-moc nerozumim pocitacum
-nejede mi internet-pise ze mam spam v pocitaci
-NOD32 uklada porad neco do karanteny
-rikam, moc tomu nerozumim tak prosim uplne polopatycky,dekuji
log:
Windows XP SP 2 (build 2600)
Boot Mode: Normal
Microsoft files verification: Yes
Whitelist: Yes
Internet Explorer v6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Log generated:26.1.2010 20:50:11
================================================================
SmallARK
================================================================
Running processes
================================================================
C:\DOCUMENTS AND SETTINGS\TOB\EPDRVH.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP QUICK LAUNCH BUTTONS\QLBCTRL.EXE
C:\WINDOWS\SYSTEM32\ICO.EXE
C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
C:\PROGRAM FILES\ESET\NOD32KUI.EXE
C:\PROGRAM FILES\SAMSUNG\SAMSUNG MEDIA STUDIO 5\SMSTRAY.EXE
C:\PROGRAM FILES\MARKANY\CONTENTSAFER\MAAGENT.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE
C:\PROGRAM FILES\JAVA\JRE6\BIN\JUSCHED.EXE
C:\PROGRAM FILES\KAT MP3 RECORDER\KAT MP3 RECORDER.EXE
C:\PROGRAM FILES\COMMON FILES\LIGHTSCRIBE\LIGHTSCRIBECONTROLPANEL.EXE
C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 3\AWC.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP PAVILION WEBCAM\HPWEBCAM.EXE
C:\PROGRAM FILES\JAVA\JRE6\BIN\JQS.EXE
C:\PROGRAM FILES\COMMON FILES\LIGHTSCRIBE\LSSRVC.EXE
C:\PROGRAM FILES\ESET\NOD32KRN.EXE
C:\WINDOWS\SYSTEM32\NVSVC32.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\SHARED\HPQWMIEX.EXE
C:\PROGRAM FILES\ESET\NOD32.EXE
Scanner
================================================================
[?] epdrvh.exe
Without manufacturer
Startup entry HKLM Userinit [Userinit]
Module faked path: (00400000) C:\Documents and Settings\Tob\epdrvh.exe
No window
File 14%
[S] explorer.exe
Startup entry HKLM Winlogon [Shell]
[S] rundll32.exe
Startup entry HKLM Run [NvCplDaemon]
[?] QLBCTRL.exe
Startup entry HKLM Run [QlbCtrl.exe]
File 7%
[?] ICO.EXE
Non Microsoft in System32:
Startup entry HKLM Run [Mouse Suite 98 Daemon]
[?] winampa.exe
Without manufacturer
Startup entry HKLM Run [WinampAgent]
File 25%
[?] nod32kui.exe
Startup entry HKLM Run [nod32kui]
File 14%
[?] SMSTray.exe
Startup entry HKLM Run [SMSTray]
File 7%
[?] MaAgent.exe
Startup entry HKLM Run [MAAgent]
File 14%
[S] rundll32.exe
Startup entry HKLM Run [NvCplDaemon]
[?] jusched.exe
Startup entry HKLM Run [SunJavaUpdateSched]
No window
File 7%
[?] Kat MP3 Recorder.exe
Without manufacturer
Startup entry HKLM Run [PATHPILOT]
File 12%
[S] ctfmon.exe
Startup entry HKCU Run [CTFMON.EXE]
[S] msmsgs.exe
Startup entry HKCU Run [MSMSGS]
[?] LightScribeControlPanel.exe
Startup entry HKCU Run [LightScribe Control Panel]
File 14%
[?] AWC.exe
Startup entry HKCU Run [Advanced SystemCare 3]
EntryPoint in section: CODE
|_ Section count: 8
File 63%
[?] HPWebcam.exe
Startup entry Startup []
File 14%
[?] jqs.exe
No window
File 7%
[?] LSSrvc.exe
No window
File 7%
[?] nod32krn.exe
File 7%
[?] nvsvc32.exe
Non Microsoft in System32:
[?] hpqWmiEx.exe
No window
File 7%
[?] nod32.exe
File 7%
Startup
================================================================
HKCU Run
|_ [S][MSMSGS] C:\Program Files\Messenger\msmsgs.exe /background
|_ [?][LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
|_ [!][Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe /startup
HKLM Run
|_ [?][hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
|_ [?][NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll ,NvStartup
|_ [?][NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll ,NvTaskbarInit
|_ [?][nwiz] nwiz.exe /installquiet /nodetect
|_ [?][SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
|_ [?][QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
|_ [?][Mouse Suite 98 Daemon] C:\WINDOWS\system32\ICO.EXE
|_ [?][WinampAgent] C:\Program Files\Winamp\winampa.exe
|_ [?][nod32kui] C:\Program Files\Eset\nod32kui.exe /WAITSERVICE
|_ [?][SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
|_ [?][MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
|_ [?][Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
