Code : wa5zA8owpYrOnDmZhwiYjKy6QKLFHQOy5z4zDrFImV4=

프로그램분석

Code : wa5zA8owpYrOnDmZhwiYjKy6QKLFHQOy5z4zDrFImV4=

프로세스 천국 2013. 10. 8. 14:55

[00-PROCESS]**alg -/- C:\WINDOWS\System32\alg.exe
[00-PROCESS]**aspnet_state -/- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
[00-PROCESS]**cisvc -/- C:\WINDOWS\system32\cisvc.exe
[00-PROCESS]**clipsrv -/- C:\WINDOWS\system32\clipsrv.exe
[00-PROCESS]**CnxDIAS -/- C:\Program Files\Canon\DIAS\CnxDIAS.exe
[00-PROCESS]**conime -/- C:\WINDOWS\system32\conime.exe
[00-PROCESS]**ctfmon -/- C:\WINDOWS\system32\ctfmon.exe
[00-PROCESS]**dllhost -/- C:\WINDOWS\system32\dllhost.exe
[00-PROCESS]**EvtEng -/- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
[00-PROCESS]**Explorer -/- C:\WINDOWS\Explorer.EXE
[00-PROCESS]**FlashPlayerUpdateService -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00-PROCESS]**fph -/- C:\Program Files\Fasoo DRM\fph.exe
[00-PROCESS]**GoogleCrashHandler -/- C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
[00-PROCESS]**GoogleUpdate -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[00-PROCESS]**GROOVE -/- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
[00-PROCESS]**HanMemo -/- C:\Program Files\HanMemo\HanMemo.exe
[00-PROCESS]**hkcmd -/- C:\WINDOWS\system32\hkcmd.exe
[00-PROCESS]**HncChecker -/- C:\Program Files\Hnc\HncUtils\HncChecker.exe
[00-PROCESS]**IEXPLORE -/- C:\Program Files\Internet Explorer\IEXPLORE.EXE
[00-PROCESS]**ifrmewrk -/- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
[00-PROCESS]**igfxpers -/- C:\WINDOWS\system32\igfxpers.exe
[00-PROCESS]**igfxsrvc -/- C:\WINDOWS\system32\igfxsrvc.exe
[00-PROCESS]**igfxtray -/- C:\WINDOWS\system32\igfxtray.exe
[00-PROCESS]**imapi -/- C:\WINDOWS\system32\imapi.exe
[00-PROCESS]**IMEDICTUPDATE -/- C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE
[00-PROCESS]**IMEKLMG -/- C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE
[00-PROCESS]**IMJPMIG -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
[00-PROCESS]**ISUSPM -/- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
[00-PROCESS]**locator -/- C:\WINDOWS\system32\locator.exe
[00-PROCESS]**lsass -/- C:\WINDOWS\system32\lsass.exe
[00-PROCESS]**metablogagent -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\MetablogNewIssues\metablogagent.exe
[00-PROCESS]**MetablogNewIssues -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\MetablogNewIssues\MetablogNewIssues.exe
[00-PROCESS]**mnmsrvc -/- C:\WINDOWS\system32\mnmsrvc.exe
[00-PROCESS]**mscorsvw -/- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[00-PROCESS]**msdtc -/- C:\WINDOWS\system32\msdtc.exe
[00-PROCESS]**msiexec -/- C:\WINDOWS\system32\msiexec.exe
[00-PROCESS]**MSOSYNC -/- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
[00-PROCESS]**MyPeople -/- C:\Program Files\Daum\MyPeople\MyPeople\MyPeople.exe
[00-PROCESS]**netdde -/- C:\WINDOWS\system32\netdde.exe
[00-PROCESS]**npkcmsvc -/- C:\WINDOWS\system32\npkcmsvc.exe
[00-PROCESS]**npkfxsvc -/- C:\WINDOWS\system32\npkfxsvc.exe
[00-PROCESS]**ONRSD -/- C:\oracle\ora81\BIN\ONRSD.EXE
[00-PROCESS]**OSE -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[00-PROCESS]**OSPPSVC -/- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
[00-PROCESS]**PDVDDXSrv -/- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
[00-PROCESS]**RegSrvc -/- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
[00-PROCESS]**rsvp -/- C:\WINDOWS\system32\rsvp.exe
[00-PROCESS]**S24EvMon -/- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
[00-PROCESS]**SCardSvr -/- C:\WINDOWS\System32\SCardSvr.exe
[00-PROCESS]**services -/- C:\WINDOWS\system32\services.exe
[00-PROCESS]**sessmgr -/- C:\WINDOWS\system32\sessmgr.exe
[00-PROCESS]**SeStPage -/- C:\Program Files\SeStPage\SeStPage.exe
[00-PROCESS]**sfenceagt -/- C:\Program Files\safe fence\sfenceagt.exe
[00-PROCESS]**sfencefw -/- C:\Program Files\safe fence\sfencefw.exe
[00-PROCESS]**smlogsvc -/- C:\WINDOWS\system32\smlogsvc.exe
[00-PROCESS]**smss -/- C:\WINDOWS\System32\smss.exe
[00-PROCESS]**snprot -/- C:\Program Files\SearchN\snprot.exe
[00-PROCESS]**SNSvcApp -/- C:\Program Files\SearchN\SNSvcApp.exe
[00-PROCESS]**SNUpdate -/- C:\Program Files\SearchN\SNUpdate.exe
[00-PROCESS]**spoolsv -/- C:\WINDOWS\system32\spoolsv.exe
[00-PROCESS]**StacSV -/- C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
[00-PROCESS]**stllssvr -/- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
[00-PROCESS]**stsystra -/- C:\WINDOWS\stsystra.exe
[00-PROCESS]**svchost -/- C:\WINDOWS\system32\svchost.exe
[00-PROCESS]**sysloader -/- C:\WINDOWS\system32\sysloader.exe
[00-PROCESS]**TAgent -/- C:\Program Files\TCOstream\client\TAgent.exe
[00-PROCESS]**tclient -/- C:\Program Files\TCOstream\client\tclient.exe
[00-PROCESS]**TINTSETP -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
[00-PROCESS]**tlntsvr -/- C:\WINDOWS\system32\tlntsvr.exe
[00-PROCESS]**tpmsagent -/- C:\Program Files\TCOstream\client\tpmsagent.exe
[00-PROCESS]**tsrvctl_nt -/- C:\Program Files\TCOstream\client\tsrvctl_nt.exe
[00-PROCESS]**ups -/- C:\WINDOWS\System32\ups.exe
[00-PROCESS]**V3SP -/- C:\Program Files\AhnLab\V3IS80\V3SP.exe
[00-PROCESS]**V3Svc -/- C:\Program Files\AhnLab\V3IS80\V3Svc.exe
[00-PROCESS]**vssvc -/- C:\WINDOWS\System32\vssvc.exe
[00-PROCESS]**WidService -/- C:\Program Files\InternetDISK\Common\WID\WidService.exe
[00-PROCESS]**winlogon -/- C:\WINDOWS\system32\winlogon.exe
[00-PROCESS]**WinxpendUP_s2co1 -/- C:\Program Files\WinExpand_s2co1\WinxpendUP_s2co1.exe
[00-PROCESS]**WLKeeper -/- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
[00-PROCESS]**wmiapsrv -/- C:\WINDOWS\system32\wbem\wmiapsrv.exe
[00-PROCESS]**ZCfgSvc -/- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
[01-HKCUREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[01-HKCUREG]**FPH Exe -/- C:\PROGRA~1\FASOOD~1\fph.exe
[01-HKCUREG]**HncUpdate -/- C:\Program Files\Hnc\HncUtils\HncChecker.exe
[01-HKCUREG]**HotKeysCmds -/- C:\WINDOWS\system32\hkcmd.exe
[01-HKCUREG]**IgfxTray -/- C:\WINDOWS\system32\igfxtray.exe
[01-HKCUREG]**IME14 KOR Setup -/- C:\PROGRA~1\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /KOR /Log
[01-HKCUREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[01-HKCUREG]**IntelWireless -/- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
[01-HKCUREG]**IntelZeroConfig -/- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
[01-HKCUREG]**ISUSPM -/- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler
[01-HKCUREG]**metablogagent -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\MetablogNewIssues\metablogagent.exe
[01-HKCUREG]**MetablogNewIssues -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\MetablogNewIssues\MetablogNewIssues.exe /byboot
[01-HKCUREG]**MyPeople -/- C:\Program Files\Daum\MyPeople\MyPeople\MyPeople.exe -startup
[01-HKCUREG]**OfficeSyncProcess -/- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
[01-HKCUREG]**PDVDDXSrv -/- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
[01-HKCUREG]**Persistence -/- C:\WINDOWS\system32\igfxpers.exe
[01-HKCUREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[01-HKCUREG]**PHIME2002ASync -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
[01-HKCUREG]**safefence firewall -/- C:\Program Files\safe fence\sfencefw.exe startup
[01-HKCUREG]**safefence_realtime_agent -/- C:\Program Files\safe fence\sfenceagt.exe
[01-HKCUREG]**SearchN -/- C:\Program Files\SearchN\SNUpdate.exe
[01-HKCUREG]**SeStPage -/- C:\Program Files\SeStPage\SeStPage.exe
[01-HKCUREG]**SigmatelSysTrayApp -/- stsystra.exe
[01-HKCUREG]**snprot -/- C:\Program Files\SearchN\snprot.exe
[01-HKCUREG]**V3 Session Process -/- C:\Program Files\AhnLab\V3IS80\V3SP.exe
[02-HKLMREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[02-HKLMREG]**FPH Exe -/- C:\PROGRA~1\FASOOD~1\fph.exe
[02-HKLMREG]**HncUpdate -/- C:\Program Files\Hnc\HncUtils\HncChecker.exe
[02-HKLMREG]**HotKeysCmds -/- C:\WINDOWS\system32\hkcmd.exe
[02-HKLMREG]**IgfxTray -/- C:\WINDOWS\system32\igfxtray.exe
[02-HKLMREG]**IME14 KOR Setup -/- C:\PROGRA~1\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /KOR /Log
[02-HKLMREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[02-HKLMREG]**IntelWireless -/- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
[02-HKLMREG]**IntelZeroConfig -/- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
[02-HKLMREG]**ISUSPM -/- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler
[02-HKLMREG]**metablogagent -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\MetablogNewIssues\metablogagent.exe
[02-HKLMREG]**MetablogNewIssues -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\MetablogNewIssues\MetablogNewIssues.exe /byboot
[02-HKLMREG]**MyPeople -/- C:\Program Files\Daum\MyPeople\MyPeople\MyPeople.exe -startup
[02-HKLMREG]**OfficeSyncProcess -/- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
[02-HKLMREG]**PDVDDXSrv -/- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
[02-HKLMREG]**Persistence -/- C:\WINDOWS\system32\igfxpers.exe
[02-HKLMREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[02-HKLMREG]**PHIME2002ASync -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
[02-HKLMREG]**safefence firewall -/- C:\Program Files\safe fence\sfencefw.exe startup
[02-HKLMREG]**safefence_realtime_agent -/- C:\Program Files\safe fence\sfenceagt.exe
[02-HKLMREG]**SearchN -/- C:\Program Files\SearchN\SNUpdate.exe
[02-HKLMREG]**SeStPage -/- C:\Program Files\SeStPage\SeStPage.exe
[02-HKLMREG]**SigmatelSysTrayApp -/- stsystra.exe
[02-HKLMREG]**snprot -/- C:\Program Files\SearchN\snprot.exe
[02-HKLMREG]**V3 Session Process -/- C:\Program Files\AhnLab\V3IS80\V3SP.exe
[03-BHOCLSD]**Adobe PDF Reader 링크 도우미 -/- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll -/- {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
[03-BHOCLSD]**Groove GFS Browser Helper -/- C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL -/- {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
[03-BHOCLSD]**N.A -/- N.A -/- {9CA5610A-0DFC-4716-94EF-5450EF43A1F7}
[03-BHOCLSD]**N.A -/- N.A -/- {CBD9D4BF-48E2-4722-9835-7B37AD522465}
[03-BHOCLSD]**N.A -/- N.A -/- {ED2C80A2-2953-46B8-966E-02AC928E8C58}
[03-BHOCLSD]**Office Document Cache Handler -/- C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL -/- {B4F3A835-0E21-4959-BA22-42B3008E02FF}
[03-BHOCLSD]**SearchNCtrl Class -/- C:\Program Files\SearchN\SearchN.dll -/- {FE14A4CA-5CFA-4C05-9274-6006397B68C9}
[03-BHOCLSD]**WinExpandB Class -/- C:\Program Files\WinExpand_s2co1\WinExpand_s2co1.dll -/- {0000048F-CA70-426E-B122-D9627A516378}
[05-SERVICE]**AdobeFlashPlayerUpdateSvc -/- Adobe Flash Player Update Service -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[05-SERVICE]**Canon Driver Information Assist Service -/- Canon Driver Information Assist Service -/- C:\Program Files\Canon\DIAS\CnxDIAS.exe
[05-SERVICE]**EvtEng -/- Intel(R) PROSet/Wireless Event Log -/- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
[05-SERVICE]**gupdate -/- Google 업데이트 서비스 (gupdate) -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**gupdatem -/- Google 업데이트 서비스 (gupdatem) -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**ImeDictUpdateService -/- Microsoft IME Dictionary Update -/- C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE
[05-SERVICE]**InternetDiskService -/- ESTsoft Internetdisk Service -/- C:\Program Files\InternetDISK\Common\WID\WidService.exe
[05-SERVICE]**Microsoft SharePoint Workspace Audit Service -/- Microsoft SharePoint Workspace Audit Service -/- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
[05-SERVICE]**napagent -/- Network Access Protection Agent -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\System32\qagentrt.dll
[05-SERVICE]**npkcmsvc -/- npkcmsvc -/- C:\WINDOWS\system32\npkcmsvc.exe
[05-SERVICE]**npkfxsvc -/- npkfxsvc -/- C:\WINDOWS\system32\npkfxsvc.exe
[05-SERVICE]**OracleOraHome81ClientCache -/- OracleOraHome81ClientCache -/- C:\oracle\ora81\BIN\ONRSD.EXE
[05-SERVICE]**ose -/- Office Source Engine -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[05-SERVICE]**osppsvc -/- Office Software Protection Platform -/- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
[05-SERVICE]**RegSrvc -/- Intel(R) PROSet/Wireless Registry Service -/- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
[05-SERVICE]**S24EventMonitor -/- Intel(R) PROSet/Wireless Service -/- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
[05-SERVICE]**STacSV -/- SigmaTel Audio Service -/- C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
[05-SERVICE]**stllssvr -/- stllssvr -/- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
[05-SERVICE]**SystemLoader -/- System Loader -/- C:\WINDOWS\system32\sysloader.exe
[05-SERVICE]**TClientService -/- TCO!stream Client Service -/- C:\Program Files\TCOstream\client\tclient.exe
[05-SERVICE]**TControlService -/- TCO!stream Control Service -/- C:\Program Files\TCOstream\client\tsrvctl_nt.exe
[05-SERVICE]**V3 Service -/- V3 Service -/- C:\Program Files\AhnLab\V3IS80\V3Svc.exe
[05-SERVICE]**WLANKEEPER -/- Intel(R) PROSet/Wireless SSO Service -/- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe