Rychlost
Napsal: 22 čer 2011 18:37
Zdravim vás všechny, na PC se projevuje neumerna pomalost, kdybyste nekdo poradil co je spatne byl bych rad. V nejhorsim bude reinstall:(
Windows XP SP 3 (build 2600)
Boot Mode: Normal
Ověření souborů Microsoftu: Ano
Whitelist: Ano
Internet Explorer v8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
Log vygenerován: 22.6.2011 19:29:22
================================================================
SmallARK
================================================================
[?]NtClose -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtCreateFile -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtCreateKey -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtCreateSection -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtDeleteKey -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtDeleteValueKey -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtLoadDriver -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtOpenFile -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtSetInformationFile -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtSetValueKey -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtTerminateProcess -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtWriteFile -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
Běžící procesy
================================================================
C:\WINDOWS\SYSTEM32\NVSVC32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\VSNPSTD.EXE
C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQGALRY.EXE
C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE
C:\PROGRAM FILES\SPYWARE TERMINATOR\SP_RSSER.EXE
Scanner
================================================================
[S] explorer.exe
Spouští se po startu HKLM Winlogon [Shell]
[?] nvsvc32.exe
Non Microsoft v System32:
[S] rundll32.exe
Spouští se po startu HKLM Run [NvCplDaemon]
[?] soundman.exe
Spouští se po startu HKLM Run [SoundMan]
[?] vsnpstd.exe
Spouští se po startu HKLM Run [snpstd]
[R] AdobeARM.exe
Spouští se po startu HKLM Run [Adobe ARM]
[R] hpwuschd2.exe
Spouští se po startu HKLM Run [HP Software Update]
[S] ctfmon.exe
Spouští se po startu HKCU Run [ctfmon.exe]
[R] Skype.exe
Spouští se po startu HKCU Run [Skype]
Podvržená cesta modulu: (00400000) C:\Program Files\Skype\Phone\Skype.exe
[?] hpqgalry.exe
EntryPoint v sekci:
|_ Celkový počet sekcí: 3
Soubor 7%
[R] skypePM.exe
EntryPoint v sekci: CODE
|_ Celkový počet sekcí: 8
[?] SpywareTerminatorShield.Exe
EntryPoint v sekci: .ITEXT
|_ Celkový počet sekcí: 9
Soubor 70%
[?] sp_rsser.exe
EntryPoint v sekci: .ITEXT
|_ Celkový počet sekcí: 9
Nemá okno
Soubor 70%
[R] SpyWareTerminator.exe
EntryPoint v sekci: .ITEXT
|_ Celkový počet sekcí: 9
Po spuštění
================================================================
HKCU Run
|_ [R][Skype] C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized
HKLM Run
|_ [?][NvCplDaemon] C:\WINDOWS\system32\NvCpl.dll ,NvStartup
|_ [?][nwiz] nwiz.exe /install
|_ [?][NvMediaCenter] C:\WINDOWS\system32\NvMcTray.dll ,NvTaskbarInit
|_ [?][SoundMan] C:\WINDOWS\SOUNDMAN.EXE
|_ [?][snpstd] C:\WINDOWS\vsnpstd.exe
|_ [X][KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k (Soubor nenalezen)
|_ (Soubor nenalezen)
HKLM IC
|_ [X][>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP (Soubor nenalezen)
|_ [?][{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] C:\WINDOWS\INF\msnetmtg.inf ,NetMtg.Install.PerUser.NT
|_ [?][{5945c046-1e7d-11d1-bc44-00c04fd912be}] C:\WINDOWS\INF\msmsgs.inf ,BLC.QuietInstall.PerUser
|_ [?][{6BF52A52-394A-11d3-B153-00C04F79FAA6}] C:\WINDOWS\INF\wmp.inf ,PerUserStub
|_ [?][{89820200-ECBD-11cf-8B85-00AA005B4340}] regsvr32.exe /s /n /i:U shell32.dll
Po spuštění
|_ C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
|_ C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
Služby (Zobraz běžící: True, Zobraz zastavené: False, Zobraz i bezpečné služby: False)
================================================================
[X] Služba Google Update (gupdate)
|_ Cesta: C:\Program Files\Google\Update\GoogleUpdate.exe /svc
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: gupdate
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Own Process
|_ Dependency: RPCSS
[?] NVIDIA Display Driver Service
|_ Cesta: C:\WINDOWS\system32\nvsvc32.exe
| |_ Výrobce: NVIDIA Corporation
| |_ Popis: NVIDIA Driver Helper Service, Version 93.71
| |_ MD5: 0FEBE37DB6650FAA5965C00545009D1D
|
|_ Jméno: NVSvc
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Win32 Own Process
|_ Dependency:
[!] Spyware Terminator Realtime Shield Service
|_ Cesta: C:\Program Files\Spyware Terminator\sp_rsser.exe
| |_ Výrobce: Crawler.com
| |_ Popis: Spyware Terminator Realtime Shield 32-bit Service
| |_ MD5: 642180B8F50E7FC1FBAF87C718E259D6
|
|_ Jméno: sp_rssrv
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Win32 Own Process
|_ Dependency:
Ovladače (Zobraz běžící: True, Zobraz zastavené: False, Zobraz i bezpečné služby: False)
================================================================
[?] Service for Realtek AC97 Audio (WDM)
|_ Cesta: C:\WINDOWS\system32\drivers\ALCXWDM.SYS
| |_ Výrobce: Realtek Semiconductor Corp.
| |_ Popis: Realtek AC'97 Audio Driver (WDM)
| |_ MD5: D9026163ED32A13923A2C909897A6B87
|
|_ Jméno: ALCXWDM
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] HSFHWBS2
|_ Cesta: C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys
| |_ Výrobce: Conexant Systems, Inc.