|_ [?][QuickTime Task] C:\Program Files\QuickTime\qttask.exe -atboottime
|_ [X][LaunchList] C:\Program Files\Pinnacle\Studio 9\LaunchList.exe (File not found)
|_ [?][SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
|_ [?][High Definition Audio Property Page Shortcut] C:\WINDOWS\system32\CHDAudPropShortcut.exe
|_ [?][PATHPILOT] C:\Program Files\Kat MP3 Recorder\Kat MP3 Recorder.exe
|_ [?][AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe -launchedbylogin
|_ [?][jwm] C:\WINDOWS\system32\jwm.exe \u
HKLM IC
|_ [X][>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP (File not found)
|_ [?][{10880D85-AAD9-4558-ABDC-2AB1552D831F}] C:\Program Files\Common Files\LightScribe\LSRunOnce.exe
|_ [?][{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] C:\WINDOWS\INF\msnetmtg.inf ,NetMtg.Install.PerUser.NT
|_ [?][{5945c046-1e7d-11d1-bc44-00c04fd912be}] C:\WINDOWS\INF\msmsgs.inf ,BLC.QuietInstall.PerUser
|_ [?][{6BF52A52-394A-11d3-B153-00C04F79FAA6}] C:\WINDOWS\INF\wmp.inf ,PerUserStub
|_ [?][{89820200-ECBD-11cf-8B85-00AA005B4340}] regsvr32.exe /s /n /i:U shell32.dll
HKLM Userinit
|_ [?][Userinit] C:\Documents and Settings\Tob\epdrvh.exe \s
Startup
|_ C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
|_ C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe
|_ C:\Program Files\Microsoft Office\Office10\OSA.EXE
Job
|_ [?][APPLES~1.JOB] C:\Program Files\Apple Software Update\SoftwareUpdate.exe
HKLM BHO
|_ [?][{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
|_ [?][{2bae58c2-79f9-45d1-a286-81f911301c3a}] C:\Program Files\P2P_Energy\tbP2P_.dll
|_ [!][{53707962-6F74-2D53-2644-206D7942484F}] C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
|_ [?][{DBC80044-A445-435b-BC74-9C25C1C588A9}] C:\Program Files\Java\jre6\bin\jp2ssv.dll
|_ [?][{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
HKCU IE WebBrowser Toolbar
|_ [X][{A057A204-BACC-4D26-9990-79A187E2698E}] (File not found)
|_ [?][{2BAE58C2-79F9-45D1-A286-81F911301C3A}] C:\Program Files\P2P_Energy\tbP2P_.dll
HKLM IE Toolbar
|_ [?][{2bae58c2-79f9-45d1-a286-81f911301c3a}] C:\Program Files\P2P_Energy\tbP2P_.dll
Services (Display running: True, Display stopped: False, Display safe: False)
================================================================
[?] hpqwmiex
|_ Path: C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
| |_ Manufacturer: Hewlett-Packard Development Company, L.P.
| |_ Description: hpqwmiex Module
| |_ MD5: 04C1DCBB226C6AE647B794833CE3CEB6
|
|_ Name: hpqwmiex
|_ StartName: LocalSystem
|_ Startup type: Auto Start
|_ Status: Running
|_ Type: Win32 Own Process
|_ Dependency: RPCSS
[X] Java Quick Starter
|_ Path: C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf
| |_ Manufacturer:
| |_ Description:
| |_ MD5:
|
|_ Name: JavaQuickStarterService
|_ StartName: LocalSystem
|_ Startup type: Auto Start
|_ Status: Running
|_ Type: Win32 Own Process
|_ Dependency:
[?] LightScribeService Direct Disc Labeling Service
|_ Path: C:\Program Files\Common Files\LightScribe\LSSrvc.exe
| |_ Manufacturer: Hewlett-Packard Company
| |_ Description: LightScribe Service
| |_ MD5: 53710476495886D9961BE46983A6A33F
|
|_ Name: LightScribeService
|_ StartName: LocalSystem
|_ Startup type: Auto Start
|_ Status: Running
|_ Type: Win32 Own Process
|_ Dependency:
[?] NOD32 Kernel Service
|_ Path: C:\Program Files\Eset\nod32krn.exe
| |_ Manufacturer: Eset
| |_ Description: NOD32 Kernel Service
| |_ MD5: 7DA9D9593081CB76FCCDAB3F14438370
|
|_ Name: NOD32krn
|_ StartName: LocalSystem
|_ Startup type: Auto Start
|_ Status: Running
|_ Type:
|_ Dependency:
[?] NVIDIA Display Driver Service
|_ Path: C:\WINDOWS\System32\nvsvc32.exe
| |_ Manufacturer: NVIDIA Corporation
| |_ Description: NVIDIA Driver Helper Service, Version 86.02
| |_ MD5: 6D88C26BF33D2B8404F01CECBDD47D3A
|
|_ Name: NVSvc
|_ StartName: LocalSystem
|_ Startup type: Auto Start
|_ Status: Running
|_ Type: Win32 Own Process
|_ Dependency:
Drivers (Display running: True, Display stopped: False, Display safe: False)
================================================================
[?] adfs
|_ Path: C:\WINDOWS\system32\drivers\adfs.sys
| |_ Manufacturer: Adobe Systems, Inc.
