 | | |
 | Stránka: 1 z 1
| [ Príspevkov: 8 ] | |
| Autor | Správa |
|---|
Registrovaný: 27.07.08
Prihlásený: 21.08.08
Príspevky: 38
Témy: 7
Bydlisko: Košice |  Napísal toki: 28.07.2008 21:21 | |
|
nvm kam som mal dat tuto temu, ale mam jeden problem...mal som virus, ktory som odstranil ale niektore jeho nasledky este stale mam:
1.) pri hodinkach v dolnom pravom rohu mi stale vipisuje VIRUS ALERT! ako to odstranim???
2.)ked kliknem na nieco pravym a dam vlastnosti, pri vytvorene,zmenene,otvorene pise cas ale taktiez VIRUS ALERT
3.) ak kliknem na start nemam tam tu druhu ponuku ako je vypnut pc...zda sa mi ze tam ma byt odhlasit alebo nieco take...ako to pls opravim?
|
|
Registrovaný: 12.06.08
Prihlásený: 16.09.10
Príspevky: 440
Témy: 4 | Napísal Kosak: 28.07.2008 21:37 | |
|
Zdravim,
myslim, ze tam este budu nejake nasledky. Posli log z Ultimate Process Manageru. Spustis subor _MAKE_LOG_SK.bat, zasrtas procesy, po spusteni, moduly, sluzby, ovladace a to staci.
|
|
Registrovaný: 27.07.08
Prihlásený: 21.08.08
Príspevky: 38
Témy: 7
Bydlisko: Košice | Napísal autor témy toki: 28.07.2008 21:57 | |
|
[code]Windows XP SP 2 (build 2600)
Boot Mode: Normal
Overení sůborů Microsoftu: Áno
Internet Explorer v6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Log vygenerovaný:28. 7. 2008 21:55:57
================================================================
Test UPM
Testujem funkcie... OK
Bežiace procesy
================================================================
H:\WINDOWS\SYSTEM32\SMSS.EXE
|_ MD5: 04B69D49D7FC3358A372E97DB6D39447
|_Výrobca: Microsoft Corporation
H:\WINDOWS\SYSTEM32\CSRSS.EXE
|_ MD5: 490E6E57E54FAF5F23F658EA188405A1
|_Výrobca: Microsoft Corporation
H:\WINDOWS\SYSTEM32\WINLOGON.EXE
|_ MD5: 221C29AE1B4CC61D11D8B27DE78B2307
|_Výrobca: Microsoft Corporation
H:\WINDOWS\SYSTEM32\SERVICES.EXE
|_ MD5: 6E401E61F952FBBF708AFBECEFAFAE81
|_Výrobca: Microsoft Corporation
H:\WINDOWS\SYSTEM32\LSASS.EXE
|_ MD5: 82A362FE1D4980B71B588D9C10748511
|_Výrobca: Microsoft Corporation
H:\WINDOWS\SYSTEM32\SVCHOST.EXE
|_ MD5: DFBA2915B0BF58ABB288CD4C9318CB3F
|_Výrobca: Microsoft Corporation
H:\WINDOWS\SYSTEM32\SVCHOST.EXE
|_ MD5: DFBA2915B0BF58ABB288CD4C9318CB3F
|_Výrobca: Microsoft Corporation
H:\WINDOWS\SYSTEM32\SVCHOST.EXE
|_ MD5: DFBA2915B0BF58ABB288CD4C9318CB3F
|_Výrobca: Microsoft Corporation
H:\PROGRAM FILES\TGTSOFT\STYLEXP\STYLEXPSERVICE.EXE
|_ MD5: 564286A42AF81FB2B61EED32FCDE020C
|_Výrobca:
H:\WINDOWS\SYSTEM32\SVCHOST.EXE
|_ MD5: DFBA2915B0BF58ABB288CD4C9318CB3F
|_Výrobca: Microsoft Corporation
H:\WINDOWS\SYSTEM32\SVCHOST.EXE
|_ MD5: DFBA2915B0BF58ABB288CD4C9318CB3F
|_Výrobca: Microsoft Corporation
H:\WINDOWS\SYSTEM32\SPOOLSV.EXE
|_ MD5: 21B6FAA88044A41640E03EBB68BE93E8
|_Výrobca: Microsoft Corporation
H:\WINDOWS\SYSTEM32\BGSVCGEN.EXE
|_ MD5: 71489FA2C4A238F178E30AE6E4449013
|_Výrobca: B.H.A Corporation
H:\PROGRAM FILES\MARVELL\61XX\APACHE2\BIN\APACHE.EXE
|_ MD5: 70149A8B2A9B171D07C20D5595282550
|_Výrobca: Apache Software Foundation
H:\PROGRAM FILES\ESET\NOD32KRN.EXE
|_ MD5: 9B18F31C059C5F061D6C628E0A771EC1
|_Výrobca: Eset
H:\WINDOWS\SYSTEM32\NVSVC32.EXE
|_ MD5: 74D8BE0A343D71F83B5A5485F8894F7E
|_Výrobca: NVIDIA Corporation
H:\PROGRAM FILES\MARVELL\61XX\APACHE2\BIN\APACHE.EXE
|_ MD5: 70149A8B2A9B171D07C20D5595282550
|_Výrobca: Apache Software Foundation
H:\PROGRAM FILES\ALCOHOL SOFT\ALCOHOL 120\STARWIND\STARWINDSERVICEAE.EXE
|_ MD5: B1691AF4A072CB674D600DB16DD7308E
|_Výrobca: Rocket Division Software
H:\WINDOWS\SYSTEM32\SVCHOST.EXE
|_ MD5: DFBA2915B0BF58ABB288CD4C9318CB3F
|_Výrobca: Microsoft Corporation
H:\WINDOWS\SYSTEM32\ALG.EXE
|_ MD5: B3F690BF43F93A012A52F28F234FAA1B
|_Výrobca: Microsoft Corporation
H:\WINDOWS\SYSTEM32\WSCNTFY.EXE
|_ MD5: 93F75FF033BAA186D08115D73BFE3D32
|_Výrobca: Microsoft Corporation
H:\WINDOWS\EXPLORER.EXE
|_ MD5: 53114D57AB73A406AC7F602227781A99
|_Výrobca: Microsoft Corporation
H:\PROGRAM FILES\ASUS\AI SUITE\AINAP\AINAP.EXE
|_ MD5: 6860AAA8D8434D34A43F0AF721151AED
|_Výrobca:
H:\PROGRAM FILES\ASUS\AI SUITE\AIGEAR3\CPUPOWERMONITOR.EXE
|_ MD5: F8AD38B9C87E7303C587E1983A069C08
|_Výrobca:
H:\PROGRAM FILES\ASUS\AI SUITE\ENERGYSAVING\PWSAVE.EXE
|_ MD5: 0E5C355157948BC2CEDA4798C692FED3
|_Výrobca:
H:\PROGRAM FILES\IOI\IOI\BUTTONMONITOR.EXE
|_ MD5: 4228A7207B28AD19101E680219311F6E
|_Výrobca:
H:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISSCH.EXE
|_ MD5: 872B3D5F6F9F9BDFD6A83EE8AA5824B4
|_Výrobca: InstallShield Software Corporation
H:\PROGRAM FILES\XPERTVISION\TBPANEL.EXE
|_ MD5: 0C151ACBECFFD8A05618A84CFBC95EE4
|_Výrobca: Xpertvision, Inc.
H:\WINDOWS\SYSTEM32\RUNDLL32.EXE
|_ MD5: 69B5CE8A9D8446C9CD0390276123BE3A
|_Výrobca: Microsoft Corporation
H:\PROGRAM FILES\LABTEC\KEYBOARD\V5.1\KBDAP32A.EXE
|_ MD5: A2704E47F9AC4CB6469D22A72B477A66
|_Výrobca:
H:\WINDOWS\RTHDCPL.EXE
|_ MD5: 32C139FC0363681804EFF9394CD6B1B8
|_Výrobca: Realtek Semiconductor Corp.
H:\PROGRAM FILES\ASUS\AASP\1.00.59\AACENTER.EXE
|_ MD5: C1BFAA9AF96B48E1959F8FBD952CF62B
|_Výrobca:
H:\PROGRAM FILES\QUICKTIME\QTTASK.EXE
|_ MD5: FC9F5C5D87D0A6D1E10773D20CB3C3EF
|_Výrobca: Apple Computer, Inc.
