Code : Nq4BvbZWOUgTeptGbw3vkCDfVBXj12v1Bx852JVLs2brL5LIyTCj8A==

프로그램분석

Code : Nq4BvbZWOUgTeptGbw3vkCDfVBXj12v1Bx852JVLs2brL5LIyTCj8A==

프로세스 천국 2013. 9. 16. 18:40

[00-PROCESS]**AdobeARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[00-PROCESS]**alg -/- C:\WINDOWS\System32\alg.exe
[00-PROCESS]**aspnet_state -/- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
[00-PROCESS]**chrome -/- C:\Program Files\Google\Chrome\Application\chrome.exe
[00-PROCESS]**cisvc -/- C:\WINDOWS\system32\cisvc.exe
[00-PROCESS]**clipsrv -/- C:\WINDOWS\system32\clipsrv.exe
[00-PROCESS]**CodeMeter -/- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
[00-PROCESS]**csrss -/- C:\WINDOWS\system32\csrss.exe
[00-PROCESS]**ctfmon -/- C:\WINDOWS\system32\ctfmon.exe
[00-PROCESS]**dllhost -/- C:\WINDOWS\system32\dllhost.exe
[00-PROCESS]**dmadmin -/- C:\WINDOWS\System32\dmadmin.exe
[00-PROCESS]**Explorer -/- C:\WINDOWS\Explorer.EXE
[00-PROCESS]**firefox -/- C:\Program Files\Mozilla Firefox\firefox.exe
[00-PROCESS]**googletalk -/- C:\Program Files\Google\Google Talk\googletalk.exe
[00-PROCESS]**GoogleUpdate -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[00-PROCESS]**GROOVE -/- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
[00-PROCESS]**HDeck -/- C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
[00-PROCESS]**hkcmd -/- C:\WINDOWS\system32\hkcmd.exe
[00-PROCESS]**HPZipm12 -/- C:\WINDOWS\system32\HPZipm12.exe
[00-PROCESS]**iexplore -/- C:\Program Files\Internet Explorer\iexplore.exe
[00-PROCESS]**igfxpers -/- C:\WINDOWS\system32\igfxpers.exe
[00-PROCESS]**igfxtray -/- C:\WINDOWS\system32\igfxtray.exe
[00-PROCESS]**imapi -/- C:\WINDOWS\system32\imapi.exe
[00-PROCESS]**jqs -/- C:\Program Files\Java\jre7\bin\jqs.exe
[00-PROCESS]**jusched -/- C:\Program Files\Common Files\Java\Java Update\jusched.exe
[00-PROCESS]**KaraokeSer -/- C:\WINDOWS\system32\KaraokeSer.exe
[00-PROCESS]**LiveZilla -/- C:\Program Files\LiveZilla\LiveZilla.exe
[00-PROCESS]**LMIGuardianSvc -/- C:\Program Files\LogMeIn Rescue Technician Console\LogMeInRescueTechnicianConsole_x86\LMIGuardianSvc.exe
[00-PROCESS]**LMIRTechConsole -/- C:\Program Files\LogMeIn Rescue Technician Console\LogMeInRescueTechnicianConsole_x86\LMIRTechConsole.exe
[00-PROCESS]**LMS -/- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
[00-PROCESS]**locator -/- C:\WINDOWS\system32\locator.exe
[00-PROCESS]**lsass -/- C:\WINDOWS\system32\lsass.exe
[00-PROCESS]**maintenanceservice -/- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
[00-PROCESS]**mbamgui -/- C:\Program Files\Malwarebytes Anti-Malware\mbamgui.exe
[00-PROCESS]**mbamscheduler -/- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
[00-PROCESS]**mbamservice -/- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
[00-PROCESS]**mnmsrvc -/- C:\WINDOWS\system32\mnmsrvc.exe
[00-PROCESS]**MSASCui -/- C:\Program Files\Windows Defender\MSASCui.exe
[00-PROCESS]**MSASCui -/- C:\Program Files\Windows Defender\MSASCui.exe
[00-PROCESS]**mscorsvw -/- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[00-PROCESS]**msdtc -/- C:\WINDOWS\system32\msdtc.exe
[00-PROCESS]**msiexec -/- C:\WINDOWS\system32\msiexec.exe
[00-PROCESS]**msmsgs -/- C:\Program Files\Messenger\msmsgs.exe
[00-PROCESS]**MSOSYNC -/- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
[00-PROCESS]**netdde -/- C:\WINDOWS\system32\netdde.exe
[00-PROCESS]**Notification -/- C:\Documents and Settings\Administrator\Qtrax\Player\Notification.exe
[00-PROCESS]**ONENOTEM -/- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
[00-PROCESS]**OSE -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[00-PROCESS]**OSPPSVC -/- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
[00-PROCESS]**quickphrase -/- C:\Program Files\TypingMaster\quickphrase\quickphrase.exe
[00-PROCESS]**rsvp -/- C:\WINDOWS\system32\rsvp.exe
[00-PROCESS]**SCardSvr -/- C:\WINDOWS\System32\SCardSvr.exe