| |_ Description: Adobe Drive File System Driver
| |_ MD5: 6D7F09CD92A9FEF3A8EFCE66231FDD79
|
|_ Name: adfs
|_ StartName:
|_ Startup type: Auto Start
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] AMON
|_ Path: C:\WINDOWS\system32\drivers\amon.sys
| |_ Manufacturer: Eset
| |_ Description: Amon monitor
| |_ MD5: 687C3F2E78AEB209ADE1CC265A2560BB
|
|_ Name: AMON
|_ StartName:
|_ Startup type: Auto Start
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] HBtnKey
|_ Path: C:\WINDOWS\system32\DRIVERS\cpqbttn.sys
| |_ Manufacturer: Hewlett-Packard Development Company, L.P.
| |_ Description: HP Tablet PC Key Button HID Driver
| |_ MD5: DE15777902A5D9121857D155873A1D1B
|
|_ Name: HBtnKey
|_ StartName:
|_ Startup type: Manual startup
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] Microsoft UAA Function Driver for High Definition Audio Service
|_ Path: C:\WINDOWS\system32\drivers\CHDAud.sys
| |_ Manufacturer: Conexant Systems Inc.
| |_ Description: High Definition Audio Function Driver
| |_ MD5: 4905D28AA09F63E6A2F4E93ED6DD7D19
|
|_ Name: HdAudAddService
|_ StartName:
|_ Startup type: Manual startup
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] HpqKbFilter Driver
|_ Path: C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys
| |_ Manufacturer: Hewlett-Packard Development Company, L.P.
| |_ Description: HpqKbFiltr Keyboard Filter Driver
| |_ MD5: 35956140E686D53BF676CF0C778880FC
|
|_ Name: HpqKbFiltr
|_ StartName:
|_ Startup type: Manual startup
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] HSFHWAZL
|_ Path: C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
| |_ Manufacturer: Conexant Systems, Inc.
| |_ Description: HSF_HWAZL WDM driver
| |_ MD5: 8E60293C44E3F6F7F09DEFB60023A37D
|
|_ Name: HSFHWAZL
|_ StartName:
|_ Startup type: Manual startup
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] HSF_DPV
|_ Path: C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
| |_ Manufacturer: Conexant Systems, Inc.
| |_ Description: HSF_DP driver
| |_ MD5: 4C2AAB15AD6229134F70E5C950E6185C
|
|_ Name: HSF_DPV
|_ StartName:
|_ Startup type: Manual startup
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] nod32drv
|_ Path: C:\WINDOWS\system32\drivers\nod32drv.sys
| |_ Manufacturer:
| |_ Description:
| |_ MD5: B4EA8CBA9A69D0921B7BD89C8CF9E032
|
|_ Name: nod32drv
|_ StartName:
|_ Startup type: System Start
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] nv
|_ Path: C:\WINDOWS\System32\DRIVERS\nv4_mini.sys
| |_ Manufacturer: NVIDIA Corporation
| |_ Description: NVIDIA Compatible Windows 2000 Miniport Driver, Version 86.02
| |_ MD5: 59E5D945934EC2E7EAA22AF81813DABF
|
|_ Name: nv
|_ StartName:
|_ Startup type: Manual startup
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] nvata
|_ Path: C:\WINDOWS\system32\DRIVERS\nvata.sys
| |_ Manufacturer: NVIDIA Corporation
| |_ Description: NVIDIA® nForce(TM) IDE Performance Driver
| |_ MD5: 3AC5EEDD35B7437D53960F3998BFA462
|
|_ Name: nvata
|_ StartName:
|_ Startup type: Boot Start
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] nvatabus
|_ Path: C:\WINDOWS\system32\DRIVERS\nvatabus.sys
| |_ Manufacturer: NVIDIA Corporation
| |_ Description: NVIDIA® nForce(TM) IDE Performance Driver
| |_ MD5: 3AC5EEDD35B7437D53960F3998BFA462
|
|_ Name: nvatabus
|_ StartName:
|_ Startup type: Boot Start
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] NVIDIA nForce Networking Controller Driver
|_ Path: C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
| |_ Manufacturer: NVIDIA Corporation
| |_ Description: NVIDIA Networking Function Driver.