H:\PROGRAM FILES\ESET\NOD32KUI.EXE
|_ MD5: 3F0785BCC78224A50F31FBE794B6337D
|_Výrobca: Eset
H:\WINDOWS\SYSTEM32\CTFMON.EXE
|_ MD5: A5BAA91475167161DEA02BA3C4CA4F59
|_Výrobca: Microsoft Corporation
H:\PROGRAM FILES\TGTSOFT\STYLEXP\STYLEXP.EXE
|_ MD5: 636A1A04D7033DED923FC151BD0219AE
|_Výrobca:
H:\PROGRAM FILES\COMMON FILES\AHEAD\LIB\NMBGMONITOR.EXE
|_ MD5: 7824452741212AF839EA61A9E9F1EA0B
|_Výrobca: Nero AG
H:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
|_ MD5: 08FC1FAD357F053043016597B6559BDC
|_Výrobca: Safer Networking Limited
H:\PROGRAM FILES\COMMON FILES\AHEAD\LIB\NMINDEXSTORESVR.EXE
|_ MD5: A21E313F65231675C5CEE7A687C67E26
|_Výrobca: Nero AG
H:\PROGRAM FILES\LG SOFT INDIA\FORTEMANAGER\BIN\MONITOR.EXE
|_ MD5: D0C52918614D9BC91C1611698A03C967
|_Výrobca:
H:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE
|_ MD5: BE511D3BE77DC0E1FE6C476E275AD85F
|_Výrobca: Microsoft Corporation
H:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
|_ MD5: 8FD9724777C5DA9665ADB7B554F746BC
|_Výrobca: Mozilla Corporation
H:\DOCUMENTS AND SETTINGS\PATRIK TOKÁR\PLOCHA\UPM.EXE
|_ MD5: 162DA29D0E8203CEFE5276998C03B5A0
|_Výrobca: Lodus Software
Scanner
================================================================
[S] svchost.exe
Skrytý modul: 74EA0000h H:\WINDOWS\system32\wbem\wbemsvc.dll
[?] StyleXPService.exe
Bez výrobcu
Nemá okno
Súbor 7%
[?] bgsvcgen.exe
Bez výrobcu v System32
Nemá okno
Súbor 7%
[?] Apache.exe
Bez výrobcu
Nemá okno
Súbor 7%
[?] nod32krn.exe
Bez výrobcu
Súbor 7%
[?] nvsvc32.exe
Bez výrobcu v System32
Súbor 7%
[?] Apache.exe
Bez výrobcu
Nemá okno
Súbor 7%
[?] StarWindServiceAE.exe
Bez výrobcu
Nemá okno
Súbor 7%
[S] explorer.exe
Spúšťa sa po štarte HKLM Winlogon [Shell]
[?] AiNap.exe
Bez výrobcu
Spúšťa sa po štarte HKLM Run [Ai Nap]
Súbor 12%
[?] CpuPowerMonitor.exe
Bez výrobcu
Spúšťa sa po štarte HKLM Run [CPU Power Monitor]
Súbor 12%
[?] PwSave.exe
Bez výrobcu
Spúšťa sa po štarte HKLM Run [ASUS Energy Saving]
Skrytý modul: 015E0000h H:\Program Files\ASUS\AI Suite\EnergySaving\AnimationView.dll
Súbor 25%
[?] ButtonMonitor.exe
Bez výrobcu
Spúšťa sa po štarte HKLM Run [ButtonMonitor]
Skrytý modul: 10000000h H:\Program Files\Labtec\Keyboard\V5.1\KBDDL32A.DLL
Súbor 7%
[?] issch.exe
Bez výrobcu
Spúšťa sa po štarte HKLM Run [ISUSScheduler]
Nemá okno
Súbor 7%
[R] TBPANEL.exe
Spúšťa sa po štarte HKLM Run [TBPanel]
[S] rundll32.exe
Spúšťa sa po štarte HKLM Run [NvCplDaemon]
[?] KBDAP32A.EXE
Bez výrobcu
Spúšťa sa po štarte HKLM Run [OFFICEKB]
EntryPoint v sekcii: CODE
|_ Celkový počet sekcií: 8
Súbor 63%
[?] RTHDCPL.exe
Bez výrobcu
Spúšťa sa po štarte HKLM Run [RTHDCPL]
[?] aaCenter.exe
Bez výrobcu
Súbor 12%
[?] qttask.exe
Bez výrobcu
Spúšťa sa po štarte HKLM Run [QuickTime Task]
Skrytý modul: 676F0000h H:\WINDOWS\system32\QuickTime\QuickTimeStreamingExtras.qtx
Súbor 7%
[?] nod32kui.exe
Bez výrobcu
Spúšťa sa po štarte HKLM Run [nod32kui]
Súbor 14%
[S] ctfmon.exe
Spúšťa sa po štarte HKCU Run [CTFMON.EXE]
Skrytý modul: 773C0000h H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[?] StyleXP.exe
Bez výrobcu
Spúšťa sa po štarte HKCU Run [STYLEXP]
Súbor 7%
[?] NMBgMonitor.exe
Bez výrobcu
Spúšťa sa po štarte HKCU Run [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
Súbor 7%
[R] TeaTimer.exe
Spúšťa sa po štarte HKCU Run [SpybotSD TeaTimer]
EntryPoint v sekcii: .ITEXT
|_ Celkový počet sekcií: 10
[?] NMIndexStoreSvr.exe
Bez výrobcu
Súbor 7%
[?] Monitor.exe
Bez výrobcu
Spúšťa sa po štarte HKCU Run [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
Súbor 12%
Po spustení
================================================================
HKLM Run: 20:57:24 27.07. 2008
HKCU Run: 10:06:19 27.07. 2008
HKCU RunOnce: 21:16:28 26.07. 2008
HKCU Run
|_ [?][STYLEXP] H:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
| |_ MD5: 636A1A04D7033DED923FC151BD0219AE
| |_ Výrobca:
|
|_ [R][AlcoholAutomount] H:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe /automount
| |_ MD5: A1B197E5E3914A10596B0E28A4F310E4
| |_ Výrobca: Alcohol Soft Development Team
|
|_ [?][BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
| |_ MD5: 7824452741212AF839EA61A9E9F1EA0B
| |_ Výrobca: Nero AG
|
|_ [S][MSMSGS] H:\Program Files\Messenger\msmsgs.exe /background
|_ MD5: C409470435C4A09CFE8BB63DF3DC7AF4
|_ Výrobca: Microsoft Corporation
HKLM Run
|_ [?][Ai Nap] H:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
| |_ MD5: 6860AAA8D8434D34A43F0AF721151AED
| |_ Výrobca:
|
|_ [?][CPU Power Monitor] H:\Program Files\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe
| |_ MD5: F8AD38B9C87E7303C587E1983A069C08
| |_ Výrobca:
|
|_ [?][Cpu Level Up help] H:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe
| |_ MD5: A053F83A03990006B2B032CF9F61F50E
| |_ Výrobca:
|
|_ [?][ASUS Energy Saving] H:\Program Files\ASUS\AI Suite\EnergySaving\PwSave.exe
| |_ MD5: 0E5C355157948BC2CEDA4798C692FED3
| |_ Výrobca:
|
|_ [?][ButtonMonitor] H:\Program Files\IOI\IOI\ButtonMonitor.exe
| |_ MD5: 4228A7207B28AD19101E680219311F6E
| |_ Výrobca:
|
|_ [?][ISUSPM Startup] H:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
| |_ MD5: 81061E94950A18093E0FFD0841896F22
| |_ Výrobca: InstallShield Software Corporation
|
|_ [?][ISUSScheduler] H:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -start
| |_ MD5: 872B3D5F6F9F9BDFD6A83EE8AA5824B4
| |_ Výrobca: InstallShield Software Corporation
|
|_ [R][TBPanel] H:\Program Files\XpertVision\TBPanel.exe /A
| |_ MD5: 0C151ACBECFFD8A05618A84CFBC95EE4
| |_ Výrobca: Xpertvision, Inc.
|
|_ [?][NvCplDaemon] H:\WINDOWS\system32\NvCpl.dll ,NvStartup
| |_ MD5: E645F5D0D91A4CBF7BB23EAA94AFE29B
| |_ Výrobca: NVIDIA Corporation
|
|_ [?][nwiz] nwiz.exe /install
| |_ MD5:
| |_ Výrobca: ?
|
|_ [?][NvMediaCenter] H:\WINDOWS\system32\NvMcTray.dll ,NvTaskbarInit
| |_ MD5: 69290C55682CE2686A524B339017C29A
| |_ Výrobca: NVIDIA Corporation
|
|_ [!][OFFICEKB] H:\Program Files\Labtec\Keyboard\V5.1\kbdap32a.exe
| |_ MD5: A2704E47F9AC4CB6469D22A72B477A66
| |_ Výrobca:
|
|_ [?][RTHDCPL] H:\WINDOWS\RTHDCPL.EXE
| |_ MD5: 32C139FC0363681804EFF9394CD6B1B8
| |_ Výrobca: Realtek Semiconductor Corp.
|
|_ [?][Alcmtr] H:\WINDOWS\ALCMTR.EXE
| |_ MD5: 8B4CBBA1EA526830C7F97E7822E2493A
| |_ Výrobca: Realtek Semiconductor Corp.
|
|_ [?][PCSuiteTrayApplication] H:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
| |_ MD5: 37192DB9D21491B6C923473CC9739DD1
| |_ Výrobca: Nokia
|
|_ [?][QuickTime Task] H:\Program Files\QuickTime\qttask.exe -atboottime
| |_ MD5: FC9F5C5D87D0A6D1E10773D20CB3C3EF
| |_ Výrobca: Apple Computer, Inc.
|
|_ [?][NeroFilterCheck] H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
| |_ MD5: C93AB037A8C792D5F8A1A9FC88A7C7C5
| |_ Výrobca: Nero AG
|
|_ [?][nod32kui] H:\Program Files\Eset\nod32kui.exe /WAITSERVICE
| |_ MD5: 3F0785BCC78224A50F31FBE794B6337D
| |_ Výrobca: Eset
|
|_ [X][ICQ Lite] H:\Program Files\ICQLite\ICQLite.exe -minimize (Súbor nebol nájdený)
HKLM ShellServiceObjectDelayLoad
|_ [X][eqvwamkl] H:\WINDOWS\eqvwamkl.dll (Súbor nebol nájdený)
|_ [X][wnslvxtf] H:\WINDOWS\wnslvxtf.dll (Súbor nebol nájdený)
HKU Run
|_ [?][Nokia.PCSync] H:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
|_ MD5: 9BE8BA4D4EF5F5213684AF159BBC9C5C
|_ Výrobca: Time Information Services Ltd.
