Code : 8mO86eTBiAinbW8iPbEzHj8Y/ErfTryk

프로그램분석

Code : 8mO86eTBiAinbW8iPbEzHj8Y/ErfTryk

프로세스 천국 2013. 2. 9. 12:09

System Analyzer Report 2013, 02, 09

NA001 ======================================================================
NA002 echo Created by Windowexe.com / do not delete this label.
NA003 ======================================================================
NA004 echo Start
NA005 echo windowexe.com & tskill "windowuserupdate" & echo windowdel.com
NA006 echo windowexe.com & tskill "winanydr" & echo windowdel.com
NA007 echo windowexe.com & tskill "svcspwin" & echo windowdel.com
NA008 echo windowexe.com & tskill "svcscrwin" & echo windowdel.com
NA009 echo windowexe.com & tskill "windvieweragent" & echo windowdel.com
NA010 echo windowexe.com & tskill "windviewer" & echo windowdel.com
NA011 echo windowexe.com & tskill "windopt" & echo windowdel.com
NA012 echo windowexe.com & tskill "winspsv" & echo windowdel.com
NA013 echo windowexe.com & tskill "WinchoiceUpdate" & echo windowdel.com
NA014 echo windowexe.com & tskill "Winchoice" & echo windowdel.com
NA015 echo windowexe.com & tskill "winanyu" & echo windowdel.com
NA016 echo windowexe.com & tskill "TopUtilService" & echo windowdel.com
NA017 echo windowexe.com & tskill "systemview-se" & echo windowdel.com
NA018 echo windowexe.com & tskill "quicksvc" & echo windowdel.com
NA019 echo windowexe.com & tskill "qdownservice" & echo windowdel.com
NA020 echo windowexe.com & tskill "qdownagent" & echo windowdel.com
NA021 echo windowexe.com & tskill "pcpoweroffmon" & echo windowdel.com
NA022 echo windowexe.com & tskill "natsvc" & echo windowdel.com
NA023 echo windowexe.com & tskill "liveupdater-se" & echo windowdel.com
NA024 echo windowexe.com & tskill "lpupdate" & echo windowdel.com
NA025 echo windowexe.com & tskill "liveplus" & echo windowdel.com
NA026 echo windowexe.com & tskill "JoyUtilService" & echo windowdel.com
NA027 echo windowexe.com & tskill "internetservice-se" & echo windowdel.com
NA028 echo windowexe.com & tskill "HSSearch" & echo windowdel.com
NA029 echo windowexe.com & tskill "enumerate_sd_mon" & echo windowdel.com
NA030 echo windowexe.com & tskill "ctpopsvc" & echo windowdel.com
NA031 echo windowexe.com & tskill "ez-PlusSC" & echo windowdel.com
NA032 echo windowexe.com & tskill "barosvc" & echo windowdel.com
NA033 echo windowexe.com & tskill "TCCheckAgent" & echo windowdel.com
NA034 echo windowexe.com & tskill "windowstabup" & echo windowdel.com
NA035 echo windowexe.com & tskill "windowstab" & echo windowdel.com
NA036 echo windowexe.com & tskill "signkey" & echo windowdel.com
NA037 echo windowexe.com & tskill "iesignkey" & echo windowdel.com
NA038 echo windowexe.com & tskill "FBDSvcMan" & echo windowdel.com
NA039 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "JoyUtilService" /f
NA040 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "JoyUtilService" /f
NA041 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "liveplus" /f
NA042 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "liveplus" /f
NA043 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "winchoiceupdate" /f
NA044 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "winchoiceupdate" /f
NA045 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "winchoice" /f
NA046 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "winchoice" /f
NA047 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "TopUtilService" /f
NA048 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "TopUtilService" /f
NA049 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "windvieweropt" /f
NA050 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "windvieweropt" /f
NA051 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "windvieweragent" /f
NA052 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "windvieweragent" /f
NA053 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "windviewer" /f
NA054 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "windviewer" /f
NA055 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "HiSch" /f
NA056 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "HiSch" /f
NA057 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "signkey" /f
NA058 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "signkey" /f
NA059 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WindowsTab" /f
NA060 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WindowsTab" /f
NA061 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC34B3C3-3904-4D0E-8035-536715B28BBA}" /f
NA062 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC34B3C3-3904-4D0E-8035-536715B28BBA}" /f
NA063 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC34B3C3-3904-4D0E-8035-536715B28BBA}" /f
NA064 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{CC34B3C3-3904-4D0E-8035-536715B28BBA}" /f
NA065 echo Created by Windowexe.com
