Prohlížeč (Firefox) se spouští min. 10 minut...
Prosím o prohlédnutí logu z programu UPM - Ultimate Process Manager.
Díky. T.
Kód: Vybrat vše
Windows XP SP 3 (build 2600)
Boot Mode: Normal
Ověření souborů Microsoftu: Ano
Whitelist: Ano
Internet Explorer v8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
Log vygenerován: 11.12.2010 22:12:11
================================================================
SmallARK
================================================================
[R]NtCreateKey -> C:\WINDOWS\system32\drivers\Lbd.sys
[R]NtSetValueKey -> C:\WINDOWS\system32\drivers\Lbd.sys
MBR ROOTKIT DETECTED!
Běžící procesy
================================================================
C:\PROGRAM FILES\WIDCOMM\BLUETOOTH SOFTWARE\BIN\BTWDINS.EXE
|_ MD5: 087CC810B57FF470F99FFAC287C7165B
|_Výrobce: Broadcom Corporation.
C:\PROGRAM FILES\ANALOG DEVICES\SOUNDMAX\SMAGENT.EXE
|_ MD5: 3978F082274F723AD5A0A8058C2417DD
|_Výrobce: Analog Devices, Inc.
C:\WINDOWS\SYSTEM32\HKCMD.EXE
|_ MD5: D9D9BA44FE45108DD129C1AE660B1F72
|_Výrobce: Intel Corporation
C:\WINDOWS\AGRSMMSG.EXE
|_ MD5: E7BE65BF79906AEBC698E077D53F6A1C
|_Výrobce: Agere Systems
C:\PROGRAM FILES\ANALOG DEVICES\SOUNDMAX\SMAX4PNP.EXE
|_ MD5: C06F1A3FF958A10F828EEE828623E193
|_Výrobce: Analog Devices, Inc.
C:\WINDOWS\SYSTEM32\DLA\TFSWCTRL.EXE
|_ MD5: C22BDB59D346ABA833A3A207E1629F07
|_Výrobce: Sonic Solutions
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE
|_ MD5: AB349998E551DE1C0DCC5AD63CE41D31
|_Výrobce: Synaptics, Inc.
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE
|_ MD5: A0AC3841DC595B5D86AB9E5016A0E36A
|_Výrobce: Synaptics, Inc.
C:\PROGRAM FILES\HPQ\QUICK LAUNCH BUTTONS\EABSERVR.EXE
|_ MD5: 42E24D236DD694A18C8D7977B51459BE
|_Výrobce: Hewlett-Packard
C:\PROGRAM FILES\HPQ\HP WIRELESS ASSISTANT\HP WIRELESS ASSISTANT.EXE
|_ MD5: 9E5824A51DED3A4B316C106D5AD7B559
|_Výrobce: Hewlett-Packard Company
C:\PROGRAM FILES\HPQ\SHARED\HPQWMI.EXE
|_ MD5: E369FA38C3F4E286F2BBA607B4B4F639
|_Výrobce: Hewlett-Packard Development Company, L.P.
C:\WINDOWS\TSNP325.EXE
|_ MD5: CC8D62B1446B48D13C2728F752F30430
|_Výrobce:
C:\PROGRAM FILES\WIDCOMM\BLUETOOTH SOFTWARE\BTTRAY.EXE
|_ MD5: A0263BE48317A8980DCF70E2EDE7AB28
|_Výrobce: Broadcom Corporation.
C:\PROGRAM FILES\ADSL\ADSL USB MODEM\DSLMON.EXE
|_ MD5: 0C94F063387CE27607AF64EBA343579D
|_Výrobce:
Scanner
================================================================
[R] avgrsx.exe
Podobná jména: AVGRSX.EXE X AVGNSX.EXE
[S] explorer.exe
Spouští se po startu HKLM Winlogon [Shell]
[?] btwdins.exe
Nemá okno
Soubor 7%
[?] SMAgent.exe
Nemá okno
Soubor 7%
[R] avgnsx.exe
Podobná jména: AVGNSX.EXE X AVGRSX.EXE
[?] hkcmd.exe
Non Microsoft v System32:
Spouští se po startu HKLM Run [HotKeysCmds]
[?] AGRSMMSG.exe
Spouští se po startu HKLM Run [AGRSMMSG]
[?] SMax4PNP.exe
Spouští se po startu HKLM Run [SoundMAXPnP]
Soubor 14%
[?] tfswctrl.exe
Non Microsoft v System32:
Spouští se po startu HKLM Run [dla]
Soubor 7%
[?] SynTPLpr.exe
Spouští se po startu HKLM Run [SynTPLpr]
[?] SynTPEnh.exe
Spouští se po startu HKLM Run [SynTPEnh]
[?] eabservr.exe
Spouští se po startu HKLM Run [eabconfg.cpl]
Soubor 14%
[?] HP Wireless Assistant.exe
Spouští se po startu HKLM Run [hpWirelessAssistant]
Soubor 14%
[R] AAWTray.exe
Spouští se po startu HKLM Run [Ad-Watch]
[?] hpqwmi.exe
Nemá okno
Soubor 7%
[?] tsnp325.exe
Spouští se po startu HKLM Run [tsnp325]
Soubor 7%
[R] avgtray.exe
Spouští se po startu HKLM Run [AVG9_TRAY]
[R] jusched.exe
Spouští se po startu HKLM Run [SunJavaUpdateSched]
[S] ctfmon.exe
Spouští se po startu HKCU Run [CTFMON.EXE]
[?] BTTray.exe
Spouští se po startu Po spuštění []
Soubor 7%
[?] DSLMON.exe
Spouští se po startu Po spuštění []
Soubor 7%
Po spuštění
================================================================
HKCU Run
|_ [R][updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 -reboot 1
| |_ MD5: 43F3F6D33C793089A7C32B45DA16094B
| |_ Výrobce: Adobe Systems Incorporated
|
|_ [R][Google Update] C:\Documents and Settings\Tom\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c
|_ MD5: F02A533F517EB38333CB12A9E8963773
|_ Výrobce: Google Inc.