| |_ Popis: HSF_HWB2 WDM driver
| |_ MD5: 970178E8E003EB1481293830069624B9
|
|_ Jméno: HSFHWBS2
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] HSF_DP
|_ Cesta: C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys
| |_ Výrobce: Conexant Systems, Inc.
| |_ Popis: HSF_DP driver
| |_ MD5: EBB354438A4C5A3327FB97306260714A
|
|_ Jméno: HSF_DP
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] mdmxsdk
|_ Cesta: C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
| |_ Výrobce: Conexant
| |_ Popis: Diagnostic Interface DRIVER
| |_ MD5: 195741AEE20369980796B557358CD774
|
|_ Jméno: mdmxsdk
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] nv
|_ Cesta: C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
| |_ Výrobce: NVIDIA Corporation
| |_ Popis: NVIDIA Compatible Windows 2000 Miniport Driver, Version 93.71
| |_ MD5: BA1B732C1A70CFEA0C1B64F2850BF44F
|
|_ Jméno: nv
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] VideoCAM Eye
|_ Cesta: C:\WINDOWS\system32\DRIVERS\snpstd.sys
| |_ Výrobce:
| |_ Popis: PC Camera driver
| |_ MD5: EAEE05416AE891D3A9F61C923033CEA9
|
|_ Jméno: snpstd
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] winachsf
|_ Cesta: C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys
| |_ Výrobce: Conexant Systems, Inc.
| |_ Popis: HSF_CNXT driver
| |_ MD5: 1225EBEA76AAC3C84DF6C54FE5E5D8BE
|
|_ Jméno: winachsf
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] ZDPSp50 NDIS Protocol Driver
|_ Cesta: C:\WINDOWS\System32\Drivers\ZDPSp50.sys
| |_ Výrobce: Printing Communications Assoc., Inc. (PCAUSA)
| |_ Popis: PCAUSA NDIS 5.0 SPR Protocol Driver
| |_ MD5: 00AE175B903D45ED4A62384D3315DC2A
|
|_ Jméno: ZDPSp50
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] Spyware Terminator Driver 2
|_ Cesta: C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
| |_ Výrobce: ?
| |_ Popis: ?
| |_ MD5: 8831252BCF05FCFB5ABD116A22E552D8
|
|_ Jméno: sp_rsdrv2
|_ StartName:
|_ Typ spouštění: System Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
lNetStat
================================================================
Typ: PID Proces Local <-> Remote Status
-----------------------------------------------------------------------------------------
TCP (652) Skype.exe 0.0.0.0:80 LISTENING
TCP (800) svchost.exe 0.0.0.0:135 LISTENING
TCP (652) Skype.exe 0.0.0.0:443 LISTENING
TCP (4) Systém 0.0.0.0:445 LISTENING
TCP (652) Skype.exe 0.0.0.0:43125 LISTENING
TCP (4) Systém 89.176.174.225:139 LISTENING
TCP (652) Skype.exe 89.176.174.225:1041 <-> 77.71.61.249:60080 ESTABLISHED
TCP (552) UPM.exe 89.176.174.225:1133 CLOSE_WAIT
TCP (3700) firefox.exe 89.176.174.225:1142 <-> 74.125.232.231:80 ESTABLISHED
TCP (0) 89.176.174.225:1150 TIME_WAIT
TCP (0) 89.176.174.225:1151 TIME_WAIT
TCP (0) 89.176.174.225:1153 TIME_WAIT
TCP (0) 89.176.174.225:1154 TIME_WAIT
TCP (652) Skype.exe 89.176.174.225:1155 <-> 213.146.189.204:12350ESTABLISHED
TCP (652) Skype.exe 89.176.174.225:1156 <-> 213.146.189.201:12350ESTABLISHED
TCP (0) 89.176.174.225:1161 TIME_WAIT
TCP (0) 89.176.174.225:1163 TIME_WAIT
TCP (0) 89.176.174.225:1165 TIME_WAIT
TCP (652) Skype.exe 89.176.174.225:1166 <-> 212.161.8.10:12350 ESTABLISHED
TCP (652) Skype.exe 89.176.174.225:1167 <-> 213.146.189.202:12350ESTABLISHED
TCP (652) Skype.exe 89.176.174.225:1169 <-> 213.146.189.206:12350ESTABLISHED
TCP (652) Skype.exe 89.176.174.225:1170 <-> 212.161.8.6:12350 ESTABLISHED
TCP (0) 89.176.174.225:1172 TIME_WAIT
TCP (0) 89.176.174.225:1174 TIME_WAIT
TCP (3700) firefox.exe 89.176.174.225:1176 LAST_ACK
TCP (0) 89.176.174.225:1184 TIME_WAIT
TCP (0) 89.176.174.225:1186 TIME_WAIT
TCP (0) 89.176.174.225:1187 TIME_WAIT
TCP (652) Skype.exe 89.176.174.225:1188 <-> 212.161.8.2:12350 ESTABLISHED
TCP (0) 89.176.174.225:1189 TIME_WAIT
TCP (652) Skype.exe 89.176.174.225:1190 <-> 213.146.189.205:12350ESTABLISHED
TCP (0) 89.176.174.225:1203 TIME_WAIT
TCP (0) 89.176.174.225:1206 TIME_WAIT
TCP (0) 89.176.174.225:1207 TIME_WAIT
TCP (0) 89.176.174.225:1208 TIME_WAIT
TCP (0) 89.176.174.225:1209 TIME_WAIT
TCP (0) 89.176.174.225:1211 TIME_WAIT
TCP (652) Skype.exe 89.176.174.225:1213 <-> 213.146.189.203:12350ESTABLISHED
TCP (0) 89.176.174.225:1214 TIME_WAIT
TCP (0) 89.176.174.225:1215 TIME_WAIT
TCP (652) Skype.exe 89.176.174.225:1218 <-> 212.161.8.3:12350 ESTABLISHED
TCP (0) 89.176.174.225:1219 TIME_WAIT
TCP (3700) firefox.exe 89.176.174.225:1239 <-> 217.31.52.197:80 ESTABLISHED
TCP (3700) firefox.exe 89.176.174.225:1240 <-> 95.168.205.43:80 ESTABLISHED
TCP (2200) alg.exe 127.0.0.1:1027 LISTENING
TCP (3700) firefox.exe 127.0.0.1:1062 <-> 127.0.0.1:1063 ESTABLISHED
TCP (3700) firefox.exe 127.0.0.1:1063 <-> 127.0.0.1:1062 ESTABLISHED
TCP (3700) firefox.exe 127.0.0.1:1076 <-> 127.0.0.1:1077 ESTABLISHED
UDP (652) Skype.exe 0.0.0.0:443 <-> 127.0.0.1:1076 ESTABLISHED
UDP (4) Systém 0.0.0.0:445
UDP (588) lsass.exe 0.0.0.0:500
UDP (588) lsass.exe 0.0.0.0:4500
UDP (652) Skype.exe 0.0.0.0:43125
UDP (868) svchost.exe 89.176.174.225:123
UDP (4) Systém 89.176.174.225:137
UDP (4) Systém 89.176.174.225:138
UDP (1004) svchost.exe 89.176.174.225:1900
UDP (868) svchost.exe 127.0.0.1:123
UDP (652) Skype.exe 127.0.0.1:1033
UDP (652) Skype.exe 127.0.0.1:1057
UDP (1004) svchost.exe 127.0.0.1:1900
Moduly (Zobraz i bezpečné DLL: False, Jen bez výrobce: True, Zobraz registrované: False)
================================================================
[X] rarlng.dll
|_ Cesta: C:\Program Files\WinRAR\rarlng.dll
|_ MD5: 82C6E0E74EB68B7A7C0C4B41631F16D2
|_ Výrobce:
|_ Procesy
|_ explorer.exe (1460)
[!] sptcontmenu.dll
|_ Cesta: C:\Program Files\Spyware Terminator\sptcontmenu.dll
|_ MD5: A5E97B2B88CC48FC178E88BF6E02F5EC
|_ Výrobce: Crawler.com
|_ Procesy
|_ explorer.exe (1460)