Po spustení
|_ H:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
|_ MD5: D0C52918614D9BC91C1611698A03C967
|_ Výrobca:
HKLM BHO
|_ [?][{C333CF63-767F-4831-94AC-E683D962C63C}] H:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
|_ MD5: 107CC933CCB8FC9AD8F2160657B9D6D6
|_ Výrobca:
HKLM IE Toolbar
|_ [X][{AAA5ED69-49AD-454A-AED3-0C23B8C4E202}] H:\WINDOWS\fdkowvbp.dll (Súbor nebol nájdený)
Služby (Zobraz bežiace: True, Zobraz zastavené: False, Zobraz i služby Microsoftu: False)
================================================================
[?] B's Recorder GOLD Library General Service
|_ Cesta: H:\WINDOWS\system32\bgsvcgen.exe
| |_ Výrobca: B.H.A Corporation
| |_ Popis: B's Recorder GOLD Service Library
| |_ MD5: 71489FA2C4A238F178E30AE6E4449013
|
|_ Meno: bgsvcgen
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Win32 Own Process
|_ Dependency:
[X] MRU Web Service
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe -k runservice
| |_ Výrobca:
| |_ Popis:
| |_ MD5:
|
|_ Meno: MRUWebService
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Win32 Own Process
|_ Dependency: Tcpip
[?] NOD32 Kernel Service
|_ Cesta: H:\Program Files\Eset\nod32krn.exe
| |_ Výrobca: Eset
| |_ Popis: NOD32 Kernel Service
| |_ MD5: 9B18F31C059C5F061D6C628E0A771EC1
|
|_ Meno: NOD32krn
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ:
|_ Dependency:
[?] NVIDIA Display Driver Service
|_ Cesta: H:\WINDOWS\system32\nvsvc32.exe
| |_ Výrobca: NVIDIA Corporation
| |_ Popis: NVIDIA Driver Helper Service, Version 171.16
| |_ MD5: 74D8BE0A343D71F83B5A5485F8894F7E
|
|_ Meno: NVSvc
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Win32 Own Process
|_ Dependency:
[?] StarWind AE Service
|_ Cesta: H:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
| |_ Výrobca: Rocket Division Software
| |_ Popis: StarWind iSCSI Target (Alcohol Edition)
| |_ MD5: B1691AF4A072CB674D600DB16DD7308E
|
|_ Meno: StarWindServiceAE
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Win32 Own Process
|_ Dependency:
[?] StyleXPService
|_ Cesta: H:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
| |_ Výrobca:
| |_ Popis: StyleXPService Module
| |_ MD5: 564286A42AF81FB2B61EED32FCDE020C
|
|_ Meno: StyleXPService
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ:
|_ Dependency: RPCSS
Ovládače (Zobraz bežiace: True, Zobraz zastavené: False, Zobraz i služby Microsoftu: False)
================================================================
[?] AMON
|_ Cesta: H:\WINDOWS\system32\drivers\amon.sys
| |_ Výrobca: Eset
| |_ Popis: Amon monitor
| |_ MD5: D2C4B2BD75EB35E1E0DA7AD3B65D24D2
|
|_ Meno: AMON
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:
[?] NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller
|_ Cesta: H:\WINDOWS\system32\DRIVERS\l151x86.sys
| |_ Výrobca: Atheros Communications, Inc.
| |_ Popis: Atheros L1 Gigabit Ethernet Controller ndis miniport driver
| |_ MD5: 0907A12341E56DDA7B22F8FD116A981D
|
|_ Meno: AtcL001
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:
[?] Microsoft UAA Bus Driver for High Definition Audio
|_ Cesta: H:\WINDOWS\system32\DRIVERS\HDAudBus.sys
| |_ Výrobca: Windows (R) Server 2003 DDK provider
| |_ Popis: High Definition Audio Bus Driver v1.0a
| |_ MD5: 3FCC124B6E08EE0E9351F717DD136939
|
|_ Meno: HDAudBus
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:
[?] Service for Realtek HD Audio (WDM)
|_ Cesta: H:\WINDOWS\system32\drivers\RtkHDAud.sys
| |_ Výrobca: Realtek Semiconductor Corp.
| |_ Popis: Realtek(r) High Definition Audio Function Driver
| |_ MD5: CBDDAB14249B2F05407FC09AB8FFFB88
|
|_ Meno: IntcAzAudAddService
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:
[?] LGDDCDevice
|_ Cesta: H:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys
| |_ Výrobca:
| |_ Popis:
| |_ MD5: 94B28885A72E127374CB113D13163B68
|
|_ Meno: LGDDCDevice
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:
[?] ATK0110 ACPI UTILITY
|_ Cesta: H:\WINDOWS\system32\DRIVERS\ASACPI.sys
| |_ Výrobca:
| |_ Popis: ATK0110 ACPI Utility
| |_ MD5: D48659BB24C48345D926ECB45C1EBDF5
|
|_ Meno: MTsensor
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:
[?] mv61xx
|_ Cesta: H:\WINDOWS\system32\DRIVERS\mv61xx.sys
| |_ Výrobca: Marvell Semiconductor, Inc.
| |_ Popis: Marvell Thor and Odin Windows Driver
| |_ MD5: 86944F540289E16298AF4F5B1C45FA4E
|
|_ Meno: mv61xx
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:
[?] nv
|_ Cesta: H:\WINDOWS\system32\DRIVERS\nv4_mini.sys
| |_ Výrobca: NVIDIA Corporation
| |_ Popis: NVIDIA Compatible Windows 2000 Miniport Driver, Version 171.16
| |_ MD5: 0995E2780209C032A227E507AC4C86D2
|
|_ Meno: nv
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:
[?] Direct Parallel Link Driver
|_ Cesta: H:\WINDOWS\system32\DRIVERS\ptilink.sys
| |_ Výrobca: Parallel Technologies, Inc.
| |_ Popis: Parallel Technologies DirectParallel IO Library
| |_ MD5: 80D317BD1C3DBC5D4FE7B1678C60CADD
|
|_ Meno: Ptilink
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:
[?] Trek 310
|_ Cesta: H:\WINDOWS\system32\DRIVERS\snpstd2.sys
| |_ Výrobca:
| |_ Popis: PC Camera driver
| |_ MD5: 68071A3F784A31E9A386BD6F0A548F3B
|
|_ Meno: snpstd2
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:
[?] sptd
|_ Cesta: H:\WINDOWS\System32\Drivers\sptd.sys
| |_ Výrobca:
| |_ Popis:
| |_ MD5:
|
|_ Meno: sptd
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:
[?] StyleXPHelper
|_ Cesta: H:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe
| |_ Výrobca: Windows (R) 2000 DDK provider
| |_ Popis: StyleXP
| |_ MD5: 7E40B43922B2896F40A5930AF7489C60
|
|_ Meno: StyleXPHelper
|_ StartName:
|_ Typ spúšťania: System Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:
lNetStat
================================================================
Typ PID Proces Lokální <-> Vzdálená Stav
-------------------------------------------------------------------------------------
TCP (1040) svchost.exe 0.0.0.0:135 LISTENING
TCP (4) Systém 0.0.0.0:445 LISTENING
TCP (2188) tarWindServiceAE.exe0.0.0.0:3260 LISTENING
TCP (2188) tarWindServiceAE.exe0.0.0.0:3261 LISTENING
TCP (1732) Apache.exe 0.0.0.0:8099 LISTENING
TCP (2616) alg.exe 127.0.0.1:1025 LISTENING
TCP (304) firefox.exe 127.0.0.1:1372 <-> 127.0.0.1:1373 ESTABLISHED
TCP (304) firefox.exe 127.0.0.1:1373 <-> 127.0.0.1:1372 ESTABLISHED
TCP (304) firefox.exe 127.0.0.1:1374 <-> 127.0.0.1:1375 ESTABLISHED
TCP (304) firefox.exe 127.0.0.1:1375 <-> 127.0.0.1:1374 ESTABLISHED
TCP (4) Systém 192.168.2.101:139 LISTENING
UDP (4) Systém 0.0.0.0:445 <-> 199.7.54.190:80 ESTABLISHED
UDP (804) lsass.exe 0.0.0.0:500
UDP (1296) svchost.exe 0.0.0.0:1034
UDP (1296) svchost.exe 0.0.0.0:1079
UDP (804) lsass.exe 0.0.0.0:4500
UDP (1152) svchost.exe 127.0.0.1:123
UDP (1364) svchost.exe 127.0.0.1:1900
UDP (1152) svchost.exe 192.168.2.101:123
UDP (4) Systém 192.168.2.101:137
UDP (4) Systém 192.168.2.101:138
UDP (1364) svchost.exe 192.168.2.101:1900
Moduly (Zobraz i DLL Microsoftu: False, Len bez výrobcu: True, Zobraz registrované: False)
================================================================
[?] imon.dll
|_ Cesta: H:\WINDOWS\system32\imon.dll
|_ MD5: 99F34C8575A8F222D48D275653E7C4ED
|_ Výrobca: Eset
|_ Procesy
|_ lsass.exe (804)
|_ svchost.exe (1040)
|_ svchost.exe (1152)
|_ svchost.exe (1296)
|_ svchost.exe (1364)
|_ Apache.exe (1732)
|_ nod32krn.exe (1772)
|_ Apache.exe (1860)
|_ StarWindServiceAE.exe (2188)
|_ alg.exe (2616)
|_ firefox.exe (304)
|_ upm.exe (4040)
[?] pr_imon.dll
|_ Cesta: H:\Program Files\ESET\pr_imon.dll
|_ MD5: BF47F2EF0C53DEE8D0CF9CF0B5F8D531
|_ Výrobca:
|_ Procesy
|_ lsass.exe (804)
|_ svchost.exe (1040)
|_ svchost.exe (1152)
|_ svchost.exe (1296)
|_ svchost.exe (1364)
|_ Apache.exe (1732)
|_ nod32krn.exe (1772)
|_ Apache.exe (1860)
|_ StarWindServiceAE.exe (2188)
|_ alg.exe (2616)
|_ nod32kui.exe (3612)
|_ firefox.exe (304)
|_ upm.exe (4040)
[?] lmablmpm.dll
|_ Cesta: H:\WINDOWS\system32\LMablmpm.dll
|_ MD5: 9AC5185955EEE477A9DFF5C535631514
|_ Výrobca:
|_ Procesy
|_ spoolsv.exe (1540)
[?] php5ts.dll
|_ Cesta: H:\WINDOWS\system32\php5ts.dll
|_ MD5: 4D8F0F900E47A58D9A0D9077C3171218
|_ Výrobca: The PHP Group
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] php_gettext.dll
|_ Cesta: H:\Program Files\Marvell\61xx\php\ext\php_gettext.dll
|_ MD5: F2E273B2171661A0D27B27FC3BF2009A
|_ Výrobca: The PHP Group