HKLM Run
|_ [?][IgfxTray] C:\WINDOWS\system32\igfxtray.exe
| |_ MD5: FC7D40EC3C05E85AB0F41C247BEF3471
| |_ Výrobce: Intel Corporation
|
|_ [?][HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
| |_ MD5: D9D9BA44FE45108DD129C1AE660B1F72
| |_ Výrobce: Intel Corporation
|
|_ [?][AGRSMMSG] C:\WINDOWS\AGRSMMSG.exe
| |_ MD5: E7BE65BF79906AEBC698E077D53F6A1C
| |_ Výrobce: Agere Systems
|
|_ [?][SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
| |_ MD5: C06F1A3FF958A10F828EEE828623E193
| |_ Výrobce: Analog Devices, Inc.
|
|_ [?][UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe /r
| |_ MD5: 22FD4E58D69969A9165721C797D54931
| |_ Výrobce: Sonic Solutions
|
|_ [?][dla] C:\WINDOWS\system32\dla\tfswctrl.exe
| |_ MD5: C22BDB59D346ABA833A3A207E1629F07
| |_ Výrobce: Sonic Solutions
|
|_ [?][SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
| |_ MD5: AB349998E551DE1C0DCC5AD63CE41D31
| |_ Výrobce: Synaptics, Inc.
|
|_ [?][SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
| |_ MD5: A0AC3841DC595B5D86AB9E5016A0E36A
| |_ Výrobce: Synaptics, Inc.
|
|_ [?][eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
| |_ MD5: 42E24D236DD694A18C8D7977B51459BE
| |_ Výrobce: Hewlett-Packard
|
|_ [?][Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
| |_ MD5: ABD44CD38087B0FC2C369B80197A4B9A
| |_ Výrobce:
|
|_ [?][hpWirelessAssistant] C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
| |_ MD5: 9E5824A51DED3A4B316C106D5AD7B559
| |_ Výrobce: Hewlett-Packard Company
|
|_ [?][WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
| |_ MD5: 8EA3BE7165E2264B6B7B5B3B612440A7
| |_ Výrobce: InterVideo Inc.
|
|_ [?][QuickTime Task] C:\sw\Quicktime\qttask.exe -atboottime
| |_ MD5: D772C357E47A6817AC3B73F2426B3C10
| |_ Výrobce: Apple Computer, Inc.
|
|_ [?][FixCamera] C:\WINDOWS\FixCamera.exe
| |_ MD5: 10DD727E26ACB6D0917609B55D2D625D
| |_ Výrobce:
|
|_ [?][tsnp325] C:\WINDOWS\tsnp325.exe
| |_ MD5: CC8D62B1446B48D13C2728F752F30430
| |_ Výrobce:
|
|_ [?][snp325] C:\WINDOWS\vsnp325.exe
| |_ MD5: D4C2DDAB603094729AF1A2395D77E7E9
| |_ Výrobce:
|
|_ [?][ioCentre] C:\Genius\ioCentre\gTaskBar.exe
|_ MD5: 670367254070A7409F139E18D332D1F7
|_ Výrobce: ?
HKLM IC
|_ [X][>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP (Soubor nenalezen)
|_ [?][{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] C:\WINDOWS\INF\msnetmtg.inf ,NetMtg.Install.PerUser.NT
| |_ MD5: F8995D4274D3D7E32BE7812B872BCC13
| |_ Výrobce:
|
|_ [?][{5945c046-1e7d-11d1-bc44-00c04fd912be}] C:\WINDOWS\INF\msmsgs.inf ,BLC.QuietInstall.PerUser
| |_ MD5: 97BF5E6CB8D2498286096D35644517C5
| |_ Výrobce:
|
|_ [?][{6BF52A52-394A-11d3-B153-00C04F79FAA6}] C:\WINDOWS\INF\wmp10.inf ,PerUserStub
| |_ MD5: 28274628BDC7DB17D4A1EBC9F18BC2EE
| |_ Výrobce:
|
|_ [?][{89820200-ECBD-11cf-8B85-00AA005B4340}] regsvr32.exe /s /n /i:U shell32.dll
|_ MD5:
|_ Výrobce: Microsoft Corporation
HKLM Winlogon Notify
|_ [?][igfxcui] C:\WINDOWS\system32\igfxsrvc.dll
|_ MD5: 9E72A936C05792608D5BFE1DBE76A3BE
|_ Výrobce: Intel Corporation
Po spuštění
|_ C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
| |_ MD5: 43362B96870CE8649F4F2EC893DA93F0
| |_ Výrobce: Adobe Systems Incorporated
|
|_ C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
| |_ MD5: A0263BE48317A8980DCF70E2EDE7AB28
| |_ Výrobce: Broadcom Corporation.
|
|_ C:\Program Files\ADSL\ADSL USB MODEM\dslmon.exe
| |_ MD5: 0C94F063387CE27607AF64EBA343579D
| |_ Výrobce:
|
|_ C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
|_ MD5: 8EA3BE7165E2264B6B7B5B3B612440A7
|_ Výrobce: InterVideo Inc.