[00-PROCESS]**services -/- C:\WINDOWS\system32\services.exe
[00-PROCESS]**sessmgr -/- C:\WINDOWS\system32\sessmgr.exe
[00-PROCESS]**smlogsvc -/- C:\WINDOWS\system32\smlogsvc.exe
[00-PROCESS]**smss -/- C:\WINDOWS\System32\smss.exe
[00-PROCESS]**spoolsv -/- C:\WINDOWS\system32\spoolsv.exe
[00-PROCESS]**svchost -/- C:\WINDOWS\system32\svchost.exe
[00-PROCESS]**TeamViewer_Service -/- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
[00-PROCESS]**tlntsvr -/- C:\WINDOWS\system32\tlntsvr.exe
[00-PROCESS]**ups -/- C:\WINDOWS\System32\ups.exe
[00-PROCESS]**vssvc -/- C:\WINDOWS\System32\vssvc.exe
[00-PROCESS]**winlogon -/- C:\WINDOWS\system32\winlogon.exe
[00-PROCESS]**WINWORD -/- C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
[00-PROCESS]**wmiapsrv -/- C:\WINDOWS\system32\wbem\wmiapsrv.exe
[00-PROCESS]**wmiprvse -/- C:\WINDOWS\system32\wbem\wmiprvse.exe
[00-PROCESS]**wscript -/- C:\WINDOWS\system32\wscript.exe
[00-PROCESS]**x-lite -/- C:\Program Files\CounterPath\X-Lite\x-lite.exe
[01-HKCUREG]**Adobe ARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[01-HKCUREG]**CTFMON -/- C:\WINDOWS\system32\wscript.exe /E:vbs C:\WINDOWS\system32\winjpg.jpg
[01-HKCUREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[01-HKCUREG]**eyeBeam SIP Client -/- C:\Program Files\CounterPath\X-Lite\x-lite.exe
[01-HKCUREG]**googletalk -/- C:\Program Files\Google\Google Talk\googletalk.exe /autostart
[01-HKCUREG]**HDAudDeck -/- C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
[01-HKCUREG]**HotKeysCmds -/- C:\WINDOWS\system32\hkcmd.exe
[01-HKCUREG]**IgfxTray -/- C:\WINDOWS\system32\igfxtray.exe
[01-HKCUREG]**LiveZilla -/- C:\Program Files\LiveZilla\LiveZilla.exe -minimize
[01-HKCUREG]**MSMSGS -/- C:\Program Files\Messenger\msmsgs.exe /background
[01-HKCUREG]**OfficeSyncProcess -/- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
[01-HKCUREG]**Persistence -/- C:\WINDOWS\system32\igfxpers.exe
[01-HKCUREG]**QtraxNotification -/- C:\Documents and Settings\Administrator\Qtrax\Player\Notification.exe
[01-HKCUREG]**QuickPhrase -/- C:\Program Files\TypingMaster\quickphrase\quickphrase.exe
[01-HKCUREG]**regdiit -/- C:\WINDOWS\system32\Explorer.exe
[01-HKCUREG]**SunJavaUpdateSched -/- C:\Program Files\Common Files\Java\Java Update\jusched.exe
[01-HKCUREG]**uTorrent -/- C:\Documents and Settings\Administrator\Application Data\uTorrent\uTorrent.exe /MINIMIZED
[01-HKCUREG]**Windows Defender -/- C:\Program Files\Windows Defender\MSASCui.exe
[02-HKLMREG]**Adobe ARM -/- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[02-HKLMREG]**CTFMON -/- C:\WINDOWS\system32\wscript.exe /E:vbs C:\WINDOWS\system32\winjpg.jpg
[02-HKLMREG]**ctfmon.exe -/- C:\WINDOWS\system32\ctfmon.exe
[02-HKLMREG]**eyeBeam SIP Client -/- C:\Program Files\CounterPath\X-Lite\x-lite.exe
[02-HKLMREG]**googletalk -/- C:\Program Files\Google\Google Talk\googletalk.exe /autostart
[02-HKLMREG]**HDAudDeck -/- C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
[02-HKLMREG]**HotKeysCmds -/- C:\WINDOWS\system32\hkcmd.exe
[02-HKLMREG]**IgfxTray -/- C:\WINDOWS\system32\igfxtray.exe
[02-HKLMREG]**LiveZilla -/- C:\Program Files\LiveZilla\LiveZilla.exe -minimize
[02-HKLMREG]**MSMSGS -/- C:\Program Files\Messenger\msmsgs.exe /background
[02-HKLMREG]**OfficeSyncProcess -/- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
[02-HKLMREG]**Persistence -/- C:\WINDOWS\system32\igfxpers.exe
[02-HKLMREG]**QtraxNotification -/- C:\Documents and Settings\Administrator\Qtrax\Player\Notification.exe
[02-HKLMREG]**QuickPhrase -/- C:\Program Files\TypingMaster\quickphrase\quickphrase.exe
[02-HKLMREG]**regdiit -/- C:\WINDOWS\system32\Explorer.exe
[02-HKLMREG]**SunJavaUpdateSched -/- C:\Program Files\Common Files\Java\Java Update\jusched.exe
[02-HKLMREG]**uTorrent -/- C:\Documents and Settings\Administrator\Application Data\uTorrent\uTorrent.exe /MINIMIZED
[02-HKLMREG]**Windows Defender -/- C:\Program Files\Windows Defender\MSASCui.exe