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] php_zraidapi.dll
|_ Cesta: H:\Program Files\Marvell\61xx\php\ext\php_zraidapi.dll
|_ MD5: 5B7B1D3085E1E056F024D23A924C0C07
|_ Výrobca: ZApps
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mv_api.dll
|_ Cesta: H:\WINDOWS\system32\mv_api.dll
|_ MD5: 33954DD884062D608E8EE798BF381231
|_ Výrobca: Marvell
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] zraidapi.dll
|_ Cesta: H:\WINDOWS\system32\zraidapi.dll
|_ MD5: 68E5EE18E441172AB123A5C3C6A60322
|_ Výrobca: ZApps
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] php5apache2_2.dll
|_ Cesta: H:\Program Files\Marvell\61xx\php\php5apache2_2.dll
|_ MD5: 775AD18BC7C01962A481288074C8E993
|_ Výrobca: The PHP Group
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] libapriconv-1.dll
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\bin\libapriconv-1.dll
|_ MD5: BC72ED2B86E05BBEFF97359DF7AC66C2
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] libaprutil-1.dll
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\bin\libaprutil-1.dll
|_ MD5: A241DD474D5C2EF06501855971273520
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] libapr-1.dll
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\bin\libapr-1.dll
|_ MD5: EDD2128B263B0DC41D5E39C5C5DDC371
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_authz_user.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_authz_user.so
|_ MD5: 116722F12B893B5C3752692AEE3C2962
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_authz_host.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_authz_host.so
|_ MD5: 5573027648F5B9787AEECEC94FF23457
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_authz_groupfile.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_authz_groupfile.so
|_ MD5: 1BD168AE5CDFC0E46604C3D82FF3B0E7
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_authz_default.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_authz_default.so
|_ MD5: 8F51424E0D354BC96B1A6DE9527293A3
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_authn_file.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_authn_file.so
|_ MD5: 43CB5099934CB931B93FCB61E27BBB15
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_authn_default.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_authn_default.so
|_ MD5: 25D7E6BE073BF3F13AFEC68DF721B7C7
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_userdir.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_userdir.so
|_ MD5: 31E8CAD4D71121275DE401C7239D8120
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_setenvif.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_setenvif.so
|_ MD5: CABE092D073854A1838AD9D362C3F003
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_negotiation.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_negotiation.so
|_ MD5: 724A6CC7A32F472411E2ED01B101E832
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_mime.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_mime.so
|_ MD5: 95CE895FF3BB40037DBDE13DE8152C60
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_log_config.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_log_config.so
|_ MD5: 1F5E2D2923689639C59453BC3B8002D8
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_isapi.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_isapi.so
|_ MD5: 63604471E2E26E5DF63B089A9632161C
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_include.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_include.so
|_ MD5: F6662D7120E1F863C4078D9E52942989
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_imagemap.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_imagemap.so
|_ MD5: E642199A36CFA4084381B76872EF513F
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_env.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_env.so
|_ MD5: 1B64E8589E4038630E0B4DE5DC832ECC
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_dir.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_dir.so
|_ MD5: C74564ADE46F99CBDBD67E408CA544A5
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_cgi.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_cgi.so
|_ MD5: 0CE36E1029B3189145E1637870DA48C9
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_autoindex.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_autoindex.so
|_ MD5: 84F5D8A2FF0AE2A7CD2240C219D2075B
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_asis.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_asis.so
|_ MD5: A2938A206D63D36F7BF6EE6E8D0C1407
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_alias.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_alias.so
|_ MD5: 7CF8E27B449B521A2FD84512FE9B7FD0
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_actions.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_actions.so
|_ MD5: 2B6AB3DFE24473BD061EEF0BC314C336
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] mod_auth_basic.so
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\modules\mod_auth_basic.so
|_ MD5: AC3710EFFF17DFF44597B5CB82060B6F
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] libhttpd.dll
|_ Cesta: H:\Program Files\Marvell\61xx\Apache2\bin\libhttpd.dll
|_ MD5: BD79C1004C81C09BFF1C22DCC5E3C816
|_ Výrobca: Apache Software Foundation
|_ Procesy
|_ Apache.exe (1732)
|_ Apache.exe (1860)
[?] nod32krr.dll
|_ Cesta: H:\Program Files\ESET\nod32krr.dll
|_ MD5: 3AE65077854EA96C9039F59F6ACBA4BA
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1772)
[?] ps_upd.dll
|_ Cesta: H:\Program Files\ESET\ps_upd.dll
|_ MD5: 841033E1277AB63E9D5E7C0860EB0297
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1772)
[?] pr_upd.dll
|_ Cesta: H:\Program Files\ESET\pr_upd.dll
|_ MD5: 9AB3344F2E5A638B3CF1923588D6F7B5
|_ Výrobca:
|_ Procesy
|_ nod32krn.exe (1772)
|_ nod32kui.exe (3612)
[?] ps_amon.dll
|_ Cesta: H:\Program Files\ESET\ps_amon.dll
|_ MD5: 846826A744C1F09B77CE57F9323B33FD
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1772)
[?] pr_amon.dll
|_ Cesta: H:\Program Files\ESET\pr_amon.dll
|_ MD5: C3138D0400C37357D0D09921BB1CA74E
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1772)
|_ nod32kui.exe (3612)
[?] ps_nod32.dll
|_ Cesta: H:\Program Files\ESET\ps_nod32.dll
|_ MD5: 231624AFE8DBB23EA51DFB9DE2B65210
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1772)
[?] pr_nod32.dll
|_ Cesta: H:\Program Files\ESET\pr_nod32.dll
|_ MD5: 7FCE05AB1EFCA75AF5C360130EB5F4CB
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1772)
|_ explorer.exe (3292)
|_ nod32kui.exe (3612)
[?] ps_dmon.dll
|_ Cesta: H:\Program Files\ESET\ps_dmon.dll
|_ MD5: 4DAB3A374EECED54199042A7F5E4648F
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1772)
[?] pr_dmon.dll
|_ Cesta: H:\Program Files\ESET\pr_dmon.dll
|_ MD5: FFF8E5F9233E14AF37B9BA361F6D1655
|_ Výrobca:
|_ Procesy
|_ nod32krn.exe (1772)
|_ nod32kui.exe (3612)
[?] ps_emon.dll
|_ Cesta: H:\Program Files\ESET\ps_emon.dll
|_ MD5: EEAF4C883E320D9A3A96E0737F04FF96
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1772)
[?] pr_emon.dll
|_ Cesta: H:\Program Files\ESET\pr_emon.dll
|_ MD5: 191801124222BC8DB7A716D246A14B6B
|_ Výrobca:
|_ Procesy
|_ nod32krn.exe (1772)
|_ nod32kui.exe (3612)
[?] nvapi.dll
|_ Cesta: H:\WINDOWS\system32\nvapi.dll
|_ MD5: 04AA749A4FEC9F99BF770713E6F3F5D9
|_ Výrobca: NVIDIA Corporation
|_ Procesy
|_ nvsvc32.exe (1784)
|_ explorer.exe (3292)
|_ TBPANEL.exe (3472)
|_ Monitor.exe (3860)
[?] nbshell.dll
|_ Cesta: H:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
|_ MD5: C96ECBFA2E7ADAAB6952F32799781AE1
|_ Výrobca: Nero AG
|_ Procesy
|_ explorer.exe (3292)
[?] nodshex.dll
|_ Cesta: H:\Program Files\ESET\nodshex.dll
|_ MD5: 4F7255E5B2DC38EEED7C4D864B24760D
|_ Výrobca: Eset
|_ Procesy
|_ explorer.exe (3292)
[?] msvcr71.dll
|_ Cesta: H:\Program Files\Nero\Nero 7\Nero BackItUp\msvcr71.dll
|_ MD5: 86F1895AE8C5E8B17D99ECE768A70732
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ explorer.exe (3292)
|_ NMBgMonitor.exe (3720)
|_ NMIndexStoreSvr.exe (3832)
|_ wmplayer.exe (2772)
[?] icqliteshell.dll
|_ Cesta: H:\Program Files\ICQLite\ICQLiteShell.dll
|_ MD5: 273DDC2DA10A9FBAF59B4F0446B00246
|_ Výrobca: Copyright 2002
|_ Procesy
|_ explorer.exe (3292)
[?] cmdlineext.dll
|_ Cesta: H:\WINDOWS\system32\CmdLineExt.dll
|_ MD5: EA3E6A1B51CA1574C934E27157ED6099
|_ Výrobca: Sony DADC Austria AG.
