
[00-PROCESS]**UI0Detect -/- C:\Windows\system32\UI0Detect.exe
[00-PROCESS]**upenkr -/- C:\Users\Administrator\AppData\Roaming\Microsoft\FoxPlugin\Tools\upenkr.exe
[00-PROCESS]**vds -/- C:\Windows\System32\vds.exe
[00-PROCESS]**vssvc -/- C:\Windows\system32\vssvc.exe
[00-PROCESS]**wbengine -/- C:\Windows\system32\wbengine.exe
[00-PROCESS]**wellbinga -/- C:\Program Files\wellbinga\wellbinga.exe
[00-PROCESS]**wellbingup -/- C:\Program Files\wellbinga\wellbingup.exe
[00-PROCESS]**wellclean -/- C:\Program Files\wellbinga\wellclean.exe
[00-PROCESS]**WEUninstall_s2vdk -/- C:\Program Files\WinExpand_s2vdk\WEUninstall_s2vdk.EXE
[00-PROCESS]**WindowServiceNT -/- C:\Windows\system32\WindowServiceNT.exe
[00-PROCESS]**windowstab -/- C:\Users\Administrator\AppData\Local\windowstab\windowstab.exe
[00-PROCESS]**windowstab_mon -/- C:\Users\Administrator\AppData\Local\windowstab\windowstab_mon.exe
[00-PROCESS]**windowstab_uc -/- C:\Users\Administrator\AppData\Local\windowstab\windowstab_uc.exe
[00-PROCESS]**windowstab_unins -/- C:\Users\Administrator\AppData\Local\windowstab\windowstab_unins.exe
[00-PROCESS]**wininit -/- C:\Windows\system32\wininit.exe
[00-PROCESS]**winlogon -/- C:\Windows\system32\winlogon.exe
[00-PROCESS]**WinxpendUP_s2vdk -/- C:\Program Files\WinExpand_s2vdk\WinxpendUP_s2vdk.exe
[00-PROCESS]**WmiApSrv -/- C:\Windows\system32\wbem\WmiApSrv.exe
[00-PROCESS]**wmiprvse -/- C:\Windows\system32\wbem\wmiprvse.exe
[00-PROCESS]**wmpnetwk -/- C:\Program Files\Windows Media Player\wmpnetwk.exe
[01-HKCUREG]**baduk -/- C:\Program Files\bkpop\bkpops.exe
[01-HKCUREG]**dwmtools -/- C:\Users\Administrator\AppData\Roaming\opensearchGT\dwmtools.exe Runcmd
[01-HKCUREG]**Fox-Corn -/- C:\Users\Administrator\AppData\Roaming\Microsoft\FoxPlugin\Tools\upenkr.exe
[01-HKCUREG]**metablogagent -/- C:\Users\Administrator\AppData\Local\MetablogNewIssues\metablogagent.exe
[01-HKCUREG]**MetablogNewIssues -/- C:\Users\Administrator\AppData\Local\MetablogNewIssues\MetablogNewIssues.exe /byboot
[01-HKCUREG]**MicrowindowSearch -/- C:\WINDOWS\system32\MicrowindowSearch\MicrowindowSearch.exe
[01-HKCUREG]**wellbinga -/- C:\Program Files\wellbinga\wellbingup.exe
[02-HKLMREG]**baduk -/- C:\Program Files\bkpop\bkpops.exe
[02-HKLMREG]**dwmtools -/- C:\Users\Administrator\AppData\Roaming\opensearchGT\dwmtools.exe Runcmd
[02-HKLMREG]**Fox-Corn -/- C:\Users\Administrator\AppData\Roaming\Microsoft\FoxPlugin\Tools\upenkr.exe
[02-HKLMREG]**metablogagent -/- C:\Users\Administrator\AppData\Local\MetablogNewIssues\metablogagent.exe
[02-HKLMREG]**MetablogNewIssues -/- C:\Users\Administrator\AppData\Local\MetablogNewIssues\MetablogNewIssues.exe /byboot
[02-HKLMREG]**MicrowindowSearch -/- C:\WINDOWS\system32\MicrowindowSearch\MicrowindowSearch.exe
