Code : 2HVcrRSkl2W6LSlCyPptB1Gd6Ufgi1FpGcZluVc6BIiJc/9sY1ewpw==

프로그램분석

Code : 2HVcrRSkl2W6LSlCyPptB1Gd6Ufgi1FpGcZluVc6BIiJc/9sY1ewpw==

프로세스 천국 2013. 6. 27. 19:03

[00-PROCESS]**24naq -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-46689\24naq.exe
[00-PROCESS]**2D4C -/- C:\Users\Administrator\AppData\Roaming\2D4C.exe
[00-PROCESS]**8F46 -/- C:\Users\Administrator\AppData\Roaming\8F46.exe
[00-PROCESS]**AdobeARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[00-PROCESS]**armsvc -/- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
[00-PROCESS]**avgidsagent -/- C:\Program Files\AVG\AVG2013\avgidsagent.exe
[00-PROCESS]**avgui -/- C:\Program Files\AVG\AVG2013\avgui.exe
[00-PROCESS]**avgwdsvc -/- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
[00-PROCESS]**BrowserProtect -/- C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
[00-PROCESS]**c2gbsf9 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-95590\c2gbsf9.exe
[00-PROCESS]**cafef9 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-15555590\cafef9.exe
[00-PROCESS]**chrome -/- C:\Program Files\Google\Chrome\Application\chrome.exe
[00-PROCESS]**Denzi -/- C:\Program Files\Denzi\Denzi.exe
[00-PROCESS]**GoogleUpdate -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[00-PROCESS]**GrooveAuditService -/- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
[00-PROCESS]**GrooveMonitor -/- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
[00-PROCESS]**Ldgygj -/- C:\Users\Administrator\AppData\Roaming\Microsoft\Ldgygj.exe
[00-PROCESS]**mspaint -/- C:\Windows\system32\mspaint.exe
[00-PROCESS]**ODSERV -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[00-PROCESS]**ONENOTEM -/- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[00-PROCESS]**OSE -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[00-PROCESS]**p444y129 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-15559\p444y129.exe
[00-PROCESS]**proxzy12 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-17251\proxzy12.exe
[00-PROCESS]**proxzy13 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-17253\proxzy13.exe
[00-PROCESS]**proxzy14 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-17254\proxzy14.exe
[00-PROCESS]**proxzy15 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-17255\proxzy15.exe
[00-PROCESS]**rundll32 -/- C:\Users\Administrator\AppData\Roaming\Microsoft\Office\rundll32.exe
[00-PROCESS]**SMSvcHost -/- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
[00-PROCESS]**wmpnetwk -/- C:\Program Files\Windows Media Player\wmpnetwk.exe
[01-HKCUREG]**2gbs29dd -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-95590\c2gbsf9.exe
[01-HKCUREG]**Adobe ARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[01-HKCUREG]**AVG_UI -/- C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY
[01-HKCUREG]**ca40229dd -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-15555590\cafef9.exe
[01-HKCUREG]**Denzi -/- C:\Program Files\Denzi\Denzi.exe
[01-HKCUREG]**GrooveMonitor -/- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
[01-HKCUREG]**Ldgygj -/- C:\Users\Administrator\AppData\Roaming\Microsoft\Ldgygj.exe
[01-HKCUREG]**Microsoft Windows -/- C:\Users\Administrator\AppData\Roaming\Microsoft\Office\rundll32.exe
[01-HKCUREG]**Msn Messsenger -/- C:\Users\Administrator\AppData\Roaming\regsvr.exe
[01-HKCUREG]**p4440229 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-15559\p444y129.exe
[01-HKCUREG]**proxzy022 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-17251\proxzy12.exe
[01-HKCUREG]**proxzy023 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-17253\proxzy13.exe
[01-HKCUREG]**proxzy024 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-17254\proxzy14.exe
[01-HKCUREG]**proxzy025 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-17255\proxzy15.exe
[01-HKCUREG]**Screen Saver Pro 3.1 -/- C:\Users\Administrator\AppData\Roaming\ScreenSaverPro.scr
[01-HKCUREG]**t4q -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-46689\24naq.exe
[01-HKCUREG]**Yahoo Messsenger -/- C:\Users\Administrator\AppData\Roaming\support\svchost.exe
[02-HKLMREG]**2gbs29dd -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-95590\c2gbsf9.exe
[02-HKLMREG]**Adobe ARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[02-HKLMREG]**AVG_UI -/- C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY
[02-HKLMREG]**ca40229dd -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-15555590\cafef9.exe
[02-HKLMREG]**Denzi -/- C:\Program Files\Denzi\Denzi.exe
[02-HKLMREG]**GrooveMonitor -/- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
[02-HKLMREG]**Ldgygj -/- C:\Users\Administrator\AppData\Roaming\Microsoft\Ldgygj.exe
[02-HKLMREG]**Microsoft Windows -/- C:\Users\Administrator\AppData\Roaming\Microsoft\Office\rundll32.exe
[02-HKLMREG]**Msn Messsenger -/- C:\Users\Administrator\AppData\Roaming\regsvr.exe
[02-HKLMREG]**p4440229 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-15559\p444y129.exe
[02-HKLMREG]**proxzy022 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-17251\proxzy12.exe
[02-HKLMREG]**proxzy023 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-17253\proxzy13.exe
[02-HKLMREG]**proxzy024 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-17254\proxzy14.exe
[02-HKLMREG]**proxzy025 -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-17255\proxzy15.exe
[02-HKLMREG]**Screen Saver Pro 3.1 -/- C:\Users\Administrator\AppData\Roaming\ScreenSaverPro.scr
[02-HKLMREG]**t4q -/- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-46689\24naq.exe
[02-HKLMREG]**Yahoo Messsenger -/- C:\Users\Administrator\AppData\Roaming\support\svchost.exe
[03-BHOCLSD]**Adobe PDF Link Helper -/- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll -/- {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
[03-BHOCLSD]**DealPly -/- C:\Program Files\DealPly\DealPlyIE.dll -/- {EF7BD87A-8024-11E2-F316-F3E56188709B}
[03-BHOCLSD]**delta Helper Object -/- C:\Program Files\Delta\delta\1.8.16.16\bh\delta.dll -/- {C1AF5FA5-852C-4C90-812E-A7F75E011D87}
[03-BHOCLSD]**Groove GFS Browser Helper -/- C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL -/- {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
[04-TOOLBAR]**Delta Toolbar -/- C:\Program Files\Delta\delta\1.8.16.16\deltaTlbr.dll -/- {82E1477C-B154-48D3-9891-33D83C26BCD3}
[05-SERVICE]**AdobeARMservice -/- Adobe Acrobat Update Service -/- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
[05-SERVICE]**AVGIDSAgent -/- AVGIDSAgent -/- C:\Program Files\AVG\AVG2013\avgidsagent.exe
[05-SERVICE]**avgwd -/- AVG WatchDog -/- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
[05-SERVICE]**BrowserProtect -/- BrowserProtect -/- C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
[05-SERVICE]**gupdate -/- Google Update Service (gupdate) -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**gupdatem -/- Google Update Service (gupdatem) -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**lmhosts -/- TCP/IP NetBIOS Helper -/- C:\Windows\system32\svchost.exe -/- C:\Windows\System32\lltdsvc.dll
[05-SERVICE]**Microsoft Office Groove Audit Service -/- Microsoft Office Groove Audit Service -/- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
[05-SERVICE]**NlaSvc -/- Network Location Awareness -/- C:\Windows\System32\svchost.exe
[05-SERVICE]**nsi -/- Network Store Interface Service -/- C:\Windows\system32\svchost.exe
[05-SERVICE]**odserv -/- Microsoft Office Diagnostics Service -/- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
[05-SERVICE]**ose -/- Office Source Engine -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE