°Ô½ÃÆÇȨ / ³ª¸¸ÀÇÆÁ / MSN CPU Á¡À¯À²ÀÌ ÀÌ»óÇÕ´Ï´Ù...»õ±Û¾²±â ´ä±Û¾²±â

ÀúÀÚ MSN CPU Á¡À¯À²ÀÌ ÀÌ»óÇÕ´Ï´Ù...
Anonymous (0)
ºñȸ¿ø
  °Ô½ÃÀÏ: 2006-08-17 15:24||
¾È³çÇϼ¼¿ä.
ÁÁÀº ÆÁ ¸¹ÀÌ ¾ò¾î°¡´Â ȸ¿øÀÔ´Ï´Ù.
MSN »ç¿ë½Ã ÄÄÇ»ÅÍ¿¡ ÀÌ»óÀÌ ÀÖ¾î Áú¹® µå¸³´Ï´Ù.

¾ó¸¶ ÀüºÎÅÍ MSN ¸Þ½ÅÀú¸¦ »ç¿ëÇϸé ÄÄÇ»ÅÍÀÇ CPU Á¡À¯À²À» 99%±îÁö Â÷ÁöÇÏ°í Ç®¸®Áö ¾Ê´Â °æ¿ì°¡ ¸¹½À´Ï´Ù.
ƯÈ÷ óÀ½ MSNÀ» ±âµ¿Çϰųª, Æ®·¹ÀÌâ À§¿¡ ·Î±×ÀÎÀ» ¾Ë¸®´Â âÀÌ ¶ß°Å³ª, ´©±º°¡°¡ ¸»À» °É¾î¿Í¼­ »õ·Î¿î ´ëȭâÀÌ »ý±â°Å³ª, Æ®·¹ÀÌâ¿¡¼­ ¸Þ½ÅÀú¸¦ ´õºíŬ¸¯Çؼ­ ¸Þ½ÅÀú¸¦ È­¸é¿¡ ¶ç¿ï °æ¿ì
¾à 30ÃÊ¿¡¼­ 1ºÐ°£ (Ç×»ó ÀÏÁ¤ÇÏÁö´Â ¾Ê½À´Ï´Ù.) CPU Á¡À¯À²ÀÌ ¼ø°£ÀûÀ¸·Î fullÀÌ µË´Ï´Ù.
MSN 7.5¸¦ ¾µ¶§ºÎÅÍ µ¿ÀÏÇÑ Çö»óÀÌ ¹ß»ýÇÏ¿´À¸¸ç, Windows Live Messenger¸¦ ±ò¾Æµµ Áõ»óÀº ¶È°°±º¿ä.

¹é½Å ȣȯ¼ºÀÇ ¹®Á¦Àεí ÇÏ¿© ¿ø·¡ ¾²°í ÀÖ´ø V3¿Í F-Prot ¹é½Å ±âµ¿À» ÇöÀç´Â ÁßÁö½ÃÄѳõÀº »óÅÂÀε¥,
±×·¡µµ Áõ»óÀº º¯ÇÔÀÌ ¾ø½À´Ï´Ù. ¤Ð_¤Ð
¸Þ½ÅÀú´Â MSN°ú NateOn µÎ°³¸¦ ¾²°í ÀÖ¾úÀ¸¸ç, ¸î´Þ Àü±îÁö ¹é½Å°ú NateOn°ú ÇÔ²² MSNÀ» »ç¿ëÇÏ¿©µµ ¹®Á¦°¡ ¾ø¾ú´Âµ¥, ÀÌ·± ¹®Á¦°¡ »ý±äÁö´Â ÇÑ µÎ´Þ Á¤µµ µÈ °Í °°½À´Ï´Ù.
½Ã½ºÅÛ¿¡ Ưº°ÇÏ°Ô ±ò¸° ½ºÆÄÀÌ¿þ¾î³ª ¿ú, ¹ÙÀÌ·¯½º´Â ¾ø´Â µí Çϸç, ¾÷¹« Ư¼º»ó Oracle °°Àº DB °ü·Ã Åø°ú °³¹ß °ü·Ã ¼ÒÇÁÆ®¿þ¾î´Â ±ò·Á ÀÖ½À´Ï´Ù.
¿øÀÎÀ» ã´Ùã¾Æ ¸øã¾Æ °á±¹ DoA´ÔÀ» ºñ·ÔÇÑ QAOSian´Ôµé²² Áú¹® µå¸³´Ï´Ù.