[03-BHOCLSD]**Groove GFS Browser Helper -/- C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL -/- {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
[03-BHOCLSD]**Java(tm) Plug-In 2 SSV Helper -/- C:\Program Files\Java\jre7\bin\jp2ssv.dll -/- {DBC80044-A445-435b-BC74-9C25C1C588A9}
[03-BHOCLSD]**Java(tm) Plug-In SSV Helper -/- C:\Program Files\Java\jre7\bin\ssv.dll -/- {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
[03-BHOCLSD]**N.A -/- N.A -/- {7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
[03-BHOCLSD]**Office Document Cache Handler -/- C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL -/- {B4F3A835-0E21-4959-BA22-42B3008E02FF}
[04-TOOLBAR]**N.A -/- N.A -/- 10
[05-SERVICE]**btpodaoh -/- Network System -/- C:\WINDOWS\system32\svchost.exe -/- C:\WINDOWS\system32\qgtwnj.dll.old
[05-SERVICE]**cgfrgsqj -/- Driver Support -/- C:\WINDOWS\system32\svchost.exe -/- C:\WINDOWS\system32\jlqbmrq.dll.old
[05-SERVICE]**CodeMeter.exe -/- CodeMeter Runtime Server -/- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
[05-SERVICE]**dicwzfkt -/- Universal Security -/- C:\WINDOWS\system32\svchost.exe -/- C:\WINDOWS\system32\ufxmtkn.dll.old
[05-SERVICE]**gexpaaw -/- Server Config -/- C:\WINDOWS\system32\svchost.exe -/- C:\WINDOWS\system32\ufxmtkn.dll.old
[05-SERVICE]**gupdate -/- Google Update Service (gupdate) -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**gupdatem -/- Google Update Service (gupdatem) -/- C:\Program Files\Google\Update\GoogleUpdate.exe
[05-SERVICE]**hpdfkawol -/- Image Boot -/- C:\WINDOWS\system32\svchost.exe -/- C:\WINDOWS\system32\jlqbmrq.dll.old
[05-SERVICE]**JavaQuickStarterService -/- Java Quick Starter -/- C:\Program Files\Java\jre7\bin\jqs.exe -service -config C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf
[05-SERVICE]**KaraokeService -/- VIA Karaoke digital mixer Service -/- C:\WINDOWS\system32\KaraokeSer.exe
[05-SERVICE]**LMS -/- Intel(R) Management and Security Application Local Management Service -/- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
[05-SERVICE]**MBAMScheduler -/- MBAMScheduler -/- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
[05-SERVICE]**MBAMService -/- MBAMService -/- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
[05-SERVICE]**Microsoft SharePoint Workspace Audit Service -/- Microsoft SharePoint Workspace Audit Service -/- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
[05-SERVICE]**MozillaMaintenance -/- Mozilla Maintenance Service -/- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
[05-SERVICE]**muwlgjnqj -/- Update Support -/- C:\WINDOWS\system32\svchost.exe -/- C:\WINDOWS\system32\ufxmtkn.dll.old
[05-SERVICE]**mykxssfr -/- Universal System -/- C:\WINDOWS\system32\svchost.exe -/- C:\WINDOWS\system32\yxdvzszl.dll.old
[05-SERVICE]**napagent -/- Network Access Protection Agent -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\System32\qagentrt.dll
[05-SERVICE]**ose -/- Office Source Engine -/- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
[05-SERVICE]**osppsvc -/- Office Software Protection Platform -/- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
[05-SERVICE]**Pml Driver HPZ12 -/- Pml Driver HPZ12 -/- C:\WINDOWS\system32\HPZipm12.exe
[05-SERVICE]**rbahhca -/- Installer Monitor -/- C:\WINDOWS\system32\svchost.exe -/- C:\WINDOWS\system32\jlqbmrq.dll.old
[05-SERVICE]**TeamViewer8 -/- TeamViewer 8 -/- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
[05-SERVICE]**vwtqidh -/- sasxkewbx -/- C:\WINDOWS\system32\svchost.exe -/- C:\WINDOWS\system32\vvdbtzk.dll.old
[05-SERVICE]**whugl -/- Center Helper -/- C:\WINDOWS\system32\svchost.exe -/- C:\WINDOWS\system32\jlqbmrq.dll.old
[05-SERVICE]**ynmbzfler -/- Universal Server -/- C:\WINDOWS\System32\svchost.exe -/- C:\WINDOWS\System32\xmlprov.dll
[05-SERVICE]**zxafarix -/- Driver Task -/- C:\WINDOWS\system32\svchost.exe -/- C:\Program Files\Internet Explorer\qgtwnj.dll.old