Code : 0fIMN+ZkbLPFiV1cI0EDMgKV+UhfEy5US65UJYFMNbg=

프로그램분석

Code : 0fIMN+ZkbLPFiV1cI0EDMgKV+UhfEy5US65UJYFMNbg=

프로세스 천국 2013. 11. 6. 00:26

[00-PROCESS]**alg -/- C:\Windows\System32\alg.exe
[00-PROCESS]**aspnet_state -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
[00-PROCESS]**atbhelper -/- C:\Program Files\ESTsoft\ALToolBar\atbhelper.exe
[00-PROCESS]**AYLaunch -/- C:\Program Files\ESTsoft\ALYac\AYLaunch.exe
[00-PROCESS]**csrss -/- C:\Windows\system32\csrss.exe
[00-PROCESS]**DaumCleaner -/- C:\Program Files\Daum\Cleaner\DaumCleaner.exe
[00-PROCESS]**DaumCleanerService -/- C:\Program Files\Daum\Cleaner\DaumCleanerService.exe
[00-PROCESS]**DaumStation -/- C:\Program Files\Daum\DaumStation\DaumStation.exe
[00-PROCESS]**DaumStationService -/- C:\Program Files\Daum\DaumStation\DaumStationService.exe
[00-PROCESS]**dllhost -/- C:\Windows\system32\dllhost.exe
[00-PROCESS]**Dwm -/- C:\Windows\system32\Dwm.exe
[00-PROCESS]**ehRecvr -/- C:\Windows\ehome\ehRecvr.exe
[00-PROCESS]**ehsched -/- C:\Windows\ehome\ehsched.exe
[00-PROCESS]**Explorer -/- C:\Windows\Explorer.EXE
[00-PROCESS]**fxssvc -/- C:\Windows\system32\fxssvc.exe
[00-PROCESS]**Hellopop -/- C:\Program Files\Hellopop\Hellopop.exe
[00-PROCESS]**hkcmd -/- C:\Windows\system32\hkcmd.exe
[00-PROCESS]**igfxpers -/- C:\Windows\system32\igfxpers.exe
[00-PROCESS]**igfxtray -/- C:\Windows\system32\igfxtray.exe
[00-PROCESS]**infocard -/- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
[00-PROCESS]**IntelCpHeciSvc -/- C:\Windows\system32\IntelCpHeciSvc.exe
[00-PROCESS]**iPocket -/- C:\Program Files\iPocket\iPocket.exe
[00-PROCESS]**Kies -/- C:\Program Files\Samsung\Kies\Kies.exe
[00-PROCESS]**KiesPDLR -/- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
[00-PROCESS]**KiesTrayAgent -/- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
[00-PROCESS]**locator -/- C:\Windows\system32\locator.exe
[00-PROCESS]**LogonUI -/- C:\Windows\system32\LogonUI.exe
[00-PROCESS]**lsass -/- C:\Windows\system32\lsass.exe
[00-PROCESS]**lsm -/- C:\Windows\system32\lsm.exe
[00-PROCESS]**mdm -/- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
[00-PROCESS]**mscorsvw -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
[00-PROCESS]**msdtc -/- C:\Windows\System32\msdtc.exe
[00-PROCESS]**msiexec -/- C:\Windows\system32\msiexec.exe
[00-PROCESS]**MsMpEng -/- C:\Program Files\Microsoft Security Client\MsMpEng.exe
[00-PROCESS]**msseces -/- C:\Program Files\Microsoft Security Client\msseces.exe
[00-PROCESS]**nate_as -/- C:\Program Files\nate_as\nate_as.exe
[00-PROCESS]**nateon -/- c:\Program Files\sk communications\nateon\bin\nateon.exe
[00-PROCESS]**NATEONMain -/- C:\Program Files\SK Communications\NATEON\BIN\NATEONMain.exe
[00-PROCESS]**NateRSRCMain -/- C:\Users\Administrator\AppData\Local\SK Communications\NATEON5\Addin\5D1A9EDE-ED23-4790-8C04-CCABA1FC888B\NateRSRCMain.exe
[00-PROCESS]**ncleaner -/- C:\Program Files\naver\NaverCleaner\ncleaner.exe
[00-PROCESS]**NCleanService -/- C:\Program Files\naver\NaverCleaner\NCleanService.exe
[00-PROCESS]**NisSrv -/- C:\Program Files\Microsoft Security Client\NisSrv.exe
[00-PROCESS]**npkcmsvc -/- C:\Windows\system32\npkcmsvc.exe
[00-PROCESS]**npkfxsvc -/- C:\Windows\system32\npkfxsvc.exe