Âü°í ºÎŹµå¸®±â À§ÇØ Hijackthis log¸¦ ÷ºÎÇÕ´Ï´Ù.

Logfile of HijackThis v1.99.1
Scan saved at ¿ÀÈÄ 3:16:58, on 2006-08-17
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\FSI\F-Prot\fpavupdm.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
D:\oracle\ora92\bin\omtsreco.exe
C:\Program Files\NATEON\BIN\NATEONMain.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\WINDOWS\system32\tardisnt.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\pyxis81\¹ÙÅÁ È­¸é\hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: V3 - {76EAE03C-F2B1-4397-97E8-390920B7C2DC} - C:\Program Files\Ahnlab\V3\V3Bar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {8E1CEBF4-7E65-4441-AF52-DCE42AA6F201} - (no file)
O3 - Toolbar: V3 - {9E3849D6-41EF-4B2F-86B7-632EF90758E4} - C:\Program Files\Ahnlab\V3\V3Bar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [FRISK FP-Scheduler] C:\Program Files\FSI\F-Prot\F-Sched.exe STARTUP
O4 - HKLM\..\Run: [F-StopW] C:\Program Files\FSI\F-Prot\F-StopW.EXE
O4 - HKLM\..\Run: [imekrmig7.0] "C:\Program Files\Common Files\Microsoft Shared\IME\IMKR7\IMEKRMIG.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NATEON] C:\Program Files\NATEON\BIN\NATEON.exe -as
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Locate Spot on Map by GPS - C:\Program Files\Opanda\IExif 2.25\IExifMap.htm
O8 - Extra context menu item: Microsoft Excel·Î ³»º¸³»±â(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: View Exif/GPS/IPTC with IExif - C:\Program Files\Opanda\IExif 2.25\IExifCom.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: ¸ð¹ÙÀÏ Áñ°Üã±â ¸¸µé±â... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: ¸®¼­Ä¡ - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: cupido.snu.ac.kr
O16 - DPF: {03F49E0E-C43A-4037-BBD6-D681E998A08E} (CodeAx Class) - http://ezhub.hanyang.ac.kr:8080/EP/web/common/cabfiles/CM_CodeAx.cab
O16 - DPF: {05F82D57-462B-4E84-97C6-E808B0670EAF} (XAgntRun Control) - http://portal.snu.ac.kr:6888/portal/department/snucert/apcweb/XAgntRun.cab
O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} (NowStarter Control) -
O16 - DPF: {0AE0F5F9-8233-49A4-A3C8-004CE190787B} (BMSpeedCheck Control) -
O16 - DPF: {286A75C3-11FB-4FB4-AC4A-4DD1B0750050} (INISAFEWeb6 V6 Class) - http://banking.nonghyup.com/plugin/client/INIS.cab
O16 - DPF: {32D94A9F-9A18-4E12-863D-8AABA8CBDA78} (NateOnMMSAtx3 Class) - http://sms.nate.com/NateOnMMS_AX3.cab
O16 - DPF: {3C611C53-3468-4F9D-8C2E-ADA0338F9E79} (AcubeComm Control) - http://ezhub.hanyang.ac.kr:8080/EP/web/common/cabfiles/AcubeComm.cab
O16 - DPF: {5DAEF053-DEF0-4752-A963-CCE9B49B0B79} (Gogs Class) - http://blog.naver.com/common/item/nbgm.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1154998825881
O16 - DPF: {6C577133-145A-4F5F-B20A-675277A5847C} (HDModuleUpdateCtrl Class) - http://sis.snu.ac.kr/update.cab
O16 - DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404} (XecureWeb 4.0 Client Control) - http://ebank.keb.co.kr/XecureObject/xw_install.cab
O16 - DPF: {8068959B-E424-45AD-B62B-A3FA45B1FBAF} (Report Designer 4.0 Control) - ftp://blacklion.hanyang.ac.kr/Pub/rdviewer40/rdviewer40.cab
O16 - DPF: {8491A278-7773-4E63-B6F1-6E1EAC39920A} (NpBankInstall Control) - http://update.nprotect.net/BankInstall/npBankInstall.cab
O16 - DPF: {9BF607E0-4CC1-4099-9A07-362C9E4FB090} (WStarter Control) - http://live.pdbox.co.kr:8057/WStarter.cab
O16 - DPF: {A671DC03-71D0-4CF0-895C-7D4A248FC1F1} (skcbgmset Class) - http://cyimg7.cyworld.nate.com/cymusic/package/skcbgmset.cab
O16 - DPF: {ADEE463E-9A41-46CB-8055-ADB2CA58E974} (HDFilterUpdateCtrl Class) - http://sis.snu.ac.kr/HWPFilterupdate.cab
O16 - DPF: {C66D5182-7271-4010-87F0-3C06151F2ECF} (ACDHanjaEdit Control) - http://sillok.history.go.kr/ime/ACDHanjaIM.cab
O16 - DPF: {E9FD51D0-DC39-4f93-A67D-CC2F3A8B3B91} (HSNotifyApp) - http://sis.snu.ac.kr/hsnotifyapp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = europa.snu.ac.kr
O17 - HKLM\System\CCS\Services\Tcpip\..\{242473A7-4E31-4578-9732-8125EBB97AE5}: NameServer = 147.46.80.1,147.46.37.10
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = europa.snu.ac.kr
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = europa.snu.ac.kr
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll
O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: F-Prot Antivirus Update Monitor - FRISK Software - C:\Program Files\FSI\F-Prot\fpavupdm.exe
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - D:\oracle\ora92\bin\omtsreco.exe
O23 - Service: OracleOraHome92ClientCache - Unknown owner - D:\oracle\ora92\BIN\ONRSD.EXE
O23 - Service: Tardis time service (Tardis) - Unknown owner - C:\WINDOWS\system32\tardisnt.exe