| |_ MD5: 22EEDB34C4D7613A25B10C347C6C4C21
|
|_ Name: NVENETFD
|_ StartName:
|_ Startup type: Manual startup
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] NVIDIA Network Bus Enumerator
|_ Path: C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
| |_ Manufacturer: NVIDIA Corporation
| |_ Description: NVIDIA Networking Bus Driver.
| |_ MD5: 5E3F6AD5CAD0F12D3CCCD06FD964087A
|
|_ Name: nvnetbus
|_ StartName:
|_ Startup type: Manual startup
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] nvsmu
|_ Path: C:\WINDOWS\system32\DRIVERS\nvsmu.sys
| |_ Manufacturer: NVIDIA Corporation
| |_ Description: NVIDIA® nForce(TM) SMU Microcontroller Driver
| |_ MD5: E0F76FAB86FEC98778047D0C7C39CBB9
|
|_ Name: nvsmu
|_ StartName:
|_ Startup type: Manual startup
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] PxHelp20
|_ Path: C:\WINDOWS\System32\Drivers\PxHelp20.sys
| |_ Manufacturer: Sonic Solutions
| |_ Description: Px Engine Device Driver for Windows 2000/XP
| |_ MD5: 153D02480A0A2F45785522E814C634B6
|
|_ Name: PxHelp20
|_ StartName:
|_ Startup type: Boot Start
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] rimmptsk
|_ Path: C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
| |_ Manufacturer: REDC
| |_ Description: RICOH MMC Driver
| |_ MD5: 7A6648B61661B1421FFAB762E391E33F
|
|_ Name: rimmptsk
|_ StartName:
|_ Startup type: Manual startup
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] rimsptsk
|_ Path: C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
| |_ Manufacturer: REDC
| |_ Description: RICOH MS Driver
| |_ MD5: 8F7012D1B6A71EE9C23CE93DCDBF9F4B
|
|_ Name: rimsptsk
|_ StartName:
|_ Startup type: Manual startup
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] Ricoh xD-Picture Card Driver
|_ Path: C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
| |_ Manufacturer: REDC
| |_ Description: RICOH XD SM Driver
| |_ MD5: 3AC17802740C3A4764DC9750E92E6233
|
|_ Name: rismxdp
|_ StartName:
|_ Startup type: Manual startup
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] USB2.0 PC Camera (SNP2UVC)
|_ Path: C:\WINDOWS\System32\DRIVERS\snp2uvc.sys
| |_ Manufacturer:
| |_ Description: USB2.0 PC Camera driver
| |_ MD5: FAC7B89330E20713950925050C91CD04
|
|_ Name: SNP2UVC
|_ StartName:
|_ Startup type: Manual startup
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] Synaptics TouchPad Driver
|_ Path: C:\WINDOWS\system32\DRIVERS\SynTP.sys
| |_ Manufacturer: Synaptics, Inc.
| |_ Description: Synaptics Touchpad Driver
| |_ MD5: 0F332C0BA9B968EBC8CBB906416F8597
|
|_ Name: SynTP
|_ StartName:
|_ Startup type: Manual startup
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
[?] winachsf
|_ Path: C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
| |_ Manufacturer: Conexant Systems, Inc.
| |_ Description: HSF_CNXT driver
| |_ MD5: E17D31CD52DCB7745AC5330EEA062D0B
|
|_ Name: winachsf
|_ StartName:
|_ Startup type: Manual startup
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:
lNetStat
================================================================
Type: PID Process Local <-> Remote Status
------------------------------------------------------------------------------------------
TCP (1128) svchost.exe 0.0.0.0:135 LISTENING
TCP (4) System 0.0.0.0:445 LISTENING
TCP (3352) alg.exe 127.0.0.1:1033 LISTENING
TCP (872) jqs.exe 127.0.0.1:5152 LISTENING
TCP (872) jqs.exe 127.0.0.1:5152 CLOSE_WAIT
TCP (676) mDNSResponder.exe 127.0.0.1:5354 LISTENING
TCP (4) System 172.16.114.18:139 LISTENING
TCP (552) jusched.exe 172.16.114.18:1064 <-> 92.123.65.179:80 ESTABLISHED
TCP (0) 172.16.114.18:1066 TIME_WAIT
TCP (1932) epdrvh.exe 172.16.114.18:1077 FIN_WAIT1
TCP (1932) epdrvh.exe 172.16.114.18:1099 FIN_WAIT1
TCP (0) 172.16.114.18:1100 TIME_WAIT
TCP (1932) epdrvh.exe 172.16.114.18:1102 FIN_WAIT1
TCP (1932) epdrvh.exe 172.16.114.18:1104 FIN_WAIT1
TCP (1932) epdrvh.exe 172.16.114.18:1106 FIN_WAIT1
TCP (1932) epdrvh.exe 172.16.114.18:1107 FIN_WAIT1
TCP (0) 172.16.114.18:1108 TIME_WAIT
TCP (0) 172.16.114.18:1110 TIME_WAIT
TCP (0) 172.16.114.18:1111 TIME_WAIT
TCP (0) 172.16.114.18:1112 TIME_WAIT
TCP (0) 172.16.114.18:1113 TIME_WAIT
TCP (0) 172.16.114.18:1114 TIME_WAIT
TCP (0) 172.16.114.18:1115 TIME_WAIT