[?] corperfmonext.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
|_ MD5: 56C38B8FCC43FFED6F9F33AE8E6FD190
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ Skype.exe (652)
[?] perfcounter.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
|_ MD5: FFFB49BA718EB2D100E58129265D002C
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ Skype.exe (652)
[?] aspnet_isapi.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
|_ MD5: 056E6BFD6314BBB84D5DFB1CA529CD60
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ Skype.exe (652)
[?] fusion.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
|_ MD5: 7C87A5FB95777E4132B11FC3D92CAAF5
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqutils.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqutils\3.0.0.0__a53cf5803f4c3827\hpqutils.dll
|_ MD5: 45585D5153E6E0F56AA386188B4FDC02
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqfmrsc.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqfmrsc\3.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
|_ MD5: 62E2303EE6EC6BB83C2E716FB97A4A2B
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqgldlg.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqgldlg\3.0.0.0__a53cf5803f4c3827\hpqgldlg.dll
|_ MD5: B40E2058CC31208A5C04B1F4BB46497A
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqtray.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqtray\3.0.0.0__a53cf5803f4c3827\hpqtray.dll
|_ MD5: A2A97B32344039990D30A72F2D03C48D
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqgskin.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqgskin\3.0.0.0__a53cf5803f4c3827\hpqgskin.dll
|_ MD5: EB9AF1CAAC2BB393817C1F2060B76BF0
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqcmctl.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqcmctl\3.0.0.0__a53cf5803f4c3827\hpqcmctl.dll
|_ MD5: 03770DE7C291D96A1A9FEF838051AB62
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqgalry.resources.dll
|_ Cesta: C:\Program Files\HP\Digital Imaging\bin\cs\hpqgalry.resources.dll
|_ MD5: 849ACB9ED95380A8BDAE0C11BF776E03
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqptfnd.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqptfnd\3.0.0.0__a53cf5803f4c3827\hpqptfnd.dll
|_ MD5: 4BAEF099C673C0FE524E90FCE3E9920E
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] interop.hpqcxm08.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\Interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\Interop.hpqcxm08.dll
|_ MD5: 41FACFA395061A94ED70A0B57968D6D2
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] lead.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\LEAD\13.0.0.89__9cf889f53ea9b907\LEAD.dll
|_ MD5: 6F9360B2984F7461F36682F0E65F089C
|_ Výrobce: LEAD Technologies, Inc.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] lead.wrapper.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\LEAD.Wrapper\13.0.0.89__9cf889f53ea9b907\LEAD.Wrapper.dll
|_ MD5: 3766A983F34924219C7C135EFD5F5944
|_ Výrobce: LEAD Technologies, Inc.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqimgrc.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqimgrc\3.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
|_ MD5: B0B806D268825A1491E9F01CF12E97E1
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqtray.resources.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqtray.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqtray.resources.dll
|_ MD5: 97F47B3332CCE2CDD974C2436CBAB256
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] lead.windows.forms.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\LEAD.Windows.Forms\13.0.0.89__9cf889f53ea9b907\LEAD.Windows.Forms.dll
|_ MD5: 48DFE42C4979BAE932D5F59C7734AB45
|_ Výrobce: LEAD Technologies, Inc.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] lead.drawing.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\LEAD.Drawing\13.0.0.89__9cf889f53ea9b907\LEAD.Drawing.dll
|_ MD5: D08D7BA4EB7FA4BB58C527AEF6B69FEB
|_ Výrobce: LEAD Technologies, Inc.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqfmrsc.resources.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqfmrsc.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqfmrsc.resources.dll
|_ MD5: 6AEF4E78976498F83A74729FF6B3F992
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] interop.hpqimgr.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\interop.hpqimgr\1.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
|_ MD5: 5DAF19AAC3E81F8131CC44C3EF0FE251
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqasset.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqasset\3.0.0.0__a53cf5803f4c3827\hpqasset.dll
|_ MD5: 9E34F711321586B7F9507C1DF18A7143
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqccrsc.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqccrsc\3.0.0.0__a53cf5803f4c3827\hpqccrsc.dll
|_ MD5: 0E473B6A6035FDA025AA322CCD9BA23D
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqmirsc.dll
|_ Cesta: C:\Program Files\HP\Digital Imaging\bin\hpqmirsc.dll
|_ MD5: F4164B0161F80A3447E327B9E7123443
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqmirsc.resources.dll
|_ Cesta: C:\Program Files\HP\Digital Imaging\bin\cs\hpqmirsc.resources.dll
|_ MD5: AA096EAA561040543501CBF9A463AE68
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqietpz.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqietpz\3.0.0.0__a53cf5803f4c3827\hpqietpz.dll
|_ MD5: 0BE6018CF2265C9132F2C985FFFC68EF
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqntrop.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqntrop\3.0.0.0__a53cf5803f4c3827\hpqntrop.dll
|_ MD5: 3A170D64D5A74995BC8F48A317920238
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqmdmr.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqmdmr\3.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