HKLM BHO
|_ [X][{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] (Soubor nenalezen)
|_ [?][{5CA3D70E-1895-11CF-8E15-001234567890}] C:\WINDOWS\system32\dla\tfswshx.dll
|_ MD5: 4F9F33FE6C6462002F981DF5BB67E0A5
|_ Výrobce: Sonic Solutions
HKCU IE WebBrowser Toolbar
|_ [X][{855F3B16-6D32-4FE6-8A56-BBB695989046}] C:\sw\ICQToolbar\toolbaru.dll (Soubor nenalezen)
HKLM IE Toolbar
|_ [X][{855F3B16-6D32-4fe6-8A56-BBB695989046}] C:\sw\ICQToolbar\toolbaru.dll (Soubor nenalezen)
Služby (Zobraz běžící: True, Zobraz zastavené: False, Zobraz i bezpečné služby: False)
================================================================
[?] Bluetooth Service
|_ Cesta: C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
| |_ Výrobce: Broadcom Corporation.
| |_ Popis: Bluetooth Support Server
| |_ MD5: 087CC810B57FF470F99FFAC287C7165B
|
|_ Jméno: btwdins
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Win32 Own Process
|_ Dependency:
[X] Google Update Service (gupdate)
|_ Cesta: C:\Program Files\Google\Update\GoogleUpdate.exe /svc
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: gupdate
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Own Process
|_ Dependency: RPCSS
[?] HP WMI Interface
|_ Cesta: C:\Program Files\HPQ\SHARED\HPQWMI.exe
| |_ Výrobce: Hewlett-Packard Development Company, L.P.
| |_ Popis: hpqwmi Module
| |_ MD5: E369FA38C3F4E286F2BBA607B4B4F639
|
|_ Jméno: hpqwmi
|_ StartName: LocalSystem
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Win32 Own Process
|_ Dependency: RPCSS
[X] Java Quick Starter
|_ Cesta: C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: JavaQuickStarterService
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Win32 Own Process
|_ Dependency:
[?] SoundMAX Agent Service
|_ Cesta: C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
| |_ Výrobce: Analog Devices, Inc.
| |_ Popis: SoundMAX service agent component
| |_ MD5: 3978F082274F723AD5A0A8058C2417DD
|
|_ Jméno: SoundMAX Agent Service (default)
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Win32 Own Process
|_ Dependency:
Ovladače (Zobraz běžící: True, Zobraz zastavené: False, Zobraz i bezpečné služby: False)
================================================================
[?] General Purpose USB Driver (adildr.sys)
|_ Cesta: C:\WINDOWS\System32\Drivers\adildr.sys
| |_ Výrobce: Analog Deivces
| |_ Popis: USB Firmware loader
| |_ MD5: 2E3374833E8B307DFF07820931E8DA3C
|
|_ Jméno: ADILOADER
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Zastaveno
|_ Typ: Kernel Driver
|_ Dependency:
[?] aeaudio
|_ Cesta: C:\WINDOWS\system32\drivers\aeaudio.sys
| |_ Výrobce: Andrea Electronics Corporation
| |_ Popis: Andrea Audio Noise Cancellation Driver
| |_ MD5: AD707942E4CCB28D77CEE5ED989C9E55
|
|_ Jméno: aeaudio
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] Agere Systems Soft Modem
|_ Cesta: C:\WINDOWS\system32\DRIVERS\AGRSM.sys
| |_ Výrobce: Agere Systems
| |_ Popis: SoftModem Device Driver
| |_ MD5: 593AEFC67283D409F34CC1245D00A509
|
|_ Jméno: AgereSoftModem
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] Broadcom 440x 10/100 Integrated Controller
|_ Cesta: C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
| |_ Výrobce: Broadcom Corporation
| |_ Popis: Broadcom Corporation NDIS 5.1 ethernet driver
| |_ MD5: 78123F44BE9E4768852A3A017E02D637
|
|_ Jméno: bcm4sbxp
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] Bluetooth Audio Device
|_ Cesta: C:\WINDOWS\system32\drivers\btaudio.sys
| |_ Výrobce: Broadcom Corporation.
| |_ Popis: Bluetooth Audio Device
| |_ MD5: EB0499C875E6A2B24B62892FDC077714
|
|_ Jméno: btaudio
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] Bluetooth Virtual Communications Driver
|_ Cesta: C:\WINDOWS\system32\DRIVERS\btport.sys
| |_ Výrobce: Broadcom Corporation.
| |_ Popis: Bluetooth BTPORT Driver for Windows 2000
| |_ MD5: 77CB90361D7FB505691073D7B06EFFC9
|
|_ Jméno: BTDriver
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] Bluetooth Bus Enumerator
|_ Cesta: C:\WINDOWS\system32\DRIVERS\btkrnl.sys
| |_ Výrobce: Broadcom Corporation.
| |_ Popis: Bluetooth Bus Enumerator
| |_ MD5: 0DBBEB6808BD100922489532B1528092
|
|_ Jméno: BTKRNL
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] Bluetooth LAN Access Server
|_ Cesta: C:\WINDOWS\system32\DRIVERS\btwdndis.sys
| |_ Výrobce: Broadcom Corporation.