TCP (0) 172.16.114.18:1116 TIME_WAIT
TCP (0) 172.16.114.18:1117 TIME_WAIT
TCP (0) 172.16.114.18:1118 TIME_WAIT
TCP (0) 172.16.114.18:1119 TIME_WAIT
TCP (0) 172.16.114.18:1120 TIME_WAIT
TCP (0) 172.16.114.18:1121 TIME_WAIT
TCP (0) 172.16.114.18:1122 TIME_WAIT
TCP (0) 172.16.114.18:1124 TIME_WAIT
TCP (0) 172.16.114.18:1125 TIME_WAIT
TCP (0) 172.16.114.18:1126 TIME_WAIT
TCP (0) 172.16.114.18:1127 TIME_WAIT
TCP (0) 172.16.114.18:1128 TIME_WAIT
TCP (0) 172.16.114.18:1134 TIME_WAIT
TCP (0) 172.16.114.18:1135 TIME_WAIT
TCP (1932) epdrvh.exe 172.16.114.18:1136 <-> 212.17.192.209:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1137 <-> 62.211.72.32:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1138 <-> 213.205.33.247:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1139 <-> 67.195.168.31:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1140 <-> 62.211.72.32:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1141 <-> 213.205.33.249:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1142 <-> 195.110.124.132:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1143 <-> 62.241.4.132:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1144 <-> 80.72.160.66:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1145 <-> 213.92.5.132:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1147 <-> 62.149.128.66:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1148 <-> 83.103.67.117:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1149 <-> 62.149.128.66:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1150 <-> 62.101.75.112:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1151 <-> 212.97.34.36:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1152 <-> 212.52.84.83:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1153 <-> 88.149.144.226:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1154 <-> 62.149.209.78:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1158 <-> 195.110.126.136:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1159 <-> 62.100.65.42:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1162 <-> 150.145.80.203:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1164 <-> 213.140.30.208:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1166 <-> 62.122.80.90:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1167 <-> 212.52.84.84:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1168 <-> 188.95.56.6:25 ESTABLISHED
TCP (1932) epdrvh.exe 172.16.114.18:1171 <-> 194.242.63.64:25 ESTABLISHED
UDP (4) System 0.0.0.0:445 <-> 213.92.5.132:25 ESTABLISHED
UDP (908) lsass.exe 0.0.0.0:500
UDP (676) mDNSResponder.exe 0.0.0.0:1025
UDP (1316) svchost.exe 0.0.0.0:1026
UDP (1316) svchost.exe 0.0.0.0:1047
UDP (1316) svchost.exe 0.0.0.0:1067
UDP (1316) svchost.exe 0.0.0.0:1068
UDP (1316) svchost.exe 0.0.0.0:1069
UDP (1316) svchost.exe 0.0.0.0:1070
UDP (1316) svchost.exe 0.0.0.0:1071
UDP (1316) svchost.exe 0.0.0.0:1072
UDP (1316) svchost.exe 0.0.0.0:1073
UDP (1316) svchost.exe 0.0.0.0:1074
UDP (1932) epdrvh.exe 0.0.0.0:1169
UDP (1932) epdrvh.exe 0.0.0.0:1170
UDP (1932) epdrvh.exe 0.0.0.0:1172
UDP (1932) epdrvh.exe 0.0.0.0:1175
UDP (908) lsass.exe 0.0.0.0:4500
UDP (1228) svchost.exe 127.0.0.1:123
UDP (620) AWC.exe 127.0.0.1:1058
UDP (1484) svchost.exe 127.0.0.1:1900
UDP (1228) svchost.exe 172.16.114.18:123
UDP (4) System 172.16.114.18:137
UDP (4) System 172.16.114.18:138
UDP (1484) svchost.exe 172.16.114.18:1900
UDP (676) mDNSResponder.exe 172.16.114.18:5353
Modules (Display safe: False, Only without manufacturer: True, Display registered: False)
================================================================
[?] pr_imon.dll
|_ Path: C:\Program Files\Eset\pr_imon.dll
|_ MD5: BD1DA9EA38A03F12812AD1D2258D6CC6
|_ Manufacturer:
|_ Processes
|_ lsass.exe (908)
|_ svchost.exe (1128)
|_ svchost.exe (1228)
|_ svchost.exe (1316)
|_ svchost.exe (1484)
|_ epdrvh.exe (1932)
|_ nod32kui.exe (324)
|_ jusched.exe (552)
|_ AWC.exe (620)
|_ mDNSResponder.exe (676)
|_ jqs.exe (872)
|_ nod32krn.exe (1820)
|_ alg.exe (3352)
|_ UPM.exe (3644)
[?] mdnsnsp.dll
|_ Path: C:\Program Files\Bonjour\mdnsNSP.dll
|_ MD5: 1F5A570AD942DFCFE4500326ABDD72B2
|_ Manufacturer: Apple Computer, Inc.