[00-PROCESS]**ODSERV -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[00-PROCESS]**OpenKeywordAgent -/- C:\Program Files\OpenKeyword\OpenKeywordAgent.exe
[00-PROCESS]**OSE -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[00-PROCESS]**perfhost -/- C:\Windows\system32\perfhost.exe
[00-PROCESS]**pinomate -/- C:\Users\Administrator\AppData\Local\PeeringPortal\Pino\pinomate.exe
[00-PROCESS]**PresentationFontCache -/- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
[00-PROCESS]**radio -/- C:\Users\Administrator\AppData\Roaming\네오위즈인터넷\radio\radio.exe
[00-PROCESS]**RAVCpl64 -/- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
[00-PROCESS]**rc40app -/- C:\Users\Administrator\AppData\Local\SK Communications\NATEON5\Addin\5D1A9EDE-ED23-4790-8C04-CCABA1FC888B\rc40app.exe
[00-PROCESS]**rcmgrmon -/- C:\Users\Administrator\AppData\Local\SK Communications\NATEON5\Addin\5D1A9EDE-ED23-4790-8C04-CCABA1FC888B\rcmgrmon.exe
[00-PROCESS]**Rundll32 -/- C:\Windows\system32\Rundll32.exe
[00-PROCESS]**SearchFilterHost -/- C:\Windows\system32\SearchFilterHost.exe
[00-PROCESS]**SearchIndexer -/- C:\Windows\system32\SearchIndexer.exe
[00-PROCESS]**SearchProtocolHost -/- C:\Windows\system32\SearchProtocolHost.exe
[00-PROCESS]**services -/- C:\Windows\system32\services.exe
[00-PROCESS]**sidebar -/- C:\Program Files\Windows Sidebar\sidebar.exe
[00-PROCESS]**snmptrap -/- C:\Windows\System32\snmptrap.exe
[00-PROCESS]**spoolsv -/- C:\Windows\System32\spoolsv.exe
[00-PROCESS]**sppsvc -/- C:\Windows\system32\sppsvc.exe
[00-PROCESS]**svchost -/- C:\Windows\system32\svchost.exe
[00-PROCESS]**TachyStartUp -/- C:\Neowiz\Tachy\TachyStartUp.exe
[00-PROCESS]**taskeng -/- C:\Windows\system32\taskeng.exe
[00-PROCESS]**taskhost -/- C:\Windows\system32\taskhost.exe
[00-PROCESS]**T-Con -/- C:\Program Files\T-Con\T-Con.exe
[00-PROCESS]**TrustedInstaller -/- C:\Windows\servicing\TrustedInstaller.exe
[00-PROCESS]**UI0Detect -/- C:\Windows\system32\UI0Detect.exe
[00-PROCESS]**vds -/- C:\Windows\System32\vds.exe
[00-PROCESS]**vssvc -/- C:\Windows\system32\vssvc.exe
[00-PROCESS]**WatAdminSvc -/- C:\Windows\system32\Wat\WatAdminSvc.exe
[00-PROCESS]**wbengine -/- C:\Windows\system32\wbengine.exe
[00-PROCESS]**wininit -/- C:\Windows\system32\wininit.exe
[00-PROCESS]**winlogon -/- C:\Windows\system32\winlogon.exe
[00-PROCESS]**WinxpendUP_boa -/- C:\Program Files\WinExpand_boa\WinxpendUP_boa.exe
[00-PROCESS]**WmiApSrv -/- C:\Windows\system32\wbem\WmiApSrv.exe
[00-PROCESS]**wmiprvse -/- C:\Windows\system32\wbem\wmiprvse.exe
[00-PROCESS]**wmpnetwk -/- C:\Program Files\Windows Media Player\wmpnetwk.exe
[00-PROCESS]**wuauclt -/- C:\Windows\system32\wuauclt.exe
[01-HKCUREG]**ALToolBar -/- C:\Program Files\ESTsoft\ALToolBar\atbhelper.exe -boot
[01-HKCUREG]**ALYac -/- C:\Program Files\ESTsoft\ALYac\AYLaunch.exe /run
[01-HKCUREG]**BackgroundContainer -/- C:\Windows\system32\Rundll32.exe C:\Users\Administrator\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dllDllRun
[01-HKCUREG]**DaumCleaner -/- C:\Program Files\Daum\Cleaner\DaumCleaner.exe /T
[01-HKCUREG]**DaumStation -/- C:\Program Files\Daum\DaumStation\DaumStation.exe
[01-HKCUREG]**Hellopop -/- C:\Program Files\Hellopop\Hellopop.exe
[01-HKCUREG]**HotKeysCmds -/- C:\Windows\system32\hkcmd.exe
[01-HKCUREG]**IgfxTray -/- C:\Windows\system32\igfxtray.exe