NA066 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE76304D-721C-4A66-9F6B-8DE871B3256D}" /f
NA067 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE76304D-721C-4A66-9F6B-8DE871B3256D}" /f
NA068 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE76304D-721C-4A66-9F6B-8DE871B3256D}" /f
NA069 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{AE76304D-721C-4A66-9F6B-8DE871B3256D}" /f
NA070 echo Created by Windowexe.com
NA071 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A433374B-2F44-402B-AB7E-E58B4A09DF8A}" /f
NA072 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A433374B-2F44-402B-AB7E-E58B4A09DF8A}" /f
NA073 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A433374B-2F44-402B-AB7E-E58B4A09DF8A}" /f
NA074 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{A433374B-2F44-402B-AB7E-E58B4A09DF8A}" /f
NA075 echo Created by Windowexe.com
NA076 sc stop "winspsv32"
NA077 echo Service Disable & sc config "winspsv32" start= disabled & echo Windowexe.com
NA078 sc stop "WinsPop Service"
NA079 echo Service Disable & sc config "WinsPop Service" start= disabled & echo Windowexe.com
NA080 sc stop "WinScare Service"
NA081 echo Service Disable & sc config "WinScare Service" start= disabled & echo Windowexe.com
NA082 sc stop "WindowsDriver"
NA083 echo Service Disable & sc config "WindowsDriver" start= disabled & echo Windowexe.com
NA084 sc stop "Windows WinsPop Diagnostics Service"
NA085 echo Service Disable & sc config "Windows WinsPop Diagnostics Service" start= disabled & echo Windowexe.com
NA086 sc stop "Windows WinScare Diagnostics Service"
NA087 echo Service Disable & sc config "Windows WinScare Diagnostics Service" start= disabled & echo Windowexe.com
NA088 sc stop "Windows WinAny Update Service"
NA089 echo Service Disable & sc config "Windows WinAny Update Service" start= disabled & echo Windowexe.com
NA090 sc stop "WinA Diagnostics Service"
NA091 echo Service Disable & sc config "WinA Diagnostics Service" start= disabled & echo Windowexe.com
NA092 sc stop "tqtzumm3"
NA093 echo Service Disable & sc config "tqtzumm3" start= disabled & echo Windowexe.com
NA094 sc stop "tqtzu"
NA095 echo Service Disable & sc config "tqtzu" start= disabled & echo Windowexe.com
NA096 sc stop "TCCheckAgent"
NA097 echo Service Disable & sc config "TCCheckAgent" start= disabled & echo Windowexe.com
NA098 sc stop "systemviewservice"
NA099 echo Service Disable & sc config "systemviewservice" start= disabled & echo Windowexe.com
NA100 sc stop "speedwindow Update Service"
NA101 echo Service Disable & sc config "speedwindow Update Service" start= disabled & echo Windowexe.com
NA102 sc stop "RKSvc"
NA103 echo Service Disable & sc config "RKSvc" start= disabled & echo Windowexe.com
NA104 sc stop "quicksvc"
NA105 echo Service Disable & sc config "quicksvc" start= disabled & echo Windowexe.com
NA106 sc stop "QuickDownload Service"
NA107 echo Service Disable & sc config "QuickDownload Service" start= disabled & echo Windowexe.com
NA108 sc stop "QuickDownload Agent"
NA109 echo Service Disable & sc config "QuickDownload Agent" start= disabled & echo Windowexe.com
NA110 sc stop "NATService"
NA111 echo Service Disable & sc config "NATService" start= disabled & echo Windowexe.com
NA112 sc stop "multiclear Update Service"
NA113 echo Service Disable & sc config "multiclear Update Service" start= disabled & echo Windowexe.com
NA114 sc stop "monpcpoweroff"
NA115 echo Service Disable & sc config "monpcpoweroff" start= disabled & echo Windowexe.com
NA116 sc stop "liveupdaterservice"
NA117 echo Service Disable & sc config "liveupdaterservice" start= disabled & echo Windowexe.com
NA118 sc stop "internetserviceservice"
NA119 echo Service Disable & sc config "internetserviceservice" start= disabled & echo Windowexe.com
NA120 sc stop "FBDSvcman"
NA121 echo Service Disable & sc config "FBDSvcman" start= disabled & echo Windowexe.com
NA122 sc stop "ez-Plus"
NA123 echo Service Disable & sc config "ez-Plus" start= disabled & echo Windowexe.com
NA124 sc stop "everyclear Update Service"
NA125 echo Service Disable & sc config "everyclear Update Service" start= disabled & echo Windowexe.com
NA126 sc stop "ctwopop"
NA127 echo Service Disable & sc config "ctwopop" start= disabled & echo Windowexe.com
NA128 sc stop "barocn"
NA129 echo Service Disable & sc config "barocn" start= disabled & echo Windowexe.com
NA130 echo 000 & reg.exe delete "HKCR\CLSID\{5121BCAB-14D5-40AD-A469-4437CC51F7AA}" /f & echo windowdel.com
NA131 echo Created by Windowexe.com
NA132 echo 000 & reg.exe delete "HKCR\CLSID\{A832F633-668F-4F8A-9EA1-A6375D1C1418}" /f & echo windowdel.com
NA133 echo Created by Windowexe.com
NA134 echo End
NA135 ======================================================================
NA136 echo Created by Windowexe.com / do not delete this label.