[02-HKLMREG]**wellbinga -/- C:\Program Files\wellbinga\wellbingup.exe
[05-SERVICE]**ApplicationSpecialManagement -/- Application Special Management -/- C:\Windows\system32\WindowServiceNT.exe
[05-SERVICE]**bkpops -/- bkpops 서비스 -/- C:\Program Files\UTECH\bksvc.exe
[05-SERVICE]**NetTcpPortSharing -/- Net.Tcp Port Sharing Service -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
[05-SERVICE]**PerfHost -/- Performance Counter DLL Host -/- C:\Windows\system32\perfhost.exe
[05-SERVICE]**speedscanService -/- speedscan Service -/- C:\Program Files\speedscan\speedscanse.exe
[06-TASKLST]**PC_Clean_Optimizer -/- C:\Program Files\PCO\PCOUpdate.exe
[06-TASKLST]**pcm -/- C:\Users\Administrator\AppData\Roaming\pcm\pcmagent.exe
[06-TASKLST]**pmu -/- C:\Users\Administrator\AppData\Roaming\pmu\pmuagent.exe
[06-TASKLST]**SWSTART -/- C:\Program Files\SmartWeb\SmartWebAgent.exe
[06-TASKLST]**Window_Network_Manager -/- C:\Program Files\Window Network Manager\WindowNetworkManager.exe
[06-TASKLST]**WinExpandUpdate_s2vdk -/- C:\Program Files\WinExpand_s2vdk\WinxpendUP_s2vdk.exe

NA00001 112.121.188.18/*.***
NA00002 119.81.54.84/nvtry*.***
NA00003 ad.syndiapi.com/AppTag/OptionCnt*.***
NA00004 ad.topclick.kr/ad/dblinkpr_xml*.***
NA00005 ad.topclick.kr/down/WindowNetworkManage_code67*.***
NA00006 admin.adplatform.kr/adsearch.php?mac=000C2961CEE7&ip=192.168.1.**.***
NA00007 admin.adplatform.kr/app/domain_under.php?domain=needfile.co.kr&**.***
NA00008 api.admatching.co.kr/admatching/closequerymatchlist*.***
NA00009 api.admatching.co.kr/admatching/info.php?pid=ad060&cid=000c2961**.***
NA00010 api.admatching.co.kr/admatching/matchsitelist.php?pid=ad060&cid**.***
NA00011 api.admatching.co.kr/admatching/ovt_log.php?pid=ad060&cid=000c2**.***
NA00012 api.admatching.co.kr/admatching/titlematchlist*.***
NA00013 api.admatching.co.kr/admatching/update_mb.php?pid=ad060&cid=000**.***
NA00014 api.admatching.co.kr/admatching/urlmatchlist.php?pid=ad060&cid=**.***
NA00015 api.admatching.co.kr/admatching/urlmatchlist_coworker.php?pid=a**.***
NA00016 api.admatching.co.kr/admatching/urlmatchlist_merchant.php?pid=a**.***
NA00017 cdp1.public-trust.com/CRL/Omniroot2025*.***
NA00018 clients1.google.com/ocsp/MEkwRzBFMEMwQTAJBgUrDgMCGgUABBTy4Gr5hY**.***
NA00019 config.adplatform.kr/?a*.***
NA00020 count.adplatform.kr/?mode=execute&app=5&ip=192.168.1.3&mac=000C**.***
NA00021 count.adplatform.kr/?mode=install&app=5&ip=192.168.1.3&mac=000C**.***
NA00022 counter.microwindowsearch.com/analysis/ins.php?pid=MicrowindowS**.***
NA00023 counter.microwindowsearch.com/analysis/live.php?uq=MicrowindowS**.***
NA00024 counter.microwindowsearch.com/analysis/up.php?uq=&pid=microwind**.***