|_ Procesy
|_ explorer.exe (3292)
[?] tbpanelext.dll
|_ Cesta: H:\Program Files\XpertVision\TBPanelExt.dll
|_ MD5: 8A02616D3F78E313725C9671B4AA2953
|_ Výrobca: Copyright 2006
|_ Procesy
|_ explorer.exe (3292)
[!] pashlext.dll
|_ Cesta: H:\Program Files\PowerArchiver\PASHLEXT.DLL
|_ MD5: D89FEF3EE9A1FCEB0715D00901D51B12
|_ Výrobca: ConeXware, Inc.
|_ Procesy
|_ explorer.exe (3292)
[?] contextmenu.dll
|_ Cesta: H:\Program Files\LG Soft India\forteManager\bin\ContextMenu.dll
|_ MD5: 10C8F568305A78DB718053C481CE7075
|_ Výrobca: Copyright 2006
|_ Procesy
|_ explorer.exe (3292)
[?] nvcpl.dll
|_ Cesta: H:\WINDOWS\system32\nvcpl.dll
|_ MD5: E645F5D0D91A4CBF7BB23EAA94AFE29B
|_ Výrobca: NVIDIA Corporation
|_ Procesy
|_ explorer.exe (3292)
|_ TBPANEL.exe (3472)
[?] nvshell.dll
|_ Cesta: H:\WINDOWS\system32\nvshell.dll
|_ MD5: 85432161E2966E5EB9AB94811837FACF
|_ Výrobca: ?
|_ Procesy
|_ explorer.exe (3292)
[?] kbddl32a.dll
|_ Cesta: H:\Program Files\Labtec\Keyboard\V5.1\KBDDL32A.DLL
|_ MD5: B5B833800B1FF77F982B5929166DF10A
|_ Výrobca: Copyright © 2003 By LEE,WEI-BIN.
|_ Procesy
|_ explorer.exe (3292)
|_ ButtonMonitor.exe (3440)
|_ KBDAP32A.EXE (3520)
|_ nod32kui.exe (3612)
[?] pu_nod32.dll
|_ Cesta: H:\Program Files\ESET\pu_nod32.dll
|_ MD5: B73F183DF44956A2210048E82DBB0D85
|_ Výrobca: Eset
|_ Procesy
|_ explorer.exe (3292)
|_ nod32kui.exe (3612)
[?] mfc71u.dll
|_ Cesta: H:\Program Files\Nero\Nero 7\Nero BackItUp\mfc71u.dll
|_ MD5: 7B93C623333F121DC9E689CCB1B7A733
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ explorer.exe (3292)
[?] msvcp71.dll
|_ Cesta: H:\Program Files\Nero\Nero 7\Nero BackItUp\msvcp71.dll
|_ MD5: 561FA2ABB31DFA8FAB762145F81667C2
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ explorer.exe (3292)
|_ NMBgMonitor.exe (3720)
|_ NMIndexStoreSvr.exe (3832)
|_ wmplayer.exe (2772)
[?] ainap.dll
|_ Cesta: H:\Program Files\ASUS\AI Suite\AiNap\AiNap.dll
|_ MD5: D7528BFF27EDBD897B5ED70856F76343
|_ Výrobca: ?
|_ Procesy
|_ AiNap.exe (3408)
[?] aigear.dll
|_ Cesta: H:\Program Files\ASUS\AI Suite\AiGear3\AiGear.dll
|_ MD5: 518D23B72971288EAA9314DFF1C56C12
|_ Výrobca: AsusTek Inc.
|_ Procesy
|_ CpuPowerMonitor.exe (3416)
[?] aasp.dll
|_ Cesta: H:\Program Files\ASUS\AASP\1.00.59\aasp.dll
|_ MD5: 72F7912E5A8E9BEB2E79B369F3481527
|_ Výrobca:
|_ Procesy
|_ PwSave.exe (3432)
[?] animationview.dll
|_ Cesta: H:\Program Files\ASUS\AI Suite\EnergySaving\AnimationView.dll
|_ MD5: DC7CE7313A0920059ECB0DA3E5CF4D44
|_ Výrobca:
|_ Procesy
|_ PwSave.exe (3432)
[?] gwlib.dll
|_ Cesta: H:\Program Files\XpertVision\GWLIB.DLL
|_ MD5: 532C0663E856D5923F7D369D7DC84E6C
|_ Výrobca: Gainward
|_ Procesy
|_ TBPANEL.exe (3472)
[?] tbmanage.dll
|_ Cesta: H:\Program Files\XpertVision\TBMANAGE.DLL
|_ MD5: ABC15D3BD68D48CA30124EAB016B71E0
|_ Výrobca:
|_ Procesy
|_ TBPANEL.exe (3472)
[?] nvmctray.dll
|_ Cesta: H:\WINDOWS\system32\nvmctray.dll
|_ MD5: 69290C55682CE2686A524B339017C29A
|_ Výrobca: NVIDIA Corporation
|_ Procesy
|_ rundll32.exe (3496)
[?] powerdll.dll
|_ Cesta: H:\Program Files\ASUS\AASP\1.00.59\PowerDll.dll
|_ MD5: 5BCCC840813C6D10062DCBB0C08A7394
|_ Výrobca:
|_ Procesy
|_ aaCenter.exe (3536)
[?] cpuutil.dll
|_ Cesta: H:\Program Files\ASUS\AASP\1.00.59\cpuutil.dll
|_ MD5: 06293528D04E9FA1A62D7F5613EFB239
|_ Výrobca:
|_ Procesy
|_ aaCenter.exe (3536)
[?] asio.dll
|_ Cesta: H:\WINDOWS\system32\AsIO.dll
|_ MD5: 212F87EE837B4E35E43A93BBFC44E7A7
|_ Výrobca: Copyright (C) 2004
|_ Procesy
|_ aaCenter.exe (3536)
[?] quicktime.qts
|_ Cesta: H:\WINDOWS\system32\QuickTime.qts
|_ MD5: 3F700EBFC389B700FD95B48FC0182E48
|_ Výrobca: Apple Computer, Inc.
|_ Procesy
|_ qttask.exe (3588)
[?] quicktimestreaming.qtx
|_ Cesta: H:\WINDOWS\system32\QuickTime\QuickTimeStreaming.qtx
|_ MD5: 255A059C7F197820FF992A7625813BD8
|_ Výrobca: Apple Computer, Inc.
|_ Procesy
|_ qttask.exe (3588)
[?] quicktimeinternetextras.qtx
|_ Cesta: H:\WINDOWS\system32\QuickTime\QuickTimeInternetExtras.qtx
|_ MD5: F7BC9AFE6F05A4F6C43520D376A12686
|_ Výrobca: Apple Computer, Inc.
|_ Procesy
|_ qttask.exe (3588)
[?] quicktimeauthoring.qtx
|_ Cesta: H:\WINDOWS\system32\QuickTime\QuickTimeAuthoring.qtx
|_ MD5: 0040DE40FAA1D30A85FC41E40B699B0E
|_ Výrobca: Apple Computer, Inc.
|_ Procesy
|_ qttask.exe (3588)
[?] quicktimecapture.qtx
|_ Cesta: H:\WINDOWS\system32\QuickTime\QuickTimeCapture.qtx
|_ MD5: F2B596CF8DC270117211A592B8C0F68F
|_ Výrobca: Apple Computer, Inc.
|_ Procesy
|_ qttask.exe (3588)
[?] quicktimeeffects.qtx
|_ Cesta: H:\WINDOWS\system32\QuickTime\QuickTimeEffects.qtx
|_ MD5: 3B7C05C591B19E15760FFBD33B022991
|_ Výrobca: Apple Computer, Inc.
|_ Procesy
|_ qttask.exe (3588)
[?] quicktimeimage.qtx
|_ Cesta: H:\WINDOWS\system32\QuickTime\QuickTimeImage.qtx
|_ MD5: 6CD236001CEF0F4DF35027B061A129F3
|_ Výrobca: Apple Computer, Inc.
