Code : sFkYkTWSE7wkiWsj/RPrlZ0Ig9CGn+wYvn2iRvGD9rU=

프로그램분석

Code : sFkYkTWSE7wkiWsj/RPrlZ0Ig9CGn+wYvn2iRvGD9rU=

프로세스 천국 2013. 4. 2. 10:17

[00-PROCESS]**bronstab -/- C:\WINDOWS\ShellNew\bronstab.exe
[00-PROCESS]**chrome -/- C:\Program Files\Google\Chrome\Application\chrome.exe
[00-PROCESS]**FlashPlayerUpdateService -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00-PROCESS]**fsssvc -/- C:\Program Files\Windows Live\Family Safety\fsssvc.exe
[00-PROCESS]**GoogleUpdate -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[00-PROCESS]**GrooveAuditService -/- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
[00-PROCESS]**GrooveMonitor -/- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
[00-PROCESS]**msnmsgr -/- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[00-PROCESS]**nvsvc32 -/- C:\WINDOWS\system32\nvsvc32.exe
[00-PROCESS]**ODSERV -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[00-PROCESS]**OSE -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[00-PROCESS]**RTHDCPL -/- C:\WINDOWS\RTHDCPL.EXE
[00-PROCESS]**RUNDLL32 -/- C:\WINDOWS\system32\RUNDLL32.EXE
[00-PROCESS]**Skype -/- C:\Program Files\Skype\Phone\Skype.exe
[00-PROCESS]**smss -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\smss.exe
[00-PROCESS]**TeamViewer_Service -/- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
[00-PROCESS]**ts3client_win32 -/- C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
[00-PROCESS]**Updater -/- C:\Program Files\Skype\Updater\Updater.exe
[00-PROCESS]**WinRAR -/- C:\Program Files\WinRAR\WinRAR.exe
[00-PROCESS]**wuactlyx -/- C:\WINDOWS\wuactlyx.exe
[00-PROCESS]**XP-CBC2FA8B -/- C:\WINDOWS\system32\XP-CBC2FA8B.EXE
[01-HKCUREG]**Alcmtr -/- ALCMTR.EXE
[01-HKCUREG]**Barsaka -/- explorer.exe
[01-HKCUREG]**Bron-Spizaetus -/- C:\WINDOWS\ShellNew\bronstab.exe
[01-HKCUREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[01-HKCUREG]**GrooveMonitor -/- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
[01-HKCUREG]**KernelFaultCheck -/- C:\WINDOWS\system32\dumprep 0 -k
[01-HKCUREG]**msnmsgr -/- C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background
[01-HKCUREG]**NvCplDaemon -/- RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dllNvStartup
[01-HKCUREG]**NvMediaCenter -/- RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dllNvTaskbarInit
[01-HKCUREG]**nwiz -/- nwiz.exe /install
[01-HKCUREG]**RTHDCPL -/- RTHDCPL.EXE
[01-HKCUREG]**run32 -/- C:\Win\lsass.exe
[01-HKCUREG]**Skype -/- C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun
[01-HKCUREG]**Tok-Cirrhatus -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\smss.exe
[01-HKCUREG]**wuactlyx -/- C:\WINDOWS\wuactlyx.exe
[01-HKCUREG]**XP-CBC2FA8B -/- C:\WINDOWS\system32\XP-CBC2FA8B.EXE
[02-HKLMREG]**Alcmtr -/- ALCMTR.EXE
[02-HKLMREG]**Barsaka -/- explorer.exe
[02-HKLMREG]**Bron-Spizaetus -/- C:\WINDOWS\ShellNew\bronstab.exe
[02-HKLMREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[02-HKLMREG]**GrooveMonitor -/- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
[02-HKLMREG]**KernelFaultCheck -/- C:\WINDOWS\system32\dumprep 0 -k
[02-HKLMREG]**msnmsgr -/- C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background
[02-HKLMREG]**NvCplDaemon -/- RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dllNvStartup
[02-HKLMREG]**NvMediaCenter -/- RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dllNvTaskbarInit
[02-HKLMREG]**nwiz -/- nwiz.exe /install
[02-HKLMREG]**RTHDCPL -/- RTHDCPL.EXE
[02-HKLMREG]**run32 -/- C:\Win\lsass.exe
[02-HKLMREG]**Skype -/- C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun
[02-HKLMREG]**Tok-Cirrhatus -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\smss.exe
[02-HKLMREG]**wuactlyx -/- C:\WINDOWS\wuactlyx.exe
[02-HKLMREG]**XP-CBC2FA8B -/- C:\WINDOWS\system32\XP-CBC2FA8B.EXE
[03-BHOCLSD]**{2b9f8eac-9ea3-4add-b3af-3c30c3b24895} -/- C:\Documents and Settings\Administrator\Application Data\Kurulum\Kurulum.dll
[03-BHOCLSD]**{5C255C8A-E604-49b4-9D64-90988571CECB} -/- N.A
[03-BHOCLSD]**{72853161-30C5-4D22-B7F9-0BBC1D38A37E} -/- C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
[03-BHOCLSD]**{9030D464-4C02-4ABF-8ECC-5164760863C6} -/- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
[04-TOOLBAR]**{2b9f8eac-9ea3-4add-b3af-3c30c3b24895} -/- C:\Documents and Settings\Administrator\Application Data\Kurulum\Kurulum.dll
[05-SERVICE]**AdobeFlashPlayerUpdateSvc -/- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[05-SERVICE]**fsssvc -/- C:\Program Files\Windows Live\Family Safety\fsssvc.exe
[05-SERVICE]**gupdate -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**gupdatem -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**helpsvc -/- C:\WINDOWS\System32\svchost.exe
[05-SERVICE]**Microsoft Office Groove Audit Service -/- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
[05-SERVICE]**napagent -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\System32\qagentrt.dll
[05-SERVICE]**NVSvc -/- C:\WINDOWS\system32\nvsvc32.exe
[05-SERVICE]**PEVSystemStart -/- C:\ComboFix\pev.3XE EXEC
[05-SERVICE]**SkypeUpdate -/- C:\Program Files\Skype\Updater\Updater.exe
[05-SERVICE]**TeamViewer8 -/- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
[05-SERVICE]**TermService -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\System32\termsrv.dll