NA00025 crl.geotrust.com/crls/secureca*.***
NA00026 crl.omniroot.com/PublicSureServerSV*.***
NA00027 crl.verisign.com/pca3*.***
NA00028 cypartnerpds.nowcdn.co.kr/WinExpand/weinstall_s2vdk*.***
NA00029 dnsaddress.co.kr/cnt/index_pre.php?pid=dns06&ty*.***
NA00030 down.admatching.co.kr/download/mb/fpds/metablogagent*.***
NA00031 down.admatching.co.kr/download/mb/fpds/MetablogNewIssues*.***
NA00032 down.admatching.co.kr/download/mb/fpds/newissue*.***
NA00033 down.blogdanawa.com/down/adInstall_ad060*.***
NA00034 down.dnsaddress.co.kr/file/Windowsopensearch_dns06_hinst*.***
NA00035 down.utilbada.com/pds/2013/08/01/videocacheview.zip.8af6f1773e5**.***
NA00036 download.lnimarketing.co.kr/licensefile/PCO_License*.***
NA00037 download.lnimarketing.co.kr/setupfile/pco/PCOInstall_5*.***
NA00038 download.lnimarketing.co.kr/updatefile/plugin/PCClean*.***
NA00039 download.lnimarketing.co.kr/updatefile/plugin/timead/safe_pco.d**.***
NA00040 evsecure-ocsp.verisign.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRFp9TU**.***
NA00041 evsecure-ocsp.verisign.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS56bKH**.***
NA00042 file.muuk.co.kr/app/windowstab/windowstab/install*.***
NA00043 file.muuk.co.kr/app/windowstab/windowstab/windowstab*.***
NA00044 file.muuk.co.kr/app/windowstab/windowstab/windowstab_ins*.***
NA00045 file.muuk.co.kr/app/windowstab/windowstab/windowstab_mon*.***
NA00046 file.muuk.co.kr/app/windowstab/WindowsTabSetup_utilbada*.***
NA00047 gtglobal-ocsp.geotrust.com/MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkX**.***
NA00048 honorzone.co.kr/check/honor2/update/dns*.***
NA00049 honorzone.co.kr/check/powerbooking/check*.***
NA00050 honorzone.co.kr/cnt/index.php?pid=honor2&ty*.***
NA00051 honorzone.co.kr/cnt/index.php?pid=powerbooking&ty*.***
NA00052 honorzone.co.kr/v2/check/honorzone*.***
NA00053 honorzone.co.kr/v2/check2/check*.***
NA00054 infob.co.kr/cnt/index.php?pid=addmsd&ty*.***
NA00055 lottofriend.co.kr/images/logo*.***
NA00056 moviz.co.kr/11st_11*.***
NA00057 moviz.co.kr/gmarket*.***
NA00058 moviz.co.kr/logo*.***
NA00059 mscrl.microsoft.com/pki/mscorp/crl/mswww(6)*.***
NA00060 ocsp.comodoca.com/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRxWv5TeSWHeCg1M**.***
NA00061 ocsp.usertrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8sWZUnKvbRO5i**.***
NA00062 ocsp.verisign.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRIt2RJ89X%2B%2B**.***
NA00063 ocsp.verisign.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS56bKHAoUD%2BOy**.***
NA00064 ocsp.verisign.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSpuCE3aK3GivZPz**.***
NA00065 ocsp.verisign.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTA%2FgJ4%2FJkYi**.***