|_ Procesy
|_ qttask.exe (3588)
[?] quicktimemusic.qtx
|_ Cesta: H:\WINDOWS\system32\QuickTime\QuickTimeMusic.qtx
|_ MD5: 1850B6621523E527D346DB00BB50ED52
|_ Výrobca: Apple Computer, Inc.
|_ Procesy
|_ qttask.exe (3588)
[?] quicktimempeg.qtx
|_ Cesta: H:\WINDOWS\system32\QuickTime\QuickTimeMPEG.qtx
|_ MD5: 9AE7B0BBE6F5BBB243B5504C10C18BA7
|_ Výrobca: Apple Computer, Inc
|_ Procesy
|_ qttask.exe (3588)
[?] quicktimeessentials.qtx
|_ Cesta: H:\WINDOWS\system32\QuickTime\QuickTimeEssentials.qtx
|_ MD5: 55847F5DB7D5D3ABB8520C54F7FD1085
|_ Výrobca: Apple Computer, Inc.
|_ Procesy
|_ qttask.exe (3588)
[?] quicktimempeg4.qtx
|_ Cesta: H:\WINDOWS\system32\QuickTime\QuickTimeMPEG4.qtx
|_ MD5: E0B019199FE9AA12C8B1804EBBC41BF0
|_ Výrobca: Apple Computer, Inc.
|_ Procesy
|_ qttask.exe (3588)
[?] quicktimempeg4authoring.qtx
|_ Cesta: H:\WINDOWS\system32\QuickTime\QuickTimeMPEG4Authoring.qtx
|_ MD5: 42A81A3AE978ADAC447385CAB7ABB191
|_ Výrobca: Apple Computer, Inc.
|_ Procesy
|_ qttask.exe (3588)
[?] quicktime3gpp.qtx
|_ Cesta: H:\WINDOWS\system32\QuickTime\QuickTime3GPP.qtx
|_ MD5: E157951D0FF4CA883B1C18981A0ECF9A
|_ Výrobca: Apple Computer, Inc.
|_ Procesy
|_ qttask.exe (3588)
[?] quicktimestreamingauthoring.qtx
|_ Cesta: H:\WINDOWS\system32\QuickTime\QuickTimeStreamingAuthoring.qtx
|_ MD5: EB7D3A7C4DC38C43ACB651FCEDA82DCF
|_ Výrobca: Apple Computer, Inc.
|_ Procesy
|_ qttask.exe (3588)
[?] quicktimestreamingextras.qtx
|_ Cesta: H:\WINDOWS\system32\QuickTime\QuickTimeStreamingExtras.qtx
|_ MD5: F7A88671741007D077B09CD7C1BB5597
|_ Výrobca: Apple Computer, Inc.
|_ Procesy
|_ qttask.exe (3588)
[?] nod32rui.dll
|_ Cesta: H:\Program Files\ESET\nod32rui.dll
|_ MD5: B69DB9188DE6D269D37B45857A43EFC3
|_ Výrobca:
|_ Procesy
|_ nod32kui.exe (3612)
[?] pu_upd.dll
|_ Cesta: H:\Program Files\ESET\pu_upd.dll
|_ MD5: 088A7CFD4092C9B2760ABB942611F036
|_ Výrobca: Eset
|_ Procesy
|_ nod32kui.exe (3612)
[?] pu_amon.dll
|_ Cesta: H:\Program Files\ESET\pu_amon.dll
|_ MD5: 6EA6C63932F4B8E4ACA91850A384FCBE
|_ Výrobca: Eset
|_ Procesy
|_ nod32kui.exe (3612)
[?] pu_imon.dll
|_ Cesta: H:\Program Files\ESET\pu_imon.dll
|_ MD5: AD38132E9497FE74009981BBE1678C2C
|_ Výrobca: Eset
|_ Procesy
|_ nod32kui.exe (3612)
[?] pu_dmon.dll
|_ Cesta: H:\Program Files\ESET\pu_dmon.dll
|_ MD5: AA3864DAB6B547FB7504DA5FB3BCA685
|_ Výrobca: Eset
|_ Procesy
|_ nod32kui.exe (3612)
[?] pu_emon.dll
|_ Cesta: H:\Program Files\ESET\pu_emon.dll
|_ MD5: D7C18B4AD54090DCFEE616DB5C59743A
|_ Výrobca: Eset
|_ Procesy
|_ nod32kui.exe (3612)
[?] nmindexstoresvrps.dll
|_ Cesta: H:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvrPS.dll
|_ MD5: 0B6B642BC9E93C8E03D330ADB2A359B9
|_ Výrobca: Nero AG
|_ Procesy
|_ NMBgMonitor.exe (3720)
|_ NMIndexStoreSvr.exe (3832)
[?] nmdataservices.dll
|_ Cesta: H:\Program Files\Common Files\Ahead\Lib\NMDataServices.dll
|_ MD5: 26D7F50A7D8E4EF98D4502510F724C88
|_ Výrobca: Nero AG
|_ Procesy
|_ NMBgMonitor.exe (3720)
|_ NMIndexStoreSvr.exe (3832)
[?] advrcntr2.dll
|_ Cesta: H:\Program Files\Common Files\Ahead\Lib\AdvrCntr2.dll
|_ MD5: 4D3891E338393D35B8D082DB655E7043
|_ Výrobca: Nero AG
|_ Procesy
|_ NMBgMonitor.exe (3720)
|_ wmplayer.exe (2772)
[?] nmlogcxx.dll
|_ Cesta: H:\Program Files\Common Files\Ahead\Lib\NMLogCxx.dll
|_ MD5: 0F659AB9B0FD81C0735648DD92FB3196
|_ Výrobca: Nero AG
|_ Procesy
|_ NMIndexStoreSvr.exe (3832)
[?] log4cxx.dll
|_ Cesta: H:\Program Files\Common Files\Ahead\Lib\log4cxx.dll
|_ MD5: BA2F8E8AB6C96649D19F1E35DF7347A5
|_ Výrobca: Nero AG
|_ Procesy
|_ NMIndexStoreSvr.exe (3832)
[?] nmcofoundation.dll
|_ Cesta: H:\Program Files\Common Files\Ahead\Lib\NMCoFoundation.dll
|_ MD5: 8B3C9995D97FB56549B90C3F599D4D83
|_ Výrobca: Nero AG
|_ Procesy
|_ NMIndexStoreSvr.exe (3832)
[?] nmpluginbase.dll
|_ Cesta: H:\Program Files\Common Files\Ahead\Lib\NMPluginBase.dll
|_ MD5: 331DE752A0259B57D3648587B6C3EF15
|_ Výrobca: Nero AG
|_ Procesy
|_ NMIndexStoreSvr.exe (3832)
[?] nmfulltextextraction.dll
|_ Cesta: H:\Program Files\Common Files\Ahead\Lib\NMFullTextExtraction.dll
|_ MD5: DDB4EF42C8030AAADC1D59D6718A0A7B
|_ Výrobca: Nero AG
|_ Procesy
|_ NMIndexStoreSvr.exe (3832)
[?] nmsearchpluginsimilarimages.dll
|_ Cesta: H:\Program Files\Common Files\Ahead\Lib\NMSearchPluginSimilarImages.dll
|_ MD5: 560ED45B9C209FC0CDBE288218615FAF
|_ Výrobca: Nero AG
|_ Procesy
|_ NMIndexStoreSvr.exe (3832)
[?] neroipp.dll
|_ Cesta: H:\Program Files\Common Files\Ahead\Lib\NeroIPP.dll
|_ MD5: 7629C00F5E4442257C639D478B0D0AAE
|_ Výrobca: Nero AG
|_ Procesy
|_ NMIndexStoreSvr.exe (3832)
[?] nmsqldb.dll
|_ Cesta: H:\Program Files\Common Files\Ahead\Lib\NMSQLDB.dll
|_ MD5: FA749A41E9584AE8E3C9E3B8BDFD0F28
|_ Výrobca: Nero AG
|_ Procesy
|_ NMIndexStoreSvr.exe (3832)
[?] errorhandler.dll
|_ Cesta: H:\Program Files\LG Soft India\forteManager\bin\ErrorHandler.dll
|_ MD5: 317EDB52622AE5F74C9D9AF77781943C
|_ Výrobca:
|_ Procesy
|_ Monitor.exe (3860)
[?] devicemanager.dll
|_ Cesta: H:\Program Files\LG Soft India\forteManager\bin\DeviceManager.dll
|_ MD5: 7E7A0F0AF7E7CEDA2E5295FEC159DDFC
|_ Výrobca:
|_ Procesy
|_ Monitor.exe (3860)
[?] protocolengine.dll
|_ Cesta: H:\Program Files\LG Soft India\forteManager\bin\ProtocolEngine.dll
|_ MD5: 2098CC8A08A1AE6D7892DE0E0F10DE02
|_ Výrobca:
|_ Procesy
|_ Monitor.exe (3860)
[?] acrhook.dll
|_ Cesta: H:\Program Files\LG Soft India\forteManager\bin\ACRHook.dll
|_ MD5: 1EB62ED0DDC3A28BA352E8C8F20114B6
|_ Výrobca:
|_ Procesy
|_ Monitor.exe (3860)
[?] shellmanager.dll
|_ Cesta: H:\Program Files\Common Files\Ahead\Lib\ShellManager.dll
|_ MD5: FED89105D52FCB6FE52727AA3F5CBACF
|_ Výrobca: Nero AG
|_ Procesy
|_ wmplayer.exe (2772)
[?] neroburnplugin.dll
|_ Cesta: H:\Program Files\Nero\Nero 7\Nero Fast CD-DVD Burning Plug-in\NeroBurnPlugin.dll
|_ MD5: 11F2D2785968E1365E9CDAFDF947C477
|_ Výrobca: Nero AG
|_ Procesy
|_ wmplayer.exe (2772)
[?] freebl3.dll
|_ Cesta: H:\Program Files\Mozilla Firefox\freebl3.dll
|_ MD5: B967979BDD38B12D34B6BFDB93843397
|_ Výrobca: Mozilla Foundation
|_ Procesy
|_ firefox.exe (304)
[?] softokn3.dll
|_ Cesta: H:\Program Files\Mozilla Firefox\softokn3.dll
|_ MD5: 9AAE6D084A4D17FCF3E9FCDEE95D7A29
|_ Výrobca: Mozilla Foundation
|_ Procesy
|_ firefox.exe (304)
[X] lde.dll
|_ Cesta: H:\Documents and Settings\Patrik Tokár\Plocha\LDE.dll
|_ MD5: 0F13A4173A599AAA15E3B270E5E27A7
_________________
OS: Microsoft Windows XP Professional- Service Pack 3
Monitor: LG 19", kontrast 10 000:1, 5ms, 4:3, 1440x900
PC zostava: Intel Core 2Duo E8200, 2666MHz(9x296), Bios AMI, grafika NVIDIA GeForce 9600GT (512MB), Realtek HD Audio (repraky GENIUS 3600W, 5.1), HDD SAMSUNG 500GB SATA 2, mechanika TSSTcorp SH-202J Samsung blue ray, Atheros L1 gigabit 10/100/1000Base |
|
Registrovaný: 12.06.08
Prihlásený: 16.09.10
Príspevky: 440
Témy: 4 | Napísal Kosak: 28.07.2008 22:41 | |
|
Spusti upm.exe -> Dalsie nastroje -> Po spusteni -> Zmaz hodnoty:
[eqvwamkl]
[wnslvxtf]
[{AAA5ED69-49AD-454A-AED3-0C23B8C4E202}]
Nevyzera, ze by tam bolo nieco beziace. Posli este log z ComboFix (sem) a SysInspectoru (na mail).