|_ MD5: 0C6403639B957BDD09B17BC759B48F1F
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] lead.drawing.imaging.imageprocessing.dll
|_ Cesta: c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.89__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll
|_ MD5: 761C18CDF664FEBFA55BD5E1966FDA36
|_ Výrobce: LEAD Technologies, Inc.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqprrsc.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqprrsc\3.0.0.0__a53cf5803f4c3827\hpqprrsc.dll
|_ MD5: 6DBA7105B3E981B8F0DF3CA09DD03268
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqimlib.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
|_ MD5: 113C4AF90BEEB552C6FE25C86FB90431
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqcmctl.resources.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqcmctl.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqcmctl.resources.dll
|_ MD5: 8775BD4933B5D873D3D76E1BB69FE97A
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqccrsc.resources.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqccrsc.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqccrsc.resources.dll
|_ MD5: 64D36CFA50F6E0069177EADE0FC29C5A
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqietpz.resources.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqietpz.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqietpz.resources.dll
|_ MD5: D31603FF564C06F3F382B040D3353C93
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] interop.hpdarc.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\Interop.HPDarc\1.0.0.0__19565c63d39c2842\Interop.hpdarc.dll
|_ MD5: F1C496F0C9E4C27840322AB823AE6079
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] mscorlib.resources.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\mscorlib.resources\1.0.5000.0_cs_b77a5c561934e089\Mscorlib.resources.dll
|_ MD5: 83D0F52B94011B3289EB7BF826CC8A71
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
[?] interop.hprblog.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\Interop.hprblog\3.0.0.0__a53cf5803f4c3827\Interop.hprblog.dll
|_ MD5: F89BDD4110A8F493AB2E4637F52EB1F4
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqcprsc.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
|_ MD5: 49C07E33183E90DF4C2321AD3E9F1FF4
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqcprsc.resources.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqcprsc.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqcprsc.resources.dll
|_ MD5: 170CBA71FFB3029787E05289B87FA560
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqisrtb.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
|_ MD5: 89F282AD7A8CDA198227B09FAF5078A5
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqisrtb.resources.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqisrtb.resources\4.0.0.0_cs_a53cf5803f4c3827\hpqisrtb.resources.dll
|_ MD5: FE4AF7930D178FBE153A414EFFA189EB
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqthumb.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
|_ MD5: 7FDD8096DCB5810CB8258BC55315CEF3
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqimgr.dll
|_ Cesta: C:\Program Files\HP\Digital Imaging\bin\hpqimgr.dll
|_ MD5: 5CA5B91352BA7E653E601342D2A585BF
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqiface.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqiface\3.0.0.0__a53cf5803f4c3827\hpqiface.dll
|_ MD5: B1CD469B4227012C20D50B4F9A9F5A86
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqcxm08.dll
|_ Cesta: C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll
|_ MD5: 2BB391A3E24991F303DBEF3C0B99BEB6
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] ltkrn13n.dll
|_ Cesta: C:\Program Files\HP\Digital Imaging\bin\ltkrn13n.dll
|_ MD5: E2CD12A09AAB75B19123E4AB807B2D25
|_ Výrobce: LEAD Technologies, Inc.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] mscorwks.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
|_ MD5: 74D879F95A0249E7007F6D94BD069C32
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
[?] mscorjit.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
|_ MD5: 3C923E1911CED5802C3BDB9CE18F64DA
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
[?] mscorsn.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
|_ MD5: 1A692DBDAC7A578187E0A94A850A6240
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
[?] mscorlib.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
|_ MD5: 0A8D6FE9110A23A2E561DD570C3B0508
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
|_ hpqgalry.exe (1760)
[?] accessibility.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\Accessibility.dll
|_ MD5: A1B44C0A1AD71F86579A4521D5B1C024
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
[?] system.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
|_ MD5: 9921697AFAA1349535316A346D87BB78
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
|_ hpqgalry.exe (1760)
[?] system.drawing.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
|_ MD5: BCF15390DE7368639C593735BF938D7A
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
|_ hpqgalry.exe (1760)
[?] system.windows.forms.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
|_ MD5: 2814E9BDB75088C0B4CF6C1123F6EC8E
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
|_ hpqgalry.exe (1760)
[?] system.xml.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
|_ MD5: A5205B3AF85B1477AB2C2A1E12201598
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
|_ hpqgalry.exe (1760)
[!] clamavserver.dll
|_ Cesta: C:\Program Files\WinClamAVShield\ClamAVServer.dll
|_ MD5: 16ABA5A31DA0B7374411079C309CABC0
|_ Výrobce: Crawler, LLC
|_ Procesy
|_ SpyWareTerminator.exe (2396)
================================================================
Ultimate Process Manager v4.1.3 - [ Lodus Software ]
Windows XP SP 3 (build 2600)
Boot Mode: Normal
Ověření souborů Microsoftu: Ano
Whitelist: Ano
Internet Explorer v8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
Log vygenerován: 22.6.2011 19:29:22
================================================================
SmallARK
================================================================
[?]NtClose -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtCreateFile -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtCreateKey -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtCreateSection -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtDeleteKey -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtDeleteValueKey -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtLoadDriver -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtOpenFile -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtSetInformationFile -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtSetValueKey -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtTerminateProcess -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[?]NtWriteFile -> C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
Běžící procesy
================================================================
C:\WINDOWS\SYSTEM32\NVSVC32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\VSNPSTD.EXE
C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQGALRY.EXE
C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE
C:\PROGRAM FILES\SPYWARE TERMINATOR\SP_RSSER.EXE
Scanner
================================================================
[S] explorer.exe
Spouští se po startu HKLM Winlogon [Shell]
[?] nvsvc32.exe
Non Microsoft v System32:
[S] rundll32.exe
Spouští se po startu HKLM Run [NvCplDaemon]
[?] soundman.exe
Spouští se po startu HKLM Run [SoundMan]
[?] vsnpstd.exe
Spouští se po startu HKLM Run [snpstd]
[R] AdobeARM.exe
Spouští se po startu HKLM Run [Adobe ARM]
[R] hpwuschd2.exe
Spouští se po startu HKLM Run [HP Software Update]
[S] ctfmon.exe
Spouští se po startu HKCU Run [ctfmon.exe]
[R] Skype.exe
Spouští se po startu HKCU Run [Skype]
Podvržená cesta modulu: (00400000) C:\Program Files\Skype\Phone\Skype.exe
[?] hpqgalry.exe
EntryPoint v sekci:
|_ Celkový počet sekcí: 3
Soubor 7%
[R] skypePM.exe
EntryPoint v sekci: CODE
|_ Celkový počet sekcí: 8
[?] SpywareTerminatorShield.Exe
EntryPoint v sekci: .ITEXT
|_ Celkový počet sekcí: 9
Soubor 70%
[?] sp_rsser.exe
EntryPoint v sekci: .ITEXT
|_ Celkový počet sekcí: 9
Nemá okno
Soubor 70%
[R] SpyWareTerminator.exe
EntryPoint v sekci: .ITEXT
|_ Celkový počet sekcí: 9
Po spuštění
================================================================
HKCU Run
|_ [R][Skype] C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized
HKLM Run
|_ [?][NvCplDaemon] C:\WINDOWS\system32\NvCpl.dll ,NvStartup
|_ [?][nwiz] nwiz.exe /install
|_ [?][NvMediaCenter] C:\WINDOWS\system32\NvMcTray.dll ,NvTaskbarInit
|_ [?][SoundMan] C:\WINDOWS\SOUNDMAN.EXE
|_ [?][snpstd] C:\WINDOWS\vsnpstd.exe
|_ [X][KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k (Soubor nenalezen)
|_ (Soubor nenalezen)
HKLM IC
|_ [X][>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP (Soubor nenalezen)
|_ [?][{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] C:\WINDOWS\INF\msnetmtg.inf ,NetMtg.Install.PerUser.NT
|_ [?][{5945c046-1e7d-11d1-bc44-00c04fd912be}] C:\WINDOWS\INF\msmsgs.inf ,BLC.QuietInstall.PerUser
|_ [?][{6BF52A52-394A-11d3-B153-00C04F79FAA6}] C:\WINDOWS\INF\wmp.inf ,PerUserStub
|_ [?][{89820200-ECBD-11cf-8B85-00AA005B4340}] regsvr32.exe /s /n /i:U shell32.dll
Po spuštění
|_ C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
|_ C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
Služby (Zobraz běžící: True, Zobraz zastavené: False, Zobraz i bezpečné služby: False)
================================================================
[X] Služba Google Update (gupdate)
|_ Cesta: C:\Program Files\Google\Update\GoogleUpdate.exe /svc
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: gupdate
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Own Process
|_ Dependency: RPCSS
[?] NVIDIA Display Driver Service
|_ Cesta: C:\WINDOWS\system32\nvsvc32.exe
| |_ Výrobce: NVIDIA Corporation
| |_ Popis: NVIDIA Driver Helper Service, Version 93.71
| |_ MD5: 0FEBE37DB6650FAA5965C00545009D1D
|
|_ Jméno: NVSvc
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Win32 Own Process
|_ Dependency:
[!] Spyware Terminator Realtime Shield Service
|_ Cesta: C:\Program Files\Spyware Terminator\sp_rsser.exe
| |_ Výrobce: Crawler.com
| |_ Popis: Spyware Terminator Realtime Shield 32-bit Service
| |_ MD5: 642180B8F50E7FC1FBAF87C718E259D6
|
|_ Jméno: sp_rssrv
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Win32 Own Process
|_ Dependency:
Ovladače (Zobraz běžící: True, Zobraz zastavené: False, Zobraz i bezpečné služby: False)
================================================================
[?] Service for Realtek AC97 Audio (WDM)
|_ Cesta: C:\WINDOWS\system32\drivers\ALCXWDM.SYS
| |_ Výrobce: Realtek Semiconductor Corp.
| |_ Popis: Realtek AC'97 Audio Driver (WDM)
| |_ MD5: D9026163ED32A13923A2C909897A6B87
|
|_ Jméno: ALCXWDM
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] HSFHWBS2
|_ Cesta: C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys
| |_ Výrobce: Conexant Systems, Inc.
| |_ Popis: HSF_HWB2 WDM driver
| |_ MD5: 970178E8E003EB1481293830069624B9
|
|_ Jméno: HSFHWBS2
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] HSF_DP
|_ Cesta: C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys
| |_ Výrobce: Conexant Systems, Inc.