NA00066 ocsp.verisign.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTSqZMG5M8TA9rdz**.***
NA00067 openkeyword.co.kr/mmsv/Access3.php?MyMode=i&MyPartner=pcmom&MyV**.***
NA00068 pcmom.co.kr/app/pcm3/analytics/_admin/banner/bannerView.php?typ**.***
NA00069 pcmom.co.kr/app/pcm3/analytics/_admin/banner/img/9959c23360e256**.***
NA00070 pcmom.co.kr/app/pcm3/download/pcm_partner*.***
NA00071 qcounter.co.kr/LogReceiver/LR.log?kind=0&ist_yn=0&ptn_name=Free**.***
NA00072 qcounter.co.kr/LogReceiver/LR.log?kind=0&ist_yn=0&ptn_name=PCCl**.***
NA00073 searchmall.vipweb.kr/bathcharmstore/bathcharmstore_link*.***
NA00074 setup.adplatform.kr/setup.php?a*.***
NA00075 setup.lnimarketing.co.kr/PCOSetup_5_Hide*.***
NA00076 smartw.co.kr/mmsv/Access3.php?MyMode=i&MyPartner=raonmedia&MyVa**.***
NA00077 sodisk.net/cpl.php?p_id=c*.***
NA00078 speedscan.co.kr/sserz.php?vcID=raon&asdlPC=00:0C:29:61:CE:E7&eo**.***
NA00079 speedscan.co.kr/vvqe.php?lknmMode=run&vcID=raon&asdlPC=00:0C:29**.***
NA00080 speedscan.co.kr/vvqe.php?lknmMode=setup&vcID=raon&asdlPC=00:0C:**.***
NA00081 sub.smartw.co.kr/opapp/raonmedia/app/download/smartweb_silent.e**.***
NA00082 sub.smartw.co.kr/opapp/raonmedia/app/update/update*.***
NA00083 t.openpotservice.com/AppTag/OptionCnt*.***
NA00084 update.adplatform.kr/update.php?a*.***
NA00085 update.enkrs.com/download/foxcat*.***
NA00086 update.enkrs.com/setup/enkr_15*.***
NA00087 update.enkrs.com/setup/enkr_23*.***
NA00088 update.enkrs.com/upenkr*.***
NA00089 update.mylinks.kr/MicrowindowSearch/download/makeguid*.***
NA00090 update.mylinks.kr/MicrowindowSearch/MicrowindowSearch*.***
NA00091 update.mylinks.kr/MicrowindowSearch/MicrowindowSearch_Setup_sil**.***
NA00092 update.speedscan.co.kr*.***
NA00093 update.speedscan.co.kr/sdbdq/speedscansetup_raon*.***
NA00094 update.speedscan.co.kr/zbza/meter*.***
NA00095 update.speedscan.co.kr/zbza/Ski*.***
NA00096 update.speedscan.co.kr/zbza/speedscan*.***
NA00097 update.speedscan.co.kr/zbza/speedscanse*.***
NA00098 update.speedscan.co.kr/zbza/speedscanu*.***
NA00099 update.speedscan.co.kr/zbza/uninst_speedscan*.***
NA00100 update.ucfdb.co.kr/version/except/excp*.***
NA00101 update.wellbinga.kr/setup/Setup_4*.***
NA00102 update.wellbinga.kr/wellbingup*.***
NA00103 upstat.speedscan.co.krAPP/ck_setup.php?m=00:0C:29:61:CE:E7&d=**.***
NA00104 utilbada.com/down2/icon*.***
NA00105 utilbada.com/down2/lottofriend*.***
NA00106 utilbada.com/down2/WinExpandSetup_vipdisk*.***
NA00107 werpingad.com/partner/a*.***
NA00108 werpingad.com/partner/c.php?m=b&mac=000C2961CEE7&p=codene*.***
NA00109 werpingad.com/partner/c.php?m=i&mac=000C2961CEE7&f=WindowNetwor**.***
NA00110 werpingad.com/partner/dl*.***
NA00111 werpingad.com/partner/img/close*.***