|_ Processes
|_ svchost.exe (1128)
|_ spoolsv.exe (1668)
|_ epdrvh.exe (1932)
|_ jusched.exe (552)
|_ AWC.exe (620)
|_ UPM.exe (3644)
[?] adobedrivecs4_np.dll
|_ Path: C:\Program Files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
|_ MD5: 185D50DA1832A734DC9826037E82BE40
|_ Manufacturer: Adobe Systems Incorporated
|_ Processes
|_ explorer.exe (1952)
[?] pdfshell.dll
|_ Path: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
|_ MD5: 481B9CCFE45A50085E8254C921C0AC30
|_ Manufacturer: Adobe Systems, Inc.
|_ Processes
|_ explorer.exe (1952)
[?] macsprohook.dll
|_ Path: C:\Program Files\MarkAny\ContentSafer\MaCSProHook.dll
|_ MD5: FBA0F329E428A70C04D592FE7A32F6F7
|_ Manufacturer: MarkAny Co., Ltd.
|_ Processes
|_ explorer.exe (1952)
|_ nod32kui.exe (324)
|_ SMSTray.exe (336)
|_ MaAgent.exe (344)
|_ Kat MP3 Recorder.exe (568)
|_ LightScribeControlPanel.exe (612)
|_ AWC.exe (620)
|_ nod32.exe (2944)
|_ UPM.exe (3644)
[?] macsma~1.dll
|_ Path: C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL
|_ MD5: 4B6708F7D8152508A6DD870CB2896483
|_ Manufacturer: MarkAny Cooperation.
|_ Processes
|_ explorer.exe (1952)
|_ QLBCTRL.exe (288)
[!] sdhelper.dll
|_ Path: C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
|_ MD5: 250D787A5712D7768DDC133B3E477759
|_ Manufacturer: Safer Networking Limited
|_ Processes
|_ explorer.exe (1952)
[?] nview.dll
|_ Path: C:\WINDOWS\system32\nview.dll
|_ MD5: F1A2AC2570CE0D377B3CB9C010C25562
|_ Manufacturer: ?
|_ Processes
|_ explorer.exe (1952)
|_ rundll32.exe (264)
|_ QLBCTRL.exe (288)
|_ ICO.EXE (308)
|_ winampa.exe (316)
|_ nod32kui.exe (324)
|_ SMSTray.exe (336)
|_ MaAgent.exe (344)
|_ SynTPEnh.exe (368)
|_ rundll32.exe (432)
|_ Kat MP3 Recorder.exe (568)
|_ msmsgs.exe (600)
|_ LightScribeControlPanel.exe (612)
|_ AWC.exe (620)
|_ HPWebcam.exe (664)
|_ nod32.exe (2944)
|_ UPM.exe (3644)
[?] msohev.dll
|_ Path: C:\Program Files\Microsoft Office\Office10\MSOHEV.DLL
|_ MD5: 72A0DF237F9118F18AD136E99266E816
|_ Manufacturer: Microsoft Corporation
|_ Processes
|_ explorer.exe (1952)
[?] hpqexec.dll
|_ Path: C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hpqExec.dll
|_ MD5: FC1BFC7D8973F2D9DC974286872DDDBA
|_ Manufacturer: Hewlett-Packard Company
|_ Processes
|_ QLBCTRL.exe (288)
[?] qlbservice.dll
|_ Path: C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll
|_ MD5: 0825D986B41670F04B105EF1EAE2F167
|_ Manufacturer: Hewlett-Packard Development Company, L.P.