| |_ Popis: HSF_DP driver
| |_ MD5: EBB354438A4C5A3327FB97306260714A
|
|_ Jméno: HSF_DP
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] mdmxsdk
|_ Cesta: C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
| |_ Výrobce: Conexant
| |_ Popis: Diagnostic Interface DRIVER
| |_ MD5: 195741AEE20369980796B557358CD774
|
|_ Jméno: mdmxsdk
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] nv
|_ Cesta: C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
| |_ Výrobce: NVIDIA Corporation
| |_ Popis: NVIDIA Compatible Windows 2000 Miniport Driver, Version 93.71
| |_ MD5: BA1B732C1A70CFEA0C1B64F2850BF44F
|
|_ Jméno: nv
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] VideoCAM Eye
|_ Cesta: C:\WINDOWS\system32\DRIVERS\snpstd.sys
| |_ Výrobce:
| |_ Popis: PC Camera driver
| |_ MD5: EAEE05416AE891D3A9F61C923033CEA9
|
|_ Jméno: snpstd
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] winachsf
|_ Cesta: C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys
| |_ Výrobce: Conexant Systems, Inc.
| |_ Popis: HSF_CNXT driver
| |_ MD5: 1225EBEA76AAC3C84DF6C54FE5E5D8BE
|
|_ Jméno: winachsf
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] ZDPSp50 NDIS Protocol Driver
|_ Cesta: C:\WINDOWS\System32\Drivers\ZDPSp50.sys
| |_ Výrobce: Printing Communications Assoc., Inc. (PCAUSA)
| |_ Popis: PCAUSA NDIS 5.0 SPR Protocol Driver
| |_ MD5: 00AE175B903D45ED4A62384D3315DC2A
|
|_ Jméno: ZDPSp50
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] Spyware Terminator Driver 2
|_ Cesta: C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
| |_ Výrobce: ?
| |_ Popis: ?
| |_ MD5: 8831252BCF05FCFB5ABD116A22E552D8
|
|_ Jméno: sp_rsdrv2
|_ StartName:
|_ Typ spouštění: System Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
lNetStat
================================================================
Typ: PID Proces Local <-> Remote Status
-----------------------------------------------------------------------------------------
TCP (652) Skype.exe 0.0.0.0:80 LISTENING
TCP (800) svchost.exe 0.0.0.0:135 LISTENING
TCP (652) Skype.exe 0.0.0.0:443 LISTENING
TCP (4) Systém 0.0.0.0:445 LISTENING
TCP (652) Skype.exe 0.0.0.0:43125 LISTENING
TCP (4) Systém 89.176.174.225:139 LISTENING
TCP (652) Skype.exe 89.176.174.225:1041 <-> 77.71.61.249:60080 ESTABLISHED
TCP (552) UPM.exe 89.176.174.225:1133 CLOSE_WAIT
TCP (3700) firefox.exe 89.176.174.225:1142 <-> 74.125.232.231:80 ESTABLISHED
TCP (0) 89.176.174.225:1150 TIME_WAIT
TCP (0) 89.176.174.225:1151 TIME_WAIT
TCP (0) 89.176.174.225:1153 TIME_WAIT
TCP (0) 89.176.174.225:1154 TIME_WAIT
TCP (652) Skype.exe 89.176.174.225:1155 <-> 213.146.189.204:12350ESTABLISHED
TCP (652) Skype.exe 89.176.174.225:1156 <-> 213.146.189.201:12350ESTABLISHED
TCP (0) 89.176.174.225:1161 TIME_WAIT
TCP (0) 89.176.174.225:1163 TIME_WAIT
TCP (0) 89.176.174.225:1165 TIME_WAIT
TCP (652) Skype.exe 89.176.174.225:1166 <-> 212.161.8.10:12350 ESTABLISHED
TCP (652) Skype.exe 89.176.174.225:1167 <-> 213.146.189.202:12350ESTABLISHED
TCP (652) Skype.exe 89.176.174.225:1169 <-> 213.146.189.206:12350ESTABLISHED
TCP (652) Skype.exe 89.176.174.225:1170 <-> 212.161.8.6:12350 ESTABLISHED
TCP (0) 89.176.174.225:1172 TIME_WAIT
TCP (0) 89.176.174.225:1174 TIME_WAIT
TCP (3700) firefox.exe 89.176.174.225:1176 LAST_ACK
TCP (0) 89.176.174.225:1184 TIME_WAIT
TCP (0) 89.176.174.225:1186 TIME_WAIT
TCP (0) 89.176.174.225:1187 TIME_WAIT
TCP (652) Skype.exe 89.176.174.225:1188 <-> 212.161.8.2:12350 ESTABLISHED
TCP (0) 89.176.174.225:1189 TIME_WAIT
TCP (652) Skype.exe 89.176.174.225:1190 <-> 213.146.189.205:12350ESTABLISHED
TCP (0) 89.176.174.225:1203 TIME_WAIT
TCP (0) 89.176.174.225:1206 TIME_WAIT
TCP (0) 89.176.174.225:1207 TIME_WAIT
TCP (0) 89.176.174.225:1208 TIME_WAIT
TCP (0) 89.176.174.225:1209 TIME_WAIT
TCP (0) 89.176.174.225:1211 TIME_WAIT
TCP (652) Skype.exe 89.176.174.225:1213 <-> 213.146.189.203:12350ESTABLISHED
TCP (0) 89.176.174.225:1214 TIME_WAIT
TCP (0) 89.176.174.225:1215 TIME_WAIT
TCP (652) Skype.exe 89.176.174.225:1218 <-> 212.161.8.3:12350 ESTABLISHED
TCP (0) 89.176.174.225:1219 TIME_WAIT
TCP (3700) firefox.exe 89.176.174.225:1239 <-> 217.31.52.197:80 ESTABLISHED
TCP (3700) firefox.exe 89.176.174.225:1240 <-> 95.168.205.43:80 ESTABLISHED
TCP (2200) alg.exe 127.0.0.1:1027 LISTENING
TCP (3700) firefox.exe 127.0.0.1:1062 <-> 127.0.0.1:1063 ESTABLISHED
TCP (3700) firefox.exe 127.0.0.1:1063 <-> 127.0.0.1:1062 ESTABLISHED
TCP (3700) firefox.exe 127.0.0.1:1076 <-> 127.0.0.1:1077 ESTABLISHED
UDP (652) Skype.exe 0.0.0.0:443 <-> 127.0.0.1:1076 ESTABLISHED
UDP (4) Systém 0.0.0.0:445
UDP (588) lsass.exe 0.0.0.0:500
UDP (588) lsass.exe 0.0.0.0:4500
UDP (652) Skype.exe 0.0.0.0:43125
UDP (868) svchost.exe 89.176.174.225:123
UDP (4) Systém 89.176.174.225:137
UDP (4) Systém 89.176.174.225:138
UDP (1004) svchost.exe 89.176.174.225:1900
UDP (868) svchost.exe 127.0.0.1:123
UDP (652) Skype.exe 127.0.0.1:1033
UDP (652) Skype.exe 127.0.0.1:1057
UDP (1004) svchost.exe 127.0.0.1:1900
Moduly (Zobraz i bezpečné DLL: False, Jen bez výrobce: True, Zobraz registrované: False)
================================================================
[X] rarlng.dll
|_ Cesta: C:\Program Files\WinRAR\rarlng.dll
|_ MD5: 82C6E0E74EB68B7A7C0C4B41631F16D2
|_ Výrobce:
|_ Procesy
|_ explorer.exe (1460)
[!] sptcontmenu.dll
|_ Cesta: C:\Program Files\Spyware Terminator\sptcontmenu.dll
|_ MD5: A5E97B2B88CC48FC178E88BF6E02F5EC
|_ Výrobce: Crawler.com
|_ Procesy
|_ explorer.exe (1460)
[?] corperfmonext.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
|_ MD5: 56C38B8FCC43FFED6F9F33AE8E6FD190
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ Skype.exe (652)
[?] perfcounter.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