| |_ Popis: Bluetooth LAN Access Server Driver
| |_ MD5: 9B8011F1B85973937ACC41F8249D414C
|
|_ Jméno: BTWDNDIS
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] Bluetooth Modem
|_ Cesta: C:\WINDOWS\system32\DRIVERS\btwmodem.sys
| |_ Výrobce: Broadcom Corporation.
| |_ Popis: Bluetooth BTPORT Driver for Windows 2000
| |_ MD5: 2795DCB9E7ED63CEC379C18DDA3B318D
|
|_ Jméno: btwmodem
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] WIDCOMM USB Bluetooth Driver
|_ Cesta: C:\WINDOWS\System32\Drivers\btwusb.sys
| |_ Výrobce: Broadcom Corporation.
| |_ Popis: Driver for Bluetooth USB Devices
| |_ MD5: FFF2E9961021B3BE82847690F54A2EF5
|
|_ Jméno: BTWUSB
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] ClntMgmt.sys
|_ Cesta: C:\WINDOWS\System32\Drivers\ClntMgmt.sys
| |_ Výrobce: Hewlett-Packard
| |_ Popis: Client Management Driver
| |_ MD5: 573DA08641AFC8D940E0431945867906
|
|_ Jméno: ClntMgmt.sys
|_ StartName:
|_ Typ spouštění: System Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] drvmcdb
|_ Cesta: C:\WINDOWS\system32\drivers\drvmcdb.sys
| |_ Výrobce: Sonic Solutions
| |_ Popis: Device Driver
| |_ MD5: F41619AE216B51D68DDA163805EEFAA9
|
|_ Jméno: drvmcdb
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] drvnddm
|_ Cesta: C:\WINDOWS\system32\drivers\drvnddm.sys
| |_ Výrobce: Sonic Solutions
| |_ Popis: Device Driver Manager
| |_ MD5: B295700E684ED1984DB1D6BE40354421
|
|_ Jméno: drvnddm
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: File System Driver
|_ Dependency:
[?] EABFiltr
|_ Cesta: C:\WINDOWS\system32\drivers\EABFiltr.sys
| |_ Výrobce: Hewlett-Packard Company
| |_ Popis: QLB PS/2 Keyboard filter driver
| |_ MD5: 81B7808D3B5892388F33273119C2DC31
|
|_ Jméno: eabfiltr
|_ StartName:
|_ Typ spouštění: System Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] USB Device Enhanced Function Driver
|_ Cesta: C:\WINDOWS\System32\Drivers\gHidPnp.Sys
| |_ Výrobce: ?
| |_ Popis: Extended function Driver
| |_ MD5: 9A8C0EB871370A410487E70CE4EF3ABA
|
|_ Jméno: gHidPnp
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] USB Mouse Device Drv
|_ Cesta: C:\WINDOWS\system32\DRIVERS\gMouUsb.sys
| |_ Výrobce:
| |_ Popis: WDM NULL filter driver
| |_ MD5: 810072609CC1615BB3FD843B551E523F
|
|_ Jméno: gMouUsb
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] ialm
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
| |_ Výrobce: Intel Corporation
| |_ Popis: Intel Graphics Miniport Driver
| |_ MD5: 65E836680B2902AB7FF037A17B519CFF
|
|_ Jméno: ialm
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] PxHelp20
|_ Cesta: C:\WINDOWS\System32\Drivers\PxHelp20.sys
| |_ Výrobce: Sonic Solutions
| |_ Popis: Px Engine Device Driver for Windows 2000/XP
| |_ MD5: 30CBAE0A34359F1CD19D1576245149ED
|
|_ Jméno: PxHelp20
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] Sentinel
|_ Cesta: C:\WINDOWS\System32\Drivers\SENTINEL.SYS
| |_ Výrobce: Rainbow Technologies, Inc.
| |_ Popis: Sentinel System Driver (NT Parallel driver)
| |_ MD5: AEBBA7428A6C40CCE3C5ABDE45190B24
|
|_ Jméno: Sentinel
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] smwdm
|_ Cesta: C:\WINDOWS\system32\drivers\smwdm.sys
| |_ Výrobce: Analog Devices, Inc.
| |_ Popis: SoundMAX Integrated Digital Audio
| |_ MD5: 858934C454BDC6664C752BF0CD3EAEAE
|
|_ Jméno: smwdm
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] sscdbhk5
|_ Cesta: C:\WINDOWS\system32\drivers\sscdbhk5.sys
| |_ Výrobce: Sonic Solutions
| |_ Popis: Shared Driver Component
| |_ MD5: D7968049BE0ADBB6A57CEE3960320911
|
|_ Jméno: sscdbhk5
|_ StartName:
|_ Typ spouštění: System Start
|_ Status: Spuštěno
|_ Typ: File System Driver
|_ Dependency:
[?] ssrtln
|_ Cesta: C:\WINDOWS\system32\drivers\ssrtln.sys
| |_ Výrobce: Sonic Solutions
| |_ Popis: Shared Driver Component
| |_ MD5: C3FFD65ABFB6441E7606CF74F1155273
|
|_ Jméno: ssrtln
|_ StartName:
|_ Typ spouštění: System Start
|_ Status: Spuštěno
|_ Typ: File System Driver
|_ Dependency:
[?] Synaptics TouchPad Driver
|_ Cesta: C:\WINDOWS\system32\DRIVERS\SynTP.sys
| |_ Výrobce: Synaptics, Inc.