NA137 ======================================================================

[00-PROCESS]**barosvc -/- C:\Program Files\barocn\barosvc.exe
[00-PROCESS]**cmd -/- C:\WINDOWS\system32\cmd.exe
[00-PROCESS]**ctpopsvc -/- C:\Program Files\ctpop\ctpopsvc.exe
[00-PROCESS]**E_FATIGJS -/- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGJS.EXE
[00-PROCESS]**enumerate_sd_mon -/- C:\Program Files\enumerate_sd\enumerate_sd_mon.exe
[00-PROCESS]**ez-PlusSC -/- C:\Program Files\Common Files\EZ-Plus\ez-PlusSC.exe
[00-PROCESS]**FBDSvcMan -/- C:\Documents and Settings\Administrator\Application Data\SpeedDownload\FBDSvcMan.exe
[00-PROCESS]**FlashPlayerUpdateService -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00-PROCESS]**FlashPlayerUpdateService -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00-PROCESS]**HSSearch -/- C:\Program Files\HiSearch\HSSearch.exe
[00-PROCESS]**iesignkey -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\signkey\iesignkey.exe
[00-PROCESS]**iexplore -/- C:\Program Files\Internet Explorer\iexplore.exe
[00-PROCESS]**IMJPMIG -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
[00-PROCESS]**IMKRMIG -/- C:\Program Files\Common Files\Microsoft Shared\IME12\IMEKR\IMKRMIG.EXE
[00-PROCESS]**internetservice-se -/- C:\Program Files\internetservice\internetservice-se.exe
[00-PROCESS]**JoyUtilService -/- C:\Program Files\JoyUtil\JoyUtilService.exe
[00-PROCESS]**jqs -/- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
[00-PROCESS]**jucheck -/- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
[00-PROCESS]**jusched -/- C:\Program Files\Common Files\Java\Java Update\jusched.exe
[00-PROCESS]**liveplus -/- C:\Program Files\liveplus\liveplus.exe
[00-PROCESS]**liveupdater-se -/- C:\Program Files\liveupdater\liveupdater-se.exe
[00-PROCESS]**lpupdate -/- C:\Program Files\liveplus\lpupdate.exe
[00-PROCESS]**msfeedssync -/- C:\WINDOWS\system32\msfeedssync.exe
[00-PROCESS]**natsvc -/- C:\Program Files\NAT Service\natsvc.exe
[00-PROCESS]**NaverAgent -/- C:\Program Files\naver\NaverAgent\NaverAgent.exe
[00-PROCESS]**NaverTBUpgrader_1_0_0_1 -/- C:\Documents and Settings\Administrator\Local Settings\Temp\NaverTBUpgrader_1_0_0_1.exe
[00-PROCESS]**NexonPlug -/- C:\Nexon\NexonPlug\NexonPlug.exe
[00-PROCESS]**NMService -/- C:\Nexon\NexonPlug\NMService.exe
[00-PROCESS]**npkcmsvc -/- C:\WINDOWS\system32\npkcmsvc.exe
[00-PROCESS]**nvsvc32 -/- C:\WINDOWS\system32\nvsvc32.exe
[00-PROCESS]**ODSERV -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[00-PROCESS]**OSE -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[00-PROCESS]**pcpoweroffmon -/- C:\Program Files\pcpoweroff\pcpoweroffmon.exe
[00-PROCESS]**qdownagent -/- C:\Program Files\QuickDownloadService\qdownagent.exe
[00-PROCESS]**qdownservice -/- C:\Program Files\QuickDownloadService\qdownservice.exe
[00-PROCESS]**quicksvc -/- C:\Program Files\Quicker\quicksvc.exe
[00-PROCESS]**resetuserconfig -/- C:\WINDOWS\resetuserconfig.exe
[00-PROCESS]**RKService -/- C:\WINDOWS\system32\RKService.exe
[00-PROCESS]**sgsvc -/- C:\Program Files\AhnLab\SiteGuard2\sgsvc.exe
[00-PROCESS]**signkey -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\signkey\signkey.exe
[00-PROCESS]**svcscrwin -/- C:\WINDOWS\System32\svcscrwin.exe