[01-HKCUREG]**iPocket -/- C:\Program Files\iPocket\iPocket.exe
[01-HKCUREG]**KiesAirMessage -/- C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
[01-HKCUREG]**KiesPDLR -/- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
[01-HKCUREG]**KiesPreload -/- C:\Program Files\Samsung\Kies\Kies.exe /preload
[01-HKCUREG]**KiesTrayAgent -/- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
[01-HKCUREG]**MSC -/- C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey
[01-HKCUREG]**Nate -/- C:\Program Files\nate_as\nate_as.exe
[01-HKCUREG]**NATEON -/- c:\Program Files\sk communications\nateon\bin\nateon.exe -as
[01-HKCUREG]**NCleaner -/- C:\Program Files\naver\NaverCleaner\ncleaner.exe /reboot
[01-HKCUREG]**Persistence -/- C:\Windows\system32\igfxpers.exe
[01-HKCUREG]**RTHDVCPL -/- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
[01-HKCUREG]**SayclubTachy -/- C:\Neowiz\Tachy\TachyStartUp.exe
[01-HKCUREG]**SayRadio -/- C:\Users\Administrator\AppData\Roaming\네오위즈인터넷\radio\radio.exe /startup
[01-HKCUREG]**Sidebar -/- C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
[01-HKCUREG]**T-Con -/- C:\Program Files\T-Con\T-Con.exe
[01-HKCUREG]**uTorrent -/- C:\Program Files\uTorrent\uTorrent.exe /MINIMIZED
[02-HKLMREG]**ALToolBar -/- C:\Program Files\ESTsoft\ALToolBar\atbhelper.exe -boot
[02-HKLMREG]**ALYac -/- C:\Program Files\ESTsoft\ALYac\AYLaunch.exe /run
[02-HKLMREG]**BackgroundContainer -/- C:\Windows\system32\Rundll32.exe C:\Users\Administrator\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dllDllRun
[02-HKLMREG]**DaumCleaner -/- C:\Program Files\Daum\Cleaner\DaumCleaner.exe /T
[02-HKLMREG]**DaumStation -/- C:\Program Files\Daum\DaumStation\DaumStation.exe
[02-HKLMREG]**Hellopop -/- C:\Program Files\Hellopop\Hellopop.exe
[02-HKLMREG]**HotKeysCmds -/- C:\Windows\system32\hkcmd.exe
[02-HKLMREG]**IgfxTray -/- C:\Windows\system32\igfxtray.exe
[02-HKLMREG]**iPocket -/- C:\Program Files\iPocket\iPocket.exe
[02-HKLMREG]**KiesAirMessage -/- C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
[02-HKLMREG]**KiesPDLR -/- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
[02-HKLMREG]**KiesPreload -/- C:\Program Files\Samsung\Kies\Kies.exe /preload
[02-HKLMREG]**KiesTrayAgent -/- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
[02-HKLMREG]**MSC -/- C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey
[02-HKLMREG]**Nate -/- C:\Program Files\nate_as\nate_as.exe
[02-HKLMREG]**NATEON -/- c:\Program Files\sk communications\nateon\bin\nateon.exe -as
[02-HKLMREG]**NCleaner -/- C:\Program Files\naver\NaverCleaner\ncleaner.exe /reboot
[02-HKLMREG]**Persistence -/- C:\Windows\system32\igfxpers.exe
[02-HKLMREG]**RTHDVCPL -/- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
[02-HKLMREG]**SayclubTachy -/- C:\Neowiz\Tachy\TachyStartUp.exe
[02-HKLMREG]**SayRadio -/- C:\Users\Administrator\AppData\Roaming\네오위즈인터넷\radio\radio.exe /startup
[02-HKLMREG]**Sidebar -/- C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
[02-HKLMREG]**T-Con -/- C:\Program Files\T-Con\T-Con.exe
[02-HKLMREG]**uTorrent -/- C:\Program Files\uTorrent\uTorrent.exe /MINIMIZED
[03-BHOCLSD]**ALToolbarBho -/- C:\Program Files\ESTsoft\ALToolBar\ALToolBar_3220.dll -/- {7F1A79F9-78D1-4186-9F60-EE0B63DF042A}