| |_ Popis: Synaptics Touchpad Driver
| |_ MD5: 23FE1F173996B8BAD4B9ED74003676D8
|
|_ Jméno: SynTP
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] tfsnboio
|_ Cesta: C:\WINDOWS\system32\dla\tfsnboio.sys
| |_ Výrobce: Sonic Solutions
| |_ Popis: Drive Letter Access Component
| |_ MD5: 2ACEB9567639FF2DB9D862104A80227A
|
|_ Jméno: tfsnboio
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: File System Driver
|_ Dependency:
[?] tfsncofs
|_ Cesta: C:\WINDOWS\system32\dla\tfsncofs.sys
| |_ Výrobce: Sonic Solutions
| |_ Popis: Drive Letter Access Component
| |_ MD5: D9F936EAC2A6D55E3DE87BEDFF8137A9
|
|_ Jméno: tfsncofs
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: File System Driver
|_ Dependency:
[?] tfsndrct
|_ Cesta: C:\WINDOWS\system32\dla\tfsndrct.sys
| |_ Výrobce: Sonic Solutions
| |_ Popis: Drive Letter Access Component
| |_ MD5: 0FD9805BC047ADA2CFF540D4B7FA71FB
|
|_ Jméno: tfsndrct
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: File System Driver
|_ Dependency:
[?] tfsndres
|_ Cesta: C:\WINDOWS\system32\dla\tfsndres.sys
| |_ Výrobce: Sonic Solutions
| |_ Popis: Drive Letter Access Component
| |_ MD5: F8B907198E2540A4A340F1E6775F7B71
|
|_ Jméno: tfsndres
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: File System Driver
|_ Dependency:
[?] tfsnifs
|_ Cesta: C:\WINDOWS\system32\dla\tfsnifs.sys
| |_ Výrobce: Sonic Solutions
| |_ Popis: Drive Letter Access Component
| |_ MD5: FB11349B31346290D098941F0216CC45
|
|_ Jméno: tfsnifs
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: File System Driver
|_ Dependency:
[?] tfsnopio
|_ Cesta: C:\WINDOWS\system32\dla\tfsnopio.sys
| |_ Výrobce: Sonic Solutions
| |_ Popis: Drive Letter Access Component
| |_ MD5: 1994265F3A90E23A9434BBA687F1A069
|
|_ Jméno: tfsnopio
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: File System Driver
|_ Dependency:
[?] tfsnpool
|_ Cesta: C:\WINDOWS\system32\dla\tfsnpool.sys
| |_ Výrobce: Sonic Solutions
| |_ Popis: Drive Letter Access Component
| |_ MD5: 0B3D2BD550AA63BFD25AE8C5AFBF7F76
|
|_ Jméno: tfsnpool
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: File System Driver
|_ Dependency:
[?] tfsnudf
|_ Cesta: C:\WINDOWS\system32\dla\tfsnudf.sys
| |_ Výrobce: Sonic Solutions
| |_ Popis: Drive Letter Access Component
| |_ MD5: 716EDDDBA259A2D699332DF95301EDDA
|
|_ Jméno: tfsnudf
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: File System Driver
|_ Dependency:
[?] tfsnudfa
|_ Cesta: C:\WINDOWS\system32\dla\tfsnudfa.sys
| |_ Výrobce: Sonic Solutions
| |_ Popis: Drive Letter Access Component
| |_ MD5: A8EE7BBDD0B8C01E38221D0DCA2E7AAA
|
|_ Jméno: tfsnudfa
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: File System Driver
|_ Dependency:
[?] Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP
|_ Cesta: C:\WINDOWS\system32\DRIVERS\w29n51.sys
| |_ Výrobce: Intel® Corporation
| |_ Popis: Intel® Wireless LAN Driver
| |_ MD5: C89DA341FCC883A3D79DC11727484FC2
|
|_ Jméno: w29n51
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
lNetStat
================================================================
Typ: PID Proces Local <-> Remote Status
-----------------------------------------------------------------------------------------
TCP (1292) svchost.exe 0.0.0.0:135 LISTENING
TCP (4) Systém 0.0.0.0:445 LISTENING
TCP (1224) ARCGIS.EXE 0.0.0.0:1025 LISTENING
TCP (1172) lmgrd.exe 0.0.0.0:27000 LISTENING
TCP (2780) alg.exe 127.0.0.1:1031 LISTENING
TCP (3436) firefox.exe 127.0.0.1:3722 <-> 127.0.0.1:3723 ESTABLISHED
TCP (3436) firefox.exe 127.0.0.1:3723 <-> 127.0.0.1:3722 ESTABLISHED
TCP (3436) firefox.exe 127.0.0.1:3726 <-> 127.0.0.1:3727 ESTABLISHED
TCP (3436) firefox.exe 127.0.0.1:3727 <-> 127.0.0.1:3726 ESTABLISHED
TCP (964) jqs.exe 127.0.0.1:5152 LISTENING
TCP (964) jqs.exe 127.0.0.1:5152 CLOSE_WAIT
TCP (1184) avgemc.exe 127.0.0.1:10110 LISTENING
TCP (4) Systém 192.168.0.4:139 LISTENING
TCP (484) AAWService.exe 192.168.0.4:1930 CLOSE_WAIT
TCP (484) AAWService.exe 192.168.0.4:1931 CLOSE_WAIT
TCP (2704) UPM.exe 192.168.0.4:3883 <-> 199.7.71.190:80 ESTABLISHED
TCP (2704) UPM.exe 192.168.0.4:3884 <-> 199.7.71.190:80 ESTABLISHED
TCP (2704) UPM.exe 192.168.0.4:3885 <-> 199.7.51.190:80 ESTABLISHED
TCP (2704) UPM.exe 192.168.0.4:3886 <-> 199.7.48.190:80 ESTABLISHED
TCP (2704) UPM.exe 192.168.0.4:3887 <-> 199.7.71.190:80 ESTABLISHED
UDP (4) Systém 0.0.0.0:445 <-> 199.7.52.190:80 ESTABLISHED
UDP (1048) lsass.exe 0.0.0.0:500
UDP (1224) ARCGIS.EXE 0.0.0.0:1027
UDP (1048) lsass.exe 0.0.0.0:4500
UDP (1468) svchost.exe 127.0.0.1:123
UDP (1876) svchost.exe 127.0.0.1:1900
UDP (1468) svchost.exe 192.168.0.4:123
UDP (4) Systém 192.168.0.4:137
UDP (4) Systém 192.168.0.4:138
UDP (1876) svchost.exe 192.168.0.4:1900
Moduly (Zobraz i bezpečné DLL: False, Jen bez výrobce: True, Zobraz registrované: False)
================================================================
[?] pdfshell.dll
|_ Cesta: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll
|_ MD5: 4B0991CD076B617A2231B19A6663C1C9
|_ Výrobce: Adobe Systems, Inc.
|_ Procesy
|_ explorer.exe (2000)
[?] shellext6.dll
|_ Cesta: C:\sw\ZonerME6\Program\ShellExt6.dll
|_ MD5: 4CB5E81F731FA04A7BC8169314917DA5
|_ Výrobce: ZONER software
|_ Procesy
|_ explorer.exe (2000)
[X] pspads~1.dll
|_ Cesta: C:\PROGRA~1\PSPADE~1\PSPADS~1.DLL
|_ MD5: 8BF42C134D0A4D580D35F7DE2EDE9B21
|_ Výrobce:
|_ Procesy
|_ explorer.exe (2000)
[?] btkeyind.dll
|_ Cesta: C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
|_ MD5: 5E1383434EAD6BA86AD1737807EEA228
|_ Výrobce:
|_ Procesy
|_ explorer.exe (2000)
|_ BTTray.exe (3736)
[?] uwinapi.dll
|_ Cesta: C:\Program Files\OpenOffice.org 1.9.125\program\uwinapi.dll
|_ MD5: 28BD2F7EF73F8DEE8C7BB4F4E34232EA
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ explorer.exe (2000)
[?] stlport_vc7145.dll
|_ Cesta: C:\Program Files\OpenOffice.org 1.9.125\program\stlport_vc7145.dll
|_ MD5: 289B3E0B9C2D44807EAB9A69F7BAC4D1
|_ Výrobce: STLport Consulting, Inc.
|_ Procesy
|_ explorer.exe (2000)
[?] shlxthdl.dll
|_ Cesta: C:\Program Files\OpenOffice.org 1.9.125\program\shlxthdl.dll
|_ MD5: 83E9917AE2549FF7EB8B4424085DB94B
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ explorer.exe (2000)
[?] unrar.dll
|_ Cesta: C:\Program Files\Lavasoft\Ad-Aware\unrar.dll
|_ MD5: A3922CD380F968B898DA4BB414C38900
|_ Výrobce:
|_ Procesy
|_ AAWService.exe (484)
[?] widcommsdk.dll
|_ Cesta: C:\WINDOWS\system32\WidcommSdk.dll
|_ MD5: CB07A77EE80CA53A990B12E17B077E8D
|_ Výrobce: Broadcom Corporation.
|_ Procesy
|_ spoolsv.exe (800)
[?] wbtapi.dll
|_ Cesta: C:\WINDOWS\system32\wbtapi.dll
|_ MD5: B027BDE3B7565FD39A35F2FA3ACFED38
|_ Výrobce: Broadcom Corporation.
|_ Procesy
|_ spoolsv.exe (800)
|_ BTTray.exe (3736)
[?] bthcrp.dll
|_ Cesta: C:\WINDOWS\system32\bthcrp.dll
|_ MD5: 1582F80BCE272255D8059B175A10ACDE
|_ Výrobce: Broadcom Corporation.
|_ Procesy
|_ spoolsv.exe (800)
[?] smwdmif.dll
|_ Cesta: C:\Program Files\Analog Devices\SoundMAX\SMWDMIF.dll
|_ MD5: 26EE0A650F6B1BDE41CE65F2BF1C28B1
|_ Výrobce: Analog Devices, Inc.
|_ Procesy
|_ SMax4PNP.exe (4012)
[?] tfswapi.dll
|_ Cesta: C:\WINDOWS\system32\tfswapi.dll
|_ MD5: A17D2C6EA831A92D9023944AC7991E5A
|_ Výrobce: Sonic Solutions
|_ Procesy
|_ tfswctrl.exe (1460)
[?] hpqpres.dll
|_ Cesta: C:\Program Files\HPQ\Quick Launch Buttons\hpqPres.dll
|_ MD5: F570CA1A6EB23A7452B0D274C7586484
|_ Výrobce: hp
|_ Procesy
|_ eabservr.exe (1844)
[?] cpqinfo.dll
|_ Cesta: C:\Program Files\HPQ\Quick Launch Buttons\cpqinfo.dll
|_ MD5: 9F39EDD82880940153CC3BC227317E9C
|_ Výrobce: Hewlett-Packard
|_ Procesy
|_ eabservr.exe (1844)
[?] btwhidcs.dll
|_ Cesta: C:\WINDOWS\system32\btwhidcs.dll
|_ MD5: 92CB91EFFBD55CB513AF2CCDC73C40CA
|_ Výrobce: Broadcom Corporation.