[00-PROCESS]**svcspwin -/- C:\WINDOWS\System32\svcspwin.exe
[00-PROCESS]**systemview-se -/- C:\Program Files\systemview\systemview-se.exe
[00-PROCESS]**TCCheckAgent -/- C:\Program Files\AdvTopC\TCCheckAgent.exe
[00-PROCESS]**TINTSETP -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
[00-PROCESS]**TopUtilService -/- C:\Program Files\TopUtil\TopUtilService.exe
[00-PROCESS]**userwindowresetinfo -/- C:\WINDOWS\userwindowresetinfo.exe
[00-PROCESS]**V3LSvc -/- C:\Program Files\AhnLab\V3Lite\V3LSvc.exe
[00-PROCESS]**V3LTray -/- C:\Program Files\AhnLab\V3Lite\V3LTray.exe
[00-PROCESS]**wdrwscsvc -/- C:\WINDOWS\System32\wdrwscsvc.exe
[00-PROCESS]**wdrwspsvc -/- C:\WINDOWS\System32\wdrwspsvc.exe
[00-PROCESS]**winanydr -/- C:\WINDOWS\System32\winanydr.exe
[00-PROCESS]**winanyu -/- C:\Program Files\winany\winanyu.exe
[00-PROCESS]**Winchoice -/- C:\Program Files\Winchoice\Winchoice.exe
[00-PROCESS]**WinchoiceUpdate -/- C:\Program Files\Winchoice\WinchoiceUpdate.exe
[00-PROCESS]**windopt -/- C:\Program Files\windviewer\windopt.exe
[00-PROCESS]**windowstab -/- C:\Documents and Settings\Administrator\Application Data\WindowsTab\windowstab.exe
[00-PROCESS]**windowstabup -/- C:\Documents and Settings\Administrator\Application Data\WindowsTab\windowstabup.exe
[00-PROCESS]**windowuserupdate -/- C:\WINDOWS\windowuserupdate.exe
[00-PROCESS]**windviewer -/- C:\Program Files\windviewer\windviewer.exe
[00-PROCESS]**windvieweragent -/- C:\Program Files\windviewer\windvieweragent.exe
[00-PROCESS]**winspsv -/- C:\Program Files\Windows Winerspop\winspsv.exe
[00-PROCESS]**WMPNetwk -/- C:\Program Files\Windows Media Player\WMPNetwk.exe
[01-HKCUREG]**\\USERCOMPUTER\EPSON TX320 WorkForce320 Series -/- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGJS.EXE /FU C:\Documents and Settings\Administrator\LOCALS~1\Temp\E_S2.tmp /EF HKCU
[01-HKCUREG]**AhnLab V3Lite Tray Process -/- C:\Program Files\AhnLab\V3Lite\V3LTray.exe /logon
[01-HKCUREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[01-HKCUREG]**HiSch -/- C:\Program Files\HiSearch\HSSearch.exe
[01-HKCUREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[01-HKCUREG]**JoyUtilService -/- C:\Program Files\JoyUtil\JoyUtilService.exe run
[01-HKCUREG]**Korean IME Migration -/- C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
[01-HKCUREG]**liveplus -/- C:\Program Files\liveplus\lpupdate.exe
[01-HKCUREG]**NaverAgent -/- C:\Program Files\naver\NaverAgent\NaverAgent.exe /autorun
[01-HKCUREG]**NexonPlug -/- C:\Nexon\NexonPlug\NexonPlug.exe
[01-HKCUREG]**NvCplDaemon -/- RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dllNvStartup
[01-HKCUREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[01-HKCUREG]**PHIME2002ASync -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
[01-HKCUREG]**signkey -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\signkey\signkey.exe
[01-HKCUREG]**SunJavaUpdateSched -/- C:\Program Files\Common Files\Java\Java Update\jusched.exe
[01-HKCUREG]**TopUtilService -/- C:\Program Files\TopUtil\TopUtilService.exe run
[01-HKCUREG]**winchoice -/- C:\Program Files\Winchoice\Winchoice.exe run
[01-HKCUREG]**winchoiceupdate -/- C:\Program Files\Winchoice\WinchoiceUpdate.exe run