[03-BHOCLSD]**CNATE_ASBHO Object -/- C:\Program Files\nate_as\nate_as.dll -/- {E81E1598-BCE6-40B9-8B68-AE57DAA04452}
[03-BHOCLSD]**Daum 클리너 -/- C:\Program Files\Daum\Cleaner\DaumStart.1.5.0.132.dll -/- {BDDB5A00-D1EB-49D5-B197-72A06DF78AA1}
[03-BHOCLSD]**NateSearchSafeBHO Class -/- C:\Program Files\SK Communications\NATEON\BIN\NateSearchSafe.dll -/- {39AA03A6-B5D9-4F47-99DF-1666A7B8D8E8}
[03-BHOCLSD]**uTorrentBar_KR Toolbar -/- C:\Program Files\uTorrentBar_KR\prxtbuTor.dll -/- {03ea5b10-2efa-4311-ac10-04427b02d663}
[03-BHOCLSD]**WinExpandB Class -/- C:\Program Files\WinExpand_boa\WinExpand_boa.dll -/- {000009B5-2519-4018-B31A-3D359A3592C0}
[03-BHOCLSD]**네이트 한글 주소창 검색 -/- C:\Program Files\nate_as\nate_as.dll -/- {E77FA0B2-C931-411C-82A2-FF672456B730}
[04-TOOLBAR]**ALToolBar -/- C:\Program Files\ESTsoft\ALToolBar\ALToolBar_3220.dll -/- {38FBE93D-4CA1-4414-AF6A-94920C5BD8DA}
[04-TOOLBAR]**uTorrentBar_KR Toolbar -/- C:\Program Files\uTorrentBar_KR\prxtbuTor.dll -/- {03ea5b10-2efa-4311-ac10-04427b02d663}
[05-SERVICE]**ALYac_RTSrv -/- ALYac RealTime Service -/- C:\Program Files\ESTsoft\ALYac\AYRTSrv.aye
[05-SERVICE]**ALYac_UpdSrv -/- ALYac Update Service -/- C:\Program Files\ESTsoft\ALYac\AYUpdSrv.aye
[05-SERVICE]**cphs -/- Intel(R) Content Protection HECI Service -/- C:\Windows\system32\IntelCpHeciSvc.exe
[05-SERVICE]**DaumCleanerService -/- DaumCleanerService -/- C:\Program Files\Daum\Cleaner\DaumCleanerService.exe
[05-SERVICE]**DaumStationService -/- DaumStationService -/- C:\Program Files\Daum\DaumStation\DaumStationService.exe
[05-SERVICE]**MDM -/- Machine Debug Manager -/- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
[05-SERVICE]**MsMpSvc -/- Microsoft Antimalware Service -/- C:\Program Files\Microsoft Security Client\MsMpEng.exe
[05-SERVICE]**NCleanService -/- Naver Cleaner Admin Service -/- C:\Program Files\naver\NaverCleaner\NCleanService.exe
[05-SERVICE]**NetMsmqActivator -/- Net.Msmq Listener Adapter -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe -NetMsmqActivator
[05-SERVICE]**NetPipeActivator -/- Net.Pipe Listener Adapter -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
[05-SERVICE]**NetTcpActivator -/- Net.Tcp Listener Adapter -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
[05-SERVICE]**NetTcpPortSharing -/- Net.Tcp Port Sharing Service -/- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
[05-SERVICE]**NisSrv -/- Microsoft 네트워크 검사 -/- C:\Program Files\Microsoft Security Client\NisSrv.exe
[05-SERVICE]**npggsvc -/- nProtect GameGuard Service -/- C:\Windows\system32\GameMon.des -service
[05-SERVICE]**npkcmsvc -/- npkcmsvc -/- C:\Windows\system32\npkcmsvc.exe
[05-SERVICE]**npkfxsvc -/- npkfxsvc -/- C:\Windows\system32\npkfxsvc.exe
[05-SERVICE]**odserv -/- Microsoft Office Diagnostics Service -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[05-SERVICE]**ose -/- Office Source Engine -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[05-SERVICE]**PerfHost -/- Performance Counter DLL Host -/- C:\Windows\system32\perfhost.exe
[06-TASKLST]**BackgroundContainer Startup Task -/- C:\Windows\system32\Rundll32.exe
[06-TASKLST]**OKSTART -/- C:\Program Files\OpenKeyword\OpenKeywordAgent.exe
[06-TASKLST]**WinExpandUpdate_boa -/- C:\Program Files\WinExpand_boa\WinxpendUP_boa.exe