±×·³ ´äº¯ ±â´Ù¸®°í ÀÖ°Ú½À´Ï´Ù.
¹Ì¸® °¨»çµå¸³´Ï´Ù.

¸ðµÎ ³²Àº ÇÏ·ç Æí¾ÈÇÑ ½Ã°£ µÇ¼¼¿ä.
Anonymous (0)
ºñȸ¿ø
  °Ô½ÃÀÏ: 2006-08-17 20:57||
¾Æ¹«µµ ´äº¯ÇØÁÖ½ÃÁö ¾Ê¾Æ¼­...
½º½º·Î ÇØ°áÇعö·È½À´Ï´Ù. ^^

ö½â°°ÀÌ ¹Ï°í ÀÖ´ø F-protÀÌ ¹®Á¦¿´´ø °Í °°±º¿ä.
¹é½Å ÀÚüÀÇ ¹®Á¦¶ó±â º¸´Ù´Â, ½Ã½ºÅÛ °¨½Ã¿¡¼­ ¹º°¡ Ãæµ¹ÀÌ ÀÖ¾ú´ø °É·Î º¸ÀÔ´Ï´Ù. (¿¹Àü¿£ ±¦Âú¾Ò¾ú´Âµ¥...)
ÇÁ·Î¼¼½º Á׿©°¡¸é¼­ ¹é½Å Á¦°ÅÇÏ´Ï ¹®Á¦°¡ ÇØ°áµÇ´Â±º¿ä.
O4 - HKLM\..\Run: [FRISK FP-Scheduler] C:\Program Files\FSI\F-Prot\F-Sched.exe STARTUP
O4 - HKLM\..\Run: [F-StopW] C:\Program Files\FSI\F-Prot\F-StopW.EXE ¿ä³ðµéÀÔ´Ï´Ù.