|_ Processes
|_ QLBCTRL.exe (288)
[?] nod32rui.dll
|_ Path: C:\Program Files\Eset\nod32rui.dll
|_ MD5: 12D295BF4908EAD4E6293F51A5E2DD68
|_ Manufacturer:
|_ Processes
|_ nod32kui.exe (324)
[?] pr_upd.dll
|_ Path: C:\Program Files\Eset\pr_upd.dll
|_ MD5: 94A8F33694D523B23C3FF83A4EC69F5C
|_ Manufacturer:
|_ Processes
|_ nod32kui.exe (324)
|_ nod32krn.exe (1820)
[?] pu_upd.dll
|_ Path: C:\Program Files\Eset\pu_upd.dll
|_ MD5: 53A425C878F5897FE31F5720EFA8BF12
|_ Manufacturer: Eset
|_ Processes
|_ nod32kui.exe (324)
[?] pr_amon.dll
|_ Path: C:\Program Files\Eset\pr_amon.dll
|_ MD5: D3946C36BA5859321B27E497B265D0D7
|_ Manufacturer: Eset
|_ Processes
|_ nod32kui.exe (324)
|_ nod32krn.exe (1820)
[?] pu_amon.dll
|_ Path: C:\Program Files\Eset\pu_amon.dll
|_ MD5: 3402EF298CC80ED3795E260B122CD688
|_ Manufacturer: Eset
|_ Processes
|_ nod32kui.exe (324)
[?] pr_nod32.dll
|_ Path: C:\Program Files\Eset\pr_nod32.dll
|_ MD5: 814281B71A087C504D13B82B4719078A
|_ Manufacturer: Eset
|_ Processes
|_ nod32kui.exe (324)
|_ nod32krn.exe (1820)
[?] pu_nod32.dll
|_ Path: C:\Program Files\Eset\pu_nod32.dll
|_ MD5: 883485F9859D923F94A3AB01EED4D5E9
|_ Manufacturer: Eset
|_ Processes
|_ nod32kui.exe (324)
[?] pu_imon.dll
|_ Path: C:\Program Files\Eset\pu_imon.dll
|_ MD5: 627032330103AB6AE1871F8071C273E1
|_ Manufacturer: Eset
|_ Processes
|_ nod32kui.exe (324)
[?] pu_dmon.dll
|_ Path: C:\Program Files\Eset\pu_dmon.dll
|_ MD5: A676CED1F4AB1D6CD3E46B4EF43A5095
|_ Manufacturer: Eset
|_ Processes
|_ nod32kui.exe (324)
[?] pr_dmon.dll
|_ Path: C:\Program Files\Eset\pr_dmon.dll
|_ MD5: 199020DE1AB926767E519E46141DFA52
|_ Manufacturer:
|_ Processes
|_ nod32kui.exe (324)
|_ nod32krn.exe (1820)
[?] pu_emon.dll
|_ Path: C:\Program Files\Eset\pu_emon.dll
|_ MD5: C988E6C776D52804FFFCDE09594BD315
|_ Manufacturer: Eset
|_ Processes
|_ nod32kui.exe (324)
[?] pr_emon.dll
|_ Path: C:\Program Files\Eset\pr_emon.dll
|_ MD5: 59495F1F699F5C642A7D5F5C0A293021
|_ Manufacturer:
|_ Processes
|_ nod32kui.exe (324)
|_ nod32krn.exe (1820)
[?] smsusbinfo.dll
|_ Path: C:\Program Files\Samsung\Samsung Media Studio 5\SMSUSBInfo.dll
|_ MD5: 9FD95F670576ACCA8B005DA0C5D695C4
|_ Manufacturer: SAMSUNG ELECTRONICS
|_ Processes
|_ SMSTray.exe (336)
[?] mfc71lu.dll
|_ Path: C:\Program Files\Samsung\Samsung Media Studio 5\MFC71LU.DLL
|_ MD5: D228CC0E06BC81BE06302C4D79776F70
|_ Manufacturer: Microsoft Corporation
|_ Processes
|_ SMSTray.exe (336)
[?] usershare.dll
|_ Path: C:\Program Files\MarkAny\ContentSafer\UserShare.dll
|_ MD5: 0ECA19AD42856D19DDD1404850760B06
|_ Manufacturer: (?) ????
|_ Processes
|_ MaAgent.exe (344)
[?] madrm.dll
|_ Path: C:\WINDOWS\system32\MaDRM.dll
|_ MD5: 3527E9AD0D400DE0ED667B884715320B
|_ Manufacturer: (?)????
|_ Processes
|_ MaAgent.exe (344)
[?] nvshell.dll
|_ Path: C:\WINDOWS\system32\nvshell.dll
|_ MD5: EEC86DC07C4426947840CC4A6EF2CEC1
|_ Manufacturer: ?