NA00112 werpingad.com/partner/pgm/WindowNetworkManager*.***
NA00113 werpingad.com/partner/s*.***
NA00114 werpingad.com/partner/s.php?p=*.***
NA00115 werpingad.com/partner/x*.***
NA00116 withblogger.net/updateserver/wnm/%5Csetting*.***
NA00155 ww*.gstatic.com/GoogleInternetAuthority/GoogleInternetAuthority**.***
NA00156 ww*.hankooki.com/corp_company/pcmom/newslist*.***
NA00157 ww*.hankooki.com/corp_company/pcmom/toplist*.***
NA00158 ww*.msftncsi.com/ncsi*.***
NA00159 ww*.muuk.co.kr/app/windowstab/windowstab.php?kind=ins&pt=utilba**.***
NA00160 ww*.muuk.co.kr/app/windowstab/windowstab.php?kind=install&pt=ut**.***
NA00161 ww*.muuk.co.kr/app/windowstab/windowstab.php?kind=tab&pt=utilba**.***
NA00162 ww*.muuk.co.kr/app/windowstab/windowstab.php?kind=update&pt=uti**.***
NA00163 ww*.muuk.co.kr/count/windowstab/boot.php?pt=utilbada&mc=00-0C-2**.***
NA00164 ww*.muuk.co.kr/count/windowstab/install.php?pt=utilbada&mc=00-0**.***
NA00165 ww*.needfile.co.kr/app_linkage/app_download.php?p=2&u=1*.***
NA00166 ww*.needfile.co.kr/down2/dnfile_101216.ini*.***
NA00167 ww*.needfile.co.kr/down2/find_dnfile.php?u=2-12248_videocachevi**.***
NA00168 ww*.pcmom.co.kr/app/pcm3/advert/advert*.***
NA00169 ww*.pcmom.co.kr/app/pcm3/analytics/request/count.php?mode=pcm3_**.***
NA00170 ww*.pcmom.co.kr/app/pcm3/config/config*.***
NA00171 ww*.pcmom.co.kr/app/pcm3/download/pattern*.***
NA00172 ww*.pcmom.co.kr/app/pcm3/update/agent*.***
NA00173 ww*.pcmom.co.kr/app/pcm3/update/update*.***
NA00174 ww*.pcmom.co.kr/app/pmu/analytics/request/count.php?mode=app_bo**.***
NA00175 ww*.pcmom.co.kr/app/pmu/analytics/request/count.php?mode=app_ex**.***
NA00176 ww*.pcmom.co.kr/app/pmu/analytics/request/count.php?mode=app_in**.***
NA00177 ww*.pcmom.co.kr/app/pmu/config/advert*.***
NA00178 ww*.pcmom.co.kr/app/pmu/download/pmu_agent*.***
NA00179 ww*.pcmom.co.kr/app/pmu/update/update*.***
NA00180 ww*.public-trust.com/cgi-bin/CRL/2018/cdp*.***
NA00181 ww*.speedscan.co.kr/APP/pf_ck.php?lay1=*.***
NA00182 ww*.speedscan.co.kr/APP/stat.php?lay1=1&sdlkf2=raon&qer3=a3t6e3**.***
NA00183 ww*.speedscan.co.kr/APP/stat.php?lay1=1&sdlkf2=raon&qer3=OjU5Oj**.***
NA00184 ww*.speedscan.co.kr/APP/stat.php?lay1=2&sdlkf2=raon&q*.***
NA00185 ww*.speedscan.co.kr/APP/stat.php?lay1=2&sdlkf2=raon&qer3=cHx8eE**.***
NA00186 ww*.speedscan.co.kr/drrq*.***
NA00187 ww*.speedscan.co.kr/mzcx.php?lay1=raon&sdlkf2=00:0C:29:61:CE:E7**.***
NA00188 ww*.winexpand.kr/app_inc/config_n2.php?kind=install&pid=vipdisk**.***
NA00189 ww*.winexpand.kr/app_inc/counter.php?counterv=winexpand&kind=i&**.***
NA00190 ww*.winexpand.kr/app_inc/WinExpand*.***
NA00191 ww*.winexpand.kr/app_inc/WinExpandSelect*.***
NA00192 youn1104.cafe24.com/ace03*.***