ÃÖ±Ù virusbtnÀÇ Æò°¡¿¡¼­µµ friskÀÇ ÀÔÁö°¡ °è¼Ó ³·¾ÆÁö°í ÀÖ´Ù´Â ¼Ò¹®ÀÌ ÀÖ¾ú´Âµ¥...
ÀÌ·± ÀÏÀ» °Þ°í ³ª´Ï±î ¹é½Å »ç¿ë¿¡µµ ¼±¶æ ¼ÕÀÌ °¡Áö ¾Ê´Â±º¿ä.
Ȥ½Ã µ¿ÀÏÇÑ ¹®Á¦¸¦ °ÞÀ¸½Å ºÐÀÌ °è½Ç±îºÁ Æ÷½ºÆà ³²°Ü³õ°í °©´Ï´Ù.
Anonymous (0)
ºñȸ¿ø
  °Ô½ÃÀÏ: 2006-08-20 12:43||
´äÀ» ´Þ·Á°í ÇÏ´Ï ¹ú½á ÇØ°áÇϼ̴õ±º¿ä. 18ÀϺÎÅÍ 20ÀϱîÁö ÈÞ°¡¶ó¼­ ´äÀ» ÇÒ ½Ã°£ÀÌ ¾ø¾ú½À´Ï´Ù. F-ProtÀº Àúµµ ¹ö¸°Áö ²Ï ¿À·¡µÈ ÇÁ·Î±×·¥ÀÔ´Ï´Ù. ¿ÀÁøÀ²ÀÌ ³ô±â ¶§¹®¿¡ AVast·Î ¹Ù²å´Ù°¡ ¿äÁòÀº Anti-Avr °ø°³ ¹öÀüÀ¸·Î ¹Ù²ã »ç¿ëÇÏ°í ÀÖ½À´Ï´Ù.

±×·¯³ª °¨½Ã ÇÁ·Î±×·¥Àº ¿©ÀüÈ÷ »ç¿ëÇÏÁö ¾Ê°í ÀÖ½À´Ï´Ù. ´Ù¸¸ ´Ù¸¥ »ç¶÷¿¡°Ôµµ µµ¿òÀÌ µÉ ¼ö ÀÖ´Â Á¤º¸¶ó ³ª¸¸ÀÇÆÁ °Ô½ÃÆÇÀ¸·Î À̵¿½ÃÄ×½À´Ï´Ù.

[ÀÌ ±ÛÀº °ü¸®ÀÚ¿¡ÀÇÇØ À©µµ¿ìÁî °Ô½ÃÆÇ¿¡¼­ ³ª¸¸ÀÇÆÁ °Ô½ÃÆÇÀ¸·Î À̵¿µÇ¾ú½À´Ï´Ù]

[ ¸Þ½ÃÁö¼öÁ¤: artech ÀϽÃ: 2006-08-20 12:44 ]
´ÙÀ½±Û: ¾øÀ½   
ÀÌÀü±Û: Áßµ¶¼º °­ÇÑ ´ÜÃàÅ° ÇÁ·Î±×·¥ - WinSupport v1.5 (0)11392werty332006-02-12

»õ±Û¾²±â ´ä±Û¾²±â
À̵¿:

¼¼»ó»ç´Â À̾߱â



RSS ±¸µ¶ (À͸í | ȸ¿ø | °­Á | Æ÷·³)
(C) 1996 ~ 2017 QAOS.com All rights reserved.