|_ Procesy
|_ BTTray.exe (3736)
[?] btballoon.dll
|_ Cesta: C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll
|_ MD5: 121A141913AF4294244A333636A91E26
|_ Výrobce: Broadcom Corporation.
|_ Procesy
|_ BTTray.exe (3736)
[?] btrez.dll
|_ Cesta: C:\WINDOWS\system32\btrez.dll
|_ MD5: 972BA317B811F5ACDABAE51C7AA93CFF
|_ Výrobce: Broadcom Corporation.
|_ Procesy
|_ BTTray.exe (3736)
[?] softokn3.dll
|_ Cesta: C:\sw\Firefox\softokn3.dll
|_ MD5: 2935447938967FDD07DD9118DFB4AFB2
|_ Výrobce: Mozilla Foundation
|_ Procesy
|_ firefox.exe (3436)
[?] nssdbm3.dll
|_ Cesta: C:\sw\Firefox\nssdbm3.dll
|_ MD5: 3D07ACEEBE516A561767117C43088F2C
|_ Výrobce: Mozilla Foundation
|_ Procesy
|_ firefox.exe (3436)
[?] freebl3.dll
|_ Cesta: C:\sw\Firefox\freebl3.dll
|_ MD5: E72B70C57C4229D339FE110951932392
|_ Výrobce: Mozilla Foundation
|_ Procesy
|_ firefox.exe (3436)
Výpis souborů
================================================================
\System32:
[?] AdADIx32.dll 7 no vrfy, {B0E841D6}
[?] ATHPRXY.DLL 12 ncmpny, {03F2BC04}
[?] bt2k_ins.dll 7 no vrfy, {00990DE8}
[?] BtAudioHelper.dll BTAUDI~1.DLL 7 no vrfy, {2CB9154A}
[?] btbigbmp.dll 14 no vrfy, {A00F5B9C}
[?] btbip.dll 7 no vrfy, {7A6525D6}
[?] btcpl.cpl 7 no vrfy, {F6280EC3}
[?] btcss.dll 7 no vrfy, {4E20DBFF}
[?] btdev.dll 7 no vrfy, {A7D3C822}
[?] bthcrp.dll 7 no vrfy, {D3013E7F}
[?] bthcrpui.dll 7 no vrfy, {8744046E}
[?] btins.dll 7 no vrfy, {5A3C41FD}
[?] BTNCopy.dll 7 no vrfy, {FC85DC65}
[?] BTNeighborhood.dll BTNEIG~1.DLL 7 no vrfy, {DAEEA644}
[?] btosif.dll 7 no vrfy, {A8362528}
[?] btosif_notes.dll BTOSIF~1.DLL 7 no vrfy, {3447775E}
[?] btosif_ol.dll BTOSIF~2.DLL 7 no vrfy, {8A7A2C74}
[?] btosif_olx.dll BTOSIF~3.DLL 7 no vrfy, {D8A7B418}
[?] btprn2k.dll 12 ncmpny, {D40B6580}
[?] btrez.dll 14 no vrfy, {9C037BCE}
[?] btrezxp.dll 14 no vrfy, {5D29EE2E}
[?] btsec.dll 7 no vrfy, {10F93CD8}
[?] btsendto.dll 7 no vrfy, {610548C0}
[?] btsendto_ie.dll BTSEND~3.DLL 7 no vrfy, {B16C0880}
[?] btsendto_notes.dll BTSEND~2.DLL 7 no vrfy, {1E34186E}
[?] btsendto_office.dll BTSEND~1.DLL 7 no vrfy, {130005F6}
[?] btsendto_wab.dll BTSEND~4.DLL 7 no vrfy, {08B0CEA5}
[?] btwhidcs.dll 14 no vrfy, {1FFB0223}
[?] BtWiaExt.dll 14 no vrfy, {D4EF0898}
[?] BtWizard.dll 14 no vrfy, {70D5DCEE}
[?] btwpimif.dll 7 no vrfy, {8624317E}
[?] btw_ci.dll 14 no vrfy, {3441B7FE}
[?] BTXPPanel.dll BTXPPA~1.DLL 7 no vrfy, {96C8F58C}
[?] BtXpShell.dll BTXPSH~1.DLL 7 no vrfy, {E3C72680}
[?] cpqinfo.dll 14 no vrfy, {D029C197}
[?] csnp325.dll 12 ncmpny, {E519A695}
[?] divxdec_0407.dll DIVXDE~1.DLL 14 no vrfy, {019E2D64}
[?] divxdec_040c.dll DIVXDE~3.DLL 14 no vrfy, {012215F5}
[?] divxdec_0411.dll DIVXDE~2.DLL 14 no vrfy, {36302606}
[?] DSndUp.exe 7 no vrfy, {4402792C}
[?] eabhbrn8.dll 7 no vrfy, {C98E881C}
[?] hlp95en.dll 12 ncmpny, {DFDAA4CC}
[?] hpqactn.dll 7 no vrfy, {8B59CAB8}
[?] hpqPres.dll 14 no vrfy, {C59A39F0}