|
|
Registrovaný: 27.07.08
Prihlásený: 21.08.08
Príspevky: 38
Témy: 7
Bydlisko: Košice | Napísal autor témy toki: 28.07.2008 22:45 | |
|
zmazane...
ok ked povies kde to najdem poslem velmi rad 
_________________
OS: Microsoft Windows XP Professional- Service Pack 3
Monitor: LG 19", kontrast 10 000:1, 5ms, 4:3, 1440x900
PC zostava: Intel Core 2Duo E8200, 2666MHz(9x296), Bios AMI, grafika NVIDIA GeForce 9600GT (512MB), Realtek HD Audio (repraky GENIUS 3600W, 5.1), HDD SAMSUNG 500GB SATA 2, mechanika TSSTcorp SH-202J Samsung blue ray, Atheros L1 gigabit 10/100/1000Base |
|
Registrovaný: 12.06.08
Prihlásený: 16.09.10
Príspevky: 440
Témy: 4 | Napísal Kosak: 29.07.2008 0:23 | |
|
|
|
Registrovaný: 27.07.08
Prihlásený: 21.08.08
Príspevky: 38
Témy: 7
Bydlisko: Košice | Napísal autor témy toki: 29.07.2008 10:21 | |
|
ok, takze VIRUS ALERT je tam vzdy aj ked som vymazal toto co si mi vcera kazal....
<?xml version="1.0" encoding="utf-8" ?>
- <SYSTEMSTATUS EVAL="6" ITEMS_TOTAL="10953" STRIPPED="FALSE" START="080729-101420" END="080729-101500">
- <NODE NAME="SECTION" VALUE="Running Processes" NAME_CAPTION="Type" VALUE_CAPTION="Path" EXTRA_CAPTION="User Name" TR="V=4000;n=4001;v=4002;e=4006" TREE_ICON="1" PARENTS_ONLY="1" EVAL="5">
- <NODE NAME="Process" VALUE="system (0)" TR="N=4003" EXTRA="" EVAL="1">
<NODE EMPTY="1" EVAL="1" />
</NODE>
- <NODE NAME="Process" VALUE="system (4)" TR="N=4003" EXTRA="" EVAL="1">
<NODE EMPTY="1" EVAL="1" />
</NODE>
- <NODE NAME="Process" VALUE="smss.exe (676)" TR="N=4003" EXTRA="NT AUTHORITY\SYSTEM" LINK="654" EVAL="1" F="2">
<NODE NAME="Module" VALUE="\SystemRoot\System32\smss.exe" L="F" TR="N=4004" LINK="654" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ntdll.dll" L="F" TR="N=4004" LINK="541" EVAL="1" F="2" />
</NODE>
- <NODE NAME="Process" VALUE="csrss.exe (724)" TR="N=4003" EXTRA="NT AUTHORITY\SYSTEM" LINK="269" EVAL="1" F="2">
<NODE NAME="Module" VALUE="\??\H:\WINDOWS\system32\csrss.exe" L="F" TR="N=4004" LINK="269" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ntdll.dll" L="F" TR="N=4004" LINK="541" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\CSRSRV.dll" L="F" TR="N=4004" LINK="268" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\basesrv.dll" L="F" TR="N=4004" LINK="237" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\winsrv.dll" L="F" TR="N=4004" LINK="723" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USER32.dll" L="F" TR="N=4004" LINK="682" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\KERNEL32.dll" L="F" TR="N=4004" LINK="460" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\GDI32.dll" L="F" TR="N=4004" LINK="435" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\sxs.dll" L="F" TR="N=4004" LINK="663" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ADVAPI32.dll" L="F" TR="N=4004" LINK="225" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\RPCRT4.dll" L="F" TR="N=4004" LINK="617" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\Apphelp.dll" L="F" TR="N=4004" LINK="229" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\VERSION.dll" L="F" TR="N=4004" LINK="686" EVAL="1" F="2" />
</NODE>
- <NODE NAME="Process" VALUE="winlogon.exe (748)" TR="N=4003" EXTRA="NT AUTHORITY\SYSTEM" LINK="718" EVAL="1" F="2">
<NODE NAME="Module" VALUE="\??\H:\WINDOWS\system32\winlogon.exe" L="F" TR="N=4004" LINK="718" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ntdll.dll" L="F" TR="N=4004" LINK="541" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\kernel32.dll" L="F" TR="N=4004" LINK="460" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ADVAPI32.dll" L="F" TR="N=4004" LINK="225" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\RPCRT4.dll" L="F" TR="N=4004" LINK="617" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\AUTHZ.dll" L="F" TR="N=4004" LINK="235" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msvcrt.dll" L="F" TR="N=4004" LINK="516" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\CRYPT32.dll" L="F" TR="N=4004" LINK="260" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USER32.dll" L="F" TR="N=4004" LINK="682" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\GDI32.dll" L="F" TR="N=4004" LINK="435" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSASN1.dll" L="F" TR="N=4004" LINK="490" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NDdeApi.dll" L="F" TR="N=4004" LINK="527" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\PROFMAP.dll" L="F" TR="N=4004" LINK="580" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NETAPI32.dll" L="F" TR="N=4004" LINK="529" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USERENV.dll" L="F" TR="N=4004" LINK="683" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\PSAPI.DLL" L="F" TR="N=4004" LINK="581" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\REGAPI.dll" L="F" TR="N=4004" LINK="613" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\Secur32.dll" L="F" TR="N=4004" LINK="634" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SETUPAPI.dll" L="F" TR="N=4004" LINK="640" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\VERSION.dll" L="F" TR="N=4004" LINK="686" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINSTA.dll" L="F" TR="N=4004" LINK="724" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINTRUST.dll" L="F" TR="N=4004" LINK="725" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\IMAGEHLP.dll" L="F" TR="N=4004" LINK="445" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WS2_32.dll" L="F" TR="N=4004" LINK="738" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WS2HELP.dll" L="F" TR="N=4004" LINK="739" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSGINA.dll" L="F" TR="N=4004" LINK="497" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHELL32.dll" L="F" TR="N=4004" LINK="644" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHLWAPI.dll" L="F" TR="N=4004" LINK="648" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\COMCTL32.dll" L="F" TR="N=4004" LINK="255" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ODBC32.dll" L="F" TR="N=4004" LINK="559" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\comdlg32.dll" L="F" TR="N=4004" LINK="256" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll" L="F" TR="N=4004" LINK="760" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\odbcint.dll" L="F" TR="N=4004" LINK="560" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHSVCS.dll" L="F" TR="N=4004" LINK="651" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\sfc.dll" L="F" TR="N=4004" LINK="641" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\sfc_os.dll" L="F" TR="N=4004" LINK="642" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ole32.dll" L="F" TR="N=4004" LINK="561" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\Apphelp.dll" L="F" TR="N=4004" LINK="229" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINSCARD.DLL" L="F" TR="N=4004" LINK="721" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WTSAPI32.dll" L="F" TR="N=4004" LINK="747" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\sxs.dll" L="F" TR="N=4004" LINK="663" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\uxtheme.dll" L="F" TR="N=4004" LINK="685" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINMM.dll" L="F" TR="N=4004" LINK="719" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\cscdll.dll" L="F" TR="N=4004" LINK="266" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WlNotify.dll" L="F" TR="N=4004" LINK="728" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINSPOOL.DRV" L="F" TR="N=4004" LINK="722" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MPR.dll" L="F" TR="N=4004" LINK="484" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\rsaenh.dll" L="F" TR="N=4004" LINK="619" EVAL="1" F="1" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msv1_0.dll" L="F" TR="N=4004" LINK="514" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\iphlpapi.dll" L="F" TR="N=4004" LINK="452" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SAMLIB.dll" L="F" TR="N=4004" LINK="625" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\wldap32.dll" L="F" TR="N=4004" LINK="727" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\cscui.dll" L="F" TR="N=4004" LINK="267" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\wdmaud.drv" L="F" TR="N=4004" LINK="706" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\xpsp2res.dll" L="F" TR="N=4004" LINK="756" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\COMRes.dll" L="F" TR="N=4004" LINK="257" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\OLEAUT32.dll" L="F" TR="N=4004" LINK="563" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\CLBCATQ.DLL" L="F" TR="N=4004" LINK="249" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NTMARTA.DLL" L="F" TR="N=4004" LINK="546" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msacm32.drv" L="F" TR="N=4004" LINK="488" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSACM32.dll" L="F" TR="N=4004" LINK="487" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\midimap.dll" L="F" TR="N=4004" LINK="477" EVAL="1" F="2" />
</NODE>
- <NODE NAME="Process" VALUE="services.exe (792)" TR="N=4003" EXTRA="NT AUTHORITY\SYSTEM" LINK="638" EVAL="1" F="2">