|_ MD5: FFFB49BA718EB2D100E58129265D002C
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ Skype.exe (652)
[?] aspnet_isapi.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
|_ MD5: 056E6BFD6314BBB84D5DFB1CA529CD60
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ Skype.exe (652)
[?] fusion.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
|_ MD5: 7C87A5FB95777E4132B11FC3D92CAAF5
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqutils.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqutils\3.0.0.0__a53cf5803f4c3827\hpqutils.dll
|_ MD5: 45585D5153E6E0F56AA386188B4FDC02
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqfmrsc.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqfmrsc\3.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
|_ MD5: 62E2303EE6EC6BB83C2E716FB97A4A2B
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqgldlg.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqgldlg\3.0.0.0__a53cf5803f4c3827\hpqgldlg.dll
|_ MD5: B40E2058CC31208A5C04B1F4BB46497A
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqtray.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqtray\3.0.0.0__a53cf5803f4c3827\hpqtray.dll
|_ MD5: A2A97B32344039990D30A72F2D03C48D
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqgskin.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqgskin\3.0.0.0__a53cf5803f4c3827\hpqgskin.dll
|_ MD5: EB9AF1CAAC2BB393817C1F2060B76BF0
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqcmctl.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqcmctl\3.0.0.0__a53cf5803f4c3827\hpqcmctl.dll
|_ MD5: 03770DE7C291D96A1A9FEF838051AB62
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqgalry.resources.dll
|_ Cesta: C:\Program Files\HP\Digital Imaging\bin\cs\hpqgalry.resources.dll
|_ MD5: 849ACB9ED95380A8BDAE0C11BF776E03
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqptfnd.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqptfnd\3.0.0.0__a53cf5803f4c3827\hpqptfnd.dll
|_ MD5: 4BAEF099C673C0FE524E90FCE3E9920E
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] interop.hpqcxm08.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\Interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\Interop.hpqcxm08.dll
|_ MD5: 41FACFA395061A94ED70A0B57968D6D2
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] lead.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\LEAD\13.0.0.89__9cf889f53ea9b907\LEAD.dll
|_ MD5: 6F9360B2984F7461F36682F0E65F089C
|_ Výrobce: LEAD Technologies, Inc.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] lead.wrapper.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\LEAD.Wrapper\13.0.0.89__9cf889f53ea9b907\LEAD.Wrapper.dll
|_ MD5: 3766A983F34924219C7C135EFD5F5944
|_ Výrobce: LEAD Technologies, Inc.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqimgrc.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqimgrc\3.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
|_ MD5: B0B806D268825A1491E9F01CF12E97E1
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqtray.resources.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqtray.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqtray.resources.dll
|_ MD5: 97F47B3332CCE2CDD974C2436CBAB256
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] lead.windows.forms.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\LEAD.Windows.Forms\13.0.0.89__9cf889f53ea9b907\LEAD.Windows.Forms.dll
|_ MD5: 48DFE42C4979BAE932D5F59C7734AB45
|_ Výrobce: LEAD Technologies, Inc.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] lead.drawing.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\LEAD.Drawing\13.0.0.89__9cf889f53ea9b907\LEAD.Drawing.dll
|_ MD5: D08D7BA4EB7FA4BB58C527AEF6B69FEB
|_ Výrobce: LEAD Technologies, Inc.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqfmrsc.resources.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqfmrsc.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqfmrsc.resources.dll
|_ MD5: 6AEF4E78976498F83A74729FF6B3F992
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] interop.hpqimgr.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\interop.hpqimgr\1.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
|_ MD5: 5DAF19AAC3E81F8131CC44C3EF0FE251
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqasset.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqasset\3.0.0.0__a53cf5803f4c3827\hpqasset.dll
|_ MD5: 9E34F711321586B7F9507C1DF18A7143
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqccrsc.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqccrsc\3.0.0.0__a53cf5803f4c3827\hpqccrsc.dll
|_ MD5: 0E473B6A6035FDA025AA322CCD9BA23D
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqmirsc.dll
|_ Cesta: C:\Program Files\HP\Digital Imaging\bin\hpqmirsc.dll
|_ MD5: F4164B0161F80A3447E327B9E7123443
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqmirsc.resources.dll
|_ Cesta: C:\Program Files\HP\Digital Imaging\bin\cs\hpqmirsc.resources.dll
|_ MD5: AA096EAA561040543501CBF9A463AE68
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqietpz.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqietpz\3.0.0.0__a53cf5803f4c3827\hpqietpz.dll
|_ MD5: 0BE6018CF2265C9132F2C985FFFC68EF
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqntrop.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqntrop\3.0.0.0__a53cf5803f4c3827\hpqntrop.dll
|_ MD5: 3A170D64D5A74995BC8F48A317920238
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqmdmr.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqmdmr\3.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
|_ MD5: 0C6403639B957BDD09B17BC759B48F1F
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] lead.drawing.imaging.imageprocessing.dll