[?] ImageDrive.cpl IMAGED~1.CPL 7 no vrfy, {E4B90AE9}
[?] imagx5.dll 7 no vrfy, {344B79CD}
[?] inked.dll 25 ncmpny, {22E865CE}
[?] javacpl.cpl 14 no vrfy, {18FC2C5E}
[?] JAVALE.DLL 12 ncmpny, {18E85FB9}
[?] MDT2FW95.DLL 12 ncmpny, {9B660C01}
[?] MPG4C32.DLL 12 ncmpny, {4FF2EFE9}
[?] MSDBG.DLL 12 ncmpny, {13F8B221}
[?] MSMS001.VWP 7 no vrfy, {5453DFEF}
[?] MSSDM.DLL 12 ncmpny, {FD5D78E1}
[?] MVOICE.VWP 7 no vrfy, {D214C6F8}
[?] NSCMPS.DLL 12 ncmpny, {F0C8A47D}
[?] NSERROR.DLL 12 ncmpny, {71B670FF}
[?] PCDLIB32.DLL 7 no vrfy, {7FE9E0DD}
[?] PDM.DLL 12 ncmpny, {CEEC04B7}
[?] Px.dll 7 no vrfy, {982D770F}
[!] pxcpya64.exe 63 no vrfy, cx ()?, {0246D0AA}
[!] pxcpyi64.exe 63 no vrfy, cx ()?, {B06EEECD}
[?] pxdrv.dll 7 no vrfy, {52876CA2}
[?] pxhpinst.exe 7 no vrfy, {0C37CC60}
[!] pxinsa64.exe 63 no vrfy, cx ()?, {6EFDABDE}
[!] pxinsi64.exe 63 no vrfy, cx ()?, {52D78854}
[?] PxMas.dll 7 no vrfy, {E1C771CA}
[?] pxsfs.dll 7 no vrfy, {0248F32A}
[?] PxWave.dll 7 no vrfy, {9869C318}
[?] python21.dll 7 no vrfy, {A7D3E007}
[?] PythonCOM21.dll PYTHON~1.DLL 12 ncmpny, {958B7D14}
[?] PyWinTypes21.dll PYWINT~1.DLL 12 ncmpny, {87C09B16}
[?] QuickTime.qts QUICKT~1.QTS 7 no vrfy, {37138D20}
[?] QuickTimeVR.qtx QUICKT~1.QTX 7 no vrfy, {860DFC41}
[?] RegObj.dll 12 ncmpny, {D035753A}
[?] rnbovdd.dll 7 no vrfy, {189AFED3}
[?] rsnp325.dll 25 ncmpny, {35D7B61F}
[?] SCRIPTLE.DLL 12 ncmpny, {AA30F026}
[?] snti386.dll 7 no vrfy, {3749E2BB}
[?] tfswapi.dll 7 no vrfy, {04601D9D}
[?] TLBINF32.DLL 25 ncmpny, {C6FBBB82}
[?] unaddrv.exe 7 no vrfy, {8EC775C0}
[?] unwise32.exe 25 ncmpny, {E244787F}
[?] VCT3216.ACM 7 no vrfy, {9E016EB3}
[?] VCT3216.DLL 7 no vrfy, {E2C8E405}
[?] vsnp325.dll 12 ncmpny, {ADA5535F}
[?] VXBLOCK.dll 7 no vrfy, {DA6A00BB}
[?] WACntlPnl.cpl WACNTL~1.CPL 14 no vrfy, {19D09D85}
[?] wbtapi.dll 7 no vrfy, {C54DD7BF}
[?] wdmioctl.dll 7 no vrfy, {0C4AAD8F}
[?] WidcommSdk.dll WIDCOM~1.DLL 7 no vrfy, {145F1EB9}
[?] wisptis.exe 12 ncmpny, {BD0AB3DB}
\Drivers:
[?] adiusbaw.sys 7 no vrfy, {63846B0D}
[?] btaudio.sys 14 no vrfy, {357C40AE}
[?] btkrnl.sys 14 no vrfy, {389BF3DA}
[?] btport.sys 14 no vrfy, {FA8EE38F}
[?] btwdndis.sys 14 no vrfy, {B03C3246}
[?] btwmodem.sys 14 no vrfy, {4D75BE83}
[?] btwusb.sys 7 no vrfy, {C586C053}
[?] clntmgmt.sys 14 no vrfy, {7ED9B877}
[?] drvmcdb.sys 7 no vrfy, {6E70842A}
[?] drvnddm.sys 7 no vrfy, {AD86A184}
[?] gHidPnp.sys 25 ncmpny, {6D3A271E}
[?] gMouUsb.sys 14 no vrfy, {950E4F94}
[?] imagedrv.sys 7 no vrfy, {82B79FD5}
[?] pxhelp20.sys 7 no vrfy, {F4DE08CE}
[?] sentinel.sys 7 no vrfy, {DF565417}
[?] snp325.sys 14 no vrfy, {F95D6653}
[?] sscdbhk5.sys 7 no vrfy, {4CA6BF5B}
[?] ssrtln.sys 7 no vrfy, {15CAEB34}
Access violations - HKCU
================================================================
================================================================
Ultimate Process Manager v4.1.3 - [ Lodus Software ]
Přispějete na provoz fóra?