[01-HKCUREG]**WindowsTab -/- C:\Documents and Settings\Administrator\Application Data\WindowsTab\windowstabup.exe
[01-HKCUREG]**windviewer -/- C:\Program Files\windviewer\windviewer.exe
[01-HKCUREG]**windvieweragent -/- C:\Program Files\windviewer\windvieweragent.exe
[01-HKCUREG]**windvieweropt -/- C:\Program Files\windviewer\windopt.exe
[02-HKLMREG]**\\USERCOMPUTER\EPSON TX320 WorkForce320 Series -/- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGJS.EXE /FU C:\Documents and Settings\Administrator\LOCALS~1\Temp\E_S2.tmp /EF HKCU
[02-HKLMREG]**AhnLab V3Lite Tray Process -/- C:\Program Files\AhnLab\V3Lite\V3LTray.exe /logon
[02-HKLMREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[02-HKLMREG]**HiSch -/- C:\Program Files\HiSearch\HSSearch.exe
[02-HKLMREG]**IMJPMIG8.1 -/- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
[02-HKLMREG]**JoyUtilService -/- C:\Program Files\JoyUtil\JoyUtilService.exe run
[02-HKLMREG]**Korean IME Migration -/- C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
[02-HKLMREG]**liveplus -/- C:\Program Files\liveplus\lpupdate.exe
[02-HKLMREG]**NaverAgent -/- C:\Program Files\naver\NaverAgent\NaverAgent.exe /autorun
[02-HKLMREG]**NexonPlug -/- C:\Nexon\NexonPlug\NexonPlug.exe
[02-HKLMREG]**NvCplDaemon -/- RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dllNvStartup
[02-HKLMREG]**PHIME2002A -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
[02-HKLMREG]**PHIME2002ASync -/- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
[02-HKLMREG]**signkey -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\signkey\signkey.exe
[02-HKLMREG]**SunJavaUpdateSched -/- C:\Program Files\Common Files\Java\Java Update\jusched.exe
[02-HKLMREG]**TopUtilService -/- C:\Program Files\TopUtil\TopUtilService.exe run
[02-HKLMREG]**winchoice -/- C:\Program Files\Winchoice\Winchoice.exe run
[02-HKLMREG]**winchoiceupdate -/- C:\Program Files\Winchoice\WinchoiceUpdate.exe run
[02-HKLMREG]**WindowsTab -/- C:\Documents and Settings\Administrator\Application Data\WindowsTab\windowstabup.exe
[02-HKLMREG]**windviewer -/- C:\Program Files\windviewer\windviewer.exe
[02-HKLMREG]**windvieweragent -/- C:\Program Files\windviewer\windvieweragent.exe
[02-HKLMREG]**windvieweropt -/- C:\Program Files\windviewer\windopt.exe
[03-BHOCLSD]**{000011A1-74C9-4c7e-9B4E-59B5765CF409} -/- c:\program files\naver\navertoolbar\naversafeguard\nsafeguard_2012_4_26_1.dll
[03-BHOCLSD]**{19217B99-F935-4A39-B857-A68A68D5BEBB} -/- C:\Program Files\AhnLab\SiteGuard2\SGAgenti.dll
[03-BHOCLSD]**{67C41E9E-2EBF-4F2B-AF74-314F0D793172} -/- C:\Program Files\naver\NaverToolbar\NaverTB_4_0_11_184.dll
[03-BHOCLSD]**{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -/- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
[03-BHOCLSD]**{A433374B-2F44-402B-AB7E-E58B4A09DF8A} -/- C:\Program Files\HiSearch\HSHelper.dll
[03-BHOCLSD]**{AE76304D-721C-4A66-9F6B-8DE871B3256D} -/- C:\Program Files\RealKeyword\RealClick.dll
[03-BHOCLSD]**{CC34B3C3-3904-4D0E-8035-536715B28BBA} -/- C:\Program Files\windviewer\windviewer.dll
[03-BHOCLSD]**{DBC80044-A445-435b-BC74-9C25C1C588A9} -/- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