|_ Cesta: c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.89__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll
|_ MD5: 761C18CDF664FEBFA55BD5E1966FDA36
|_ Výrobce: LEAD Technologies, Inc.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqprrsc.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqprrsc\3.0.0.0__a53cf5803f4c3827\hpqprrsc.dll
|_ MD5: 6DBA7105B3E981B8F0DF3CA09DD03268
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqimlib.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
|_ MD5: 113C4AF90BEEB552C6FE25C86FB90431
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqcmctl.resources.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqcmctl.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqcmctl.resources.dll
|_ MD5: 8775BD4933B5D873D3D76E1BB69FE97A
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqccrsc.resources.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqccrsc.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqccrsc.resources.dll
|_ MD5: 64D36CFA50F6E0069177EADE0FC29C5A
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqietpz.resources.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqietpz.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqietpz.resources.dll
|_ MD5: D31603FF564C06F3F382B040D3353C93
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] interop.hpdarc.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\Interop.HPDarc\1.0.0.0__19565c63d39c2842\Interop.hpdarc.dll
|_ MD5: F1C496F0C9E4C27840322AB823AE6079
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] mscorlib.resources.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\mscorlib.resources\1.0.5000.0_cs_b77a5c561934e089\Mscorlib.resources.dll
|_ MD5: 83D0F52B94011B3289EB7BF826CC8A71
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
[?] interop.hprblog.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\Interop.hprblog\3.0.0.0__a53cf5803f4c3827\Interop.hprblog.dll
|_ MD5: F89BDD4110A8F493AB2E4637F52EB1F4
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqcprsc.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
|_ MD5: 49C07E33183E90DF4C2321AD3E9F1FF4
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqcprsc.resources.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqcprsc.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqcprsc.resources.dll
|_ MD5: 170CBA71FFB3029787E05289B87FA560
|_ Výrobce:
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqisrtb.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
|_ MD5: 89F282AD7A8CDA198227B09FAF5078A5
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqisrtb.resources.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqisrtb.resources\4.0.0.0_cs_a53cf5803f4c3827\hpqisrtb.resources.dll
|_ MD5: FE4AF7930D178FBE153A414EFFA189EB
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqthumb.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
|_ MD5: 7FDD8096DCB5810CB8258BC55315CEF3
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqimgr.dll
|_ Cesta: C:\Program Files\HP\Digital Imaging\bin\hpqimgr.dll
|_ MD5: 5CA5B91352BA7E653E601342D2A585BF
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqiface.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\hpqiface\3.0.0.0__a53cf5803f4c3827\hpqiface.dll
|_ MD5: B1CD469B4227012C20D50B4F9A9F5A86
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] hpqcxm08.dll
|_ Cesta: C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll
|_ MD5: 2BB391A3E24991F303DBEF3C0B99BEB6
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] ltkrn13n.dll
|_ Cesta: C:\Program Files\HP\Digital Imaging\bin\ltkrn13n.dll
|_ MD5: E2CD12A09AAB75B19123E4AB807B2D25
|_ Výrobce: LEAD Technologies, Inc.
|_ Procesy
|_ hpqgalry.exe (1760)
[?] mscorwks.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
|_ MD5: 74D879F95A0249E7007F6D94BD069C32
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
[?] mscorjit.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
|_ MD5: 3C923E1911CED5802C3BDB9CE18F64DA
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
[?] mscorsn.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
|_ MD5: 1A692DBDAC7A578187E0A94A850A6240
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
[?] mscorlib.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
|_ MD5: 0A8D6FE9110A23A2E561DD570C3B0508
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
|_ hpqgalry.exe (1760)
[?] accessibility.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\Accessibility.dll
|_ MD5: A1B44C0A1AD71F86579A4521D5B1C024
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
[?] system.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
|_ MD5: 9921697AFAA1349535316A346D87BB78
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
|_ hpqgalry.exe (1760)
[?] system.drawing.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
|_ MD5: BCF15390DE7368639C593735BF938D7A
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
|_ hpqgalry.exe (1760)
[?] system.windows.forms.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
|_ MD5: 2814E9BDB75088C0B4CF6C1123F6EC8E
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
|_ hpqgalry.exe (1760)
[?] system.xml.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
|_ MD5: A5205B3AF85B1477AB2C2A1E12201598
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hpqgalry.exe (1760)
|_ hpqgalry.exe (1760)
[!] clamavserver.dll
|_ Cesta: C:\Program Files\WinClamAVShield\ClamAVServer.dll
|_ MD5: 16ABA5A31DA0B7374411079C309CABC0
|_ Výrobce: Crawler, LLC
|_ Procesy
|_ SpyWareTerminator.exe (2396)
================================================================
Ultimate Process Manager v4.1.3 - [ Lodus Software ]