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\services.exe" L="F" TR="N=4004" LINK="638" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ntdll.dll" L="F" TR="N=4004" LINK="541" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\kernel32.dll" L="F" TR="N=4004" LINK="460" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msvcrt.dll" L="F" TR="N=4004" LINK="516" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ADVAPI32.dll" L="F" TR="N=4004" LINK="225" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\RPCRT4.dll" L="F" TR="N=4004" LINK="617" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USER32.dll" L="F" TR="N=4004" LINK="682" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\GDI32.dll" L="F" TR="N=4004" LINK="435" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USERENV.dll" L="F" TR="N=4004" LINK="683" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SCESRV.dll" L="F" TR="N=4004" LINK="629" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\AUTHZ.dll" L="F" TR="N=4004" LINK="235" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\umpnpmgr.dll" L="F" TR="N=4004" LINK="673" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINSTA.dll" L="F" TR="N=4004" LINK="724" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NETAPI32.dll" L="F" TR="N=4004" LINK="529" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NCObjAPI.DLL" L="F" TR="N=4004" LINK="526" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSVCP60.dll" L="F" TR="N=4004" LINK="515" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ShimEng.dll" L="F" TR="N=4004" LINK="646" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\AppPatch\AcGenral.DLL" L="F" TR="N=4004" LINK="199" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINMM.dll" L="F" TR="N=4004" LINK="719" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ole32.dll" L="F" TR="N=4004" LINK="561" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\OLEAUT32.dll" L="F" TR="N=4004" LINK="563" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSACM32.dll" L="F" TR="N=4004" LINK="487" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\VERSION.dll" L="F" TR="N=4004" LINK="686" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHELL32.dll" L="F" TR="N=4004" LINK="644" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHLWAPI.dll" L="F" TR="N=4004" LINK="648" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\UxTheme.dll" L="F" TR="N=4004" LINK="685" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll" L="F" TR="N=4004" LINK="760" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\comctl32.dll" L="F" TR="N=4004" LINK="255" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\secur32.dll" L="F" TR="N=4004" LINK="634" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\Apphelp.dll" L="F" TR="N=4004" LINK="229" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\eventlog.dll" L="F" TR="N=4004" LINK="430" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WS2_32.dll" L="F" TR="N=4004" LINK="738" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WS2HELP.dll" L="F" TR="N=4004" LINK="739" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\PSAPI.DLL" L="F" TR="N=4004" LINK="581" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\wtsapi32.dll" L="F" TR="N=4004" LINK="747" EVAL="1" F="2" />
</NODE>
- <NODE NAME="Process" VALUE="lsass.exe (804)" TR="N=4003" EXTRA="NT AUTHORITY\SYSTEM" LINK="472" EVAL="5" F="2">
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\lsass.exe" L="F" TR="N=4004" LINK="472" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ntdll.dll" L="F" TR="N=4004" LINK="541" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\kernel32.dll" L="F" TR="N=4004" LINK="460" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ADVAPI32.dll" L="F" TR="N=4004" LINK="225" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\RPCRT4.dll" L="F" TR="N=4004" LINK="617" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\LSASRV.dll" L="F" TR="N=4004" LINK="471" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msvcrt.dll" L="F" TR="N=4004" LINK="516" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\Secur32.dll" L="F" TR="N=4004" LINK="634" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USER32.dll" L="F" TR="N=4004" LINK="682" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\GDI32.dll" L="F" TR="N=4004" LINK="435" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SAMSRV.dll" L="F" TR="N=4004" LINK="626" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\cryptdll.dll" L="F" TR="N=4004" LINK="261" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\DNSAPI.dll" L="F" TR="N=4004" LINK="284" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WS2_32.dll" L="F" TR="N=4004" LINK="738" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WS2HELP.dll" L="F" TR="N=4004" LINK="739" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSASN1.dll" L="F" TR="N=4004" LINK="490" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NETAPI32.dll" L="F" TR="N=4004" LINK="529" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SAMLIB.dll" L="F" TR="N=4004" LINK="625" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MPR.dll" L="F" TR="N=4004" LINK="484" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NTDSAPI.dll" L="F" TR="N=4004" LINK="542" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WLDAP32.dll" L="F" TR="N=4004" LINK="727" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ShimEng.dll" L="F" TR="N=4004" LINK="646" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\AppPatch\AcGenral.DLL" L="F" TR="N=4004" LINK="199" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINMM.dll" L="F" TR="N=4004" LINK="719" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ole32.dll" L="F" TR="N=4004" LINK="561" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\OLEAUT32.dll" L="F" TR="N=4004" LINK="563" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSACM32.dll" L="F" TR="N=4004" LINK="487" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\VERSION.dll" L="F" TR="N=4004" LINK="686" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHELL32.dll" L="F" TR="N=4004" LINK="644" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHLWAPI.dll" L="F" TR="N=4004" LINK="648" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USERENV.dll" L="F" TR="N=4004" LINK="683" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\UxTheme.dll" L="F" TR="N=4004" LINK="685" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll" L="F" TR="N=4004" LINK="760" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\comctl32.dll" L="F" TR="N=4004" LINK="255" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msprivs.dll" L="F" TR="N=4004" LINK="509" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\kerberos.dll" L="F" TR="N=4004" LINK="459" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msv1_0.dll" L="F" TR="N=4004" LINK="514" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\iphlpapi.dll" L="F" TR="N=4004" LINK="452" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\netlogon.dll" L="F" TR="N=4004" LINK="532" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\w32time.dll" L="F" TR="N=4004" LINK="689" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSVCP60.dll" L="F" TR="N=4004" LINK="515" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\schannel.dll" L="F" TR="N=4004" LINK="630" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\CRYPT32.dll" L="F" TR="N=4004" LINK="260" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\wdigest.dll" L="F" TR="N=4004" LINK="705" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\rsaenh.dll" L="F" TR="N=4004" LINK="619" EVAL="1" F="1" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\setupapi.dll" L="F" TR="N=4004" LINK="640" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\scecli.dll" L="F" TR="N=4004" LINK="628" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ipsecsvc.dll" L="F" TR="N=4004" LINK="455" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\AUTHZ.dll" L="F" TR="N=4004" LINK="235" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\oakley.DLL" L="F" TR="N=4004" LINK="557" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINIPSEC.DLL" L="F" TR="N=4004" LINK="717" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\imon.dll" L="F" TR="N=4004" LINK="448" EVAL="5" F="512" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WSOCK32.dll" L="F" TR="N=4004" LINK="746" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\Program Files\Eset\pr_imon.dll" L="F" TR="N=4004" LINK="63" EVAL="5" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NTMARTA.DLL" L="F" TR="N=4004" LINK="546" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\mswsock.dll" L="F" TR="N=4004" LINK="520" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\hnetcfg.dll" L="F" TR="N=4004" LINK="441" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\wshtcpip.dll" L="F" TR="N=4004" LINK="744" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\pstorsvc.dll" L="F" TR="N=4004" LINK="583" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\psbase.dll" L="F" TR="N=4004" LINK="582" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\dssenh.dll" L="F" TR="N=4004" LINK="424" EVAL="1" F="1" />
</NODE>
- <NODE NAME="Process" VALUE="svchost.exe (980)" TR="N=4003" EXTRA="NT AUTHORITY\SYSTEM" LINK="662" EVAL="1" F="2">
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\svchost.exe" L="F" TR