[04-TOOLBAR]**{D09CFF09-A42A-4EDC-9804-E61224F59CA1} -/- C:\Program Files\naver\NaverToolbar\NaverTB_4_0_11_184.dll
[05-SERVICE]**AdobeFlashPlayerUpdateSvc -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[05-SERVICE]**barocn -/- C:\Program Files\barocn\barosvc.exe
[05-SERVICE]**ctwopop -/- C:\Program Files\ctpop\ctpopsvc.exe
[05-SERVICE]**everyclear Update Service -/- C:\WINDOWS\resetuserconfig.exe
[05-SERVICE]**ez-Plus -/- C:\Program Files\Common Files\EZ-Plus\ez-PlusSC.exe
[05-SERVICE]**FBDSvcman -/- C:\Documents and Settings\Administrator\Application Data\SpeedDownload\FBDSvcMan.exe
[05-SERVICE]**internetserviceservice -/- C:\Program Files\internetservice\internetservice-se.exe
[05-SERVICE]**JavaQuickStarterService -/- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -service -config C:\Program Files\Oracle\JavaFX 2.1 Runtime\lib\deploy\jqs\jqs.conf
[05-SERVICE]**liveupdaterservice -/- C:\Program Files\liveupdater\liveupdater-se.exe
[05-SERVICE]**monpcpoweroff -/- C:\Program Files\pcpoweroff\pcpoweroffmon.exe
[05-SERVICE]**multiclear Update Service -/- C:\WINDOWS\userwindowresetinfo.exe
[05-SERVICE]**napagent -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\System32\qagentrt.dll
[05-SERVICE]**NATService -/- C:\Program Files\NAT Service\natsvc.exe
[05-SERVICE]**npggsvc -/- C:\WINDOWS\system32\GameMon.des -service
[05-SERVICE]**npkcmsvc -/- C:\WINDOWS\system32\npkcmsvc.exe
[05-SERVICE]**nvsvc -/- C:\WINDOWS\system32\nvsvc32.exe
[05-SERVICE]**odserv -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[05-SERVICE]**ose -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[05-SERVICE]**QuickDownload Agent -/- C:\Program Files\QuickDownloadService\qdownagent.exe
[05-SERVICE]**QuickDownload Service -/- C:\Program Files\QuickDownloadService\qdownservice.exe
[05-SERVICE]**quicksvc -/- C:\Program Files\Quicker\quicksvc.exe
[05-SERVICE]**RKSvc -/- C:\WINDOWS\system32\RKService.exe
[05-SERVICE]**sgsvc -/- C:\Program Files\AhnLab\SiteGuard2\sgsvc.exe
[05-SERVICE]**speedwindow Update Service -/- C:\WINDOWS\windowuserupdate.exe
[05-SERVICE]**systemviewservice -/- C:\Program Files\systemview\systemview-se.exe
[05-SERVICE]**TCCheckAgent -/- C:\Program Files\AdvTopC\TCCheckAgent.exe
[05-SERVICE]**tqtzu -/- C:\Program Files\enumerate_sd/enumerate_sd_mon.exe
[05-SERVICE]**tqtzumm3 -/- C:\Program Files\MiniMP3/minimp3_mon.exe
[05-SERVICE]**V3 Lite Service -/- C:\Program Files\AhnLab\V3Lite\V3LSvc.exe
[05-SERVICE]**WinA Diagnostics Service -/- C:\WINDOWS\System32\winanydr.exe
[05-SERVICE]**Windows WinAny Update Service -/- C:\Program Files\winany\winanyu.exe
[05-SERVICE]**Windows WinScare Diagnostics Service -/- C:\WINDOWS\System32\wdrwscsvc.exe
[05-SERVICE]**Windows WinsPop Diagnostics Service -/- C:\WINDOWS\System32\wdrwspsvc.exe
[05-SERVICE]**WindowsDriver -/- C:\WINDOWS\system32\svchost.exe -/- C:\WINDOWS\system32\WindowsDriver.dll
[05-SERVICE]**WinScare Service -/- C:\WINDOWS\System32\svcscrwin.exe
[05-SERVICE]**WinsPop Service -/- C:\WINDOWS\System32\svcspwin.exe
[05-SERVICE]**winspsv32 -/- C:\Program Files\Windows Winerspop\winspsv.exe
[05-SERVICE]**WPFFontCache_v0400 -/- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
[05-SERVICE]**xsherlock -/- C:\WINDOWS\system32\xsherlock.xem