|_ Processes
|_ rundll32.exe (432)
[X] lame_enc.dll
|_ Path: C:\WINDOWS\system32\lame_enc.dll
|_ MD5: 7F7C143DE633F408CEDAAE90121D0B7A
|_ Manufacturer:
|_ Processes
|_ Kat MP3 Recorder.exe (568)
[?] skincrafter3.dll
|_ Path: C:\WINDOWS\system32\SkinCrafter3.dll
|_ MD5: 54C0D3FD82470128F0084B244016EFFA
|_ Manufacturer: DMSoft Technologies
|_ Processes
|_ Kat MP3 Recorder.exe (568)
[!] audioctl.dll
|_ Path: C:\Program Files\Kat MP3 Recorder\AudioCtl.dll
|_ MD5: F21D90662A6E6996C1725421B632D1CF
|_ Manufacturer: Guangming Software
|_ Processes
|_ Kat MP3 Recorder.exe (568)
[X] stfix.dll
|_ Path: C:\Program Files\IObit\Advanced SystemCare 3\STFix.dll
|_ MD5: 4EA6455B7F9D7CE2094FC92877166AF8
|_ Manufacturer:
|_ Processes
|_ AWC.exe (620)
[X] cooltrayicon_d6plus.bpl
|_ Path: C:\Program Files\IObit\Advanced SystemCare 3\CoolTrayIcon_D6plus.bpl
|_ MD5: BFCDB94D1B2DB75A6DDF5EA3B954AF87
|_ Manufacturer:
|_ Processes
|_ AWC.exe (620)
[!] routine.dll
|_ Path: C:\Program Files\IObit\Advanced SystemCare 3\Routine.dll
|_ MD5: 31ED90CBA8AE0731A8F82B86560EBD3C
|_ Manufacturer: IObit
|_ Processes
|_ AWC.exe (620)
[?] ntfsdata.dll
|_ Path: C:\Program Files\IObit\Advanced SystemCare 3\NtfsData.dll
|_ MD5: 01040451083C29A0E74DE2F80DB5C4EC
|_ Manufacturer:
|_ Processes
|_ AWC.exe (620)
[?] aspnet_perf.dll
|_ Path: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
|_ MD5: 4342B8AA3353862DB5ACEF3EDAA21AE3
|_ Manufacturer: Microsoft Corporation
|_ Processes
|_ jqs.exe (872)
[?] corperfmonext.dll
|_ Path: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
|_ MD5: 50DC192E80EB75916A83C3191DE6A522
|_ Manufacturer: Microsoft Corporation
|_ Processes
|_ jqs.exe (872)
[?] perfcounter.dll
|_ Path: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
|_ MD5: FF686302948B92CAA2358EBE27D3B96B
|_ Manufacturer: Microsoft Corporation
|_ Processes
|_ jqs.exe (872)
[?] lssproxy.dll
|_ Path: C:\Program Files\Common Files\LightScribe\LSSProxy.dll
|_ MD5: F686D5839A3B0079D20D57FB7683880F
|_ Manufacturer: Hewlett-Packard Company
|_ Processes
|_ LSSrvc.exe (1424)
[?] lslog.dll
|_ Path: C:\Program Files\Common Files\LightScribe\LSLog.dll
|_ MD5: C227B31C13D80CBE59742B0C858CC0FA
|_ Manufacturer: Hewlett-Packard Company
|_ Processes
|_ LSSrvc.exe (1424)
[?] nod32krr.dll
|_ Path: C:\Program Files\Eset\nod32krr.dll
|_ MD5: C027C42E5BA9CDAAC00E12FA957FFBAC
|_ Manufacturer: Eset
|_ Processes
|_ nod32krn.exe (1820)
[?] ps_upd.dll
|_ Path: C:\Program Files\Eset\ps_upd.dll
|_ MD5: 635E7950179BBA54A289489B3AA4E1F9
|_ Manufacturer: Eset
|_ Processes
|_ nod32krn.exe (1820)
[?] ps_amon.dll
|_ Path: C:\Program Files\Eset\ps_amon.dll
|_ MD5: 5F96018A496CB531C147FAED673C1E5D
|_ Manufacturer: Eset
|_ Processes
|_ nod32krn.exe (1820)
[?] ps_nod32.dll
|_ Path: C:\Program Files\Eset\ps_nod32.dll
|_ MD5: 4052DA2CECB4A1216112F9D146CED795
|_ Manufacturer: Eset
|_ Processes
|_ nod32krn.exe (1820)
[?] ps_dmon.dll
|_ Path: C:\Program Files\Eset\ps_dmon.dll
|_ MD5: 7C1BE0FFE6D5BC2B70ECD77EDC34F62C
|_ Manufacturer: Eset
|_ Processes
|_ nod32krn.exe (1820)
[?] ps_emon.dll
|_ Path: C:\Program Files\Eset\ps_emon.dll
|_ MD5: E046EDEE88C40256BDCB8B51D976E485
|_ Manufacturer: Eset
|_ Processes
|_ nod32krn.exe (1820)
[?] nod32r.dll
|_ Path: C:\Program Files\Eset\nod32r.dll
|_ MD5: 382BFC31A42CF2ABC93C41627F624954
|_ Manufacturer:
|_ Processes
|_ nod32.exe (2944)
================================================================
Ultimate Process Manager v4.1.3 - [ Lodus Software ] - Not Registered =(
Přispějete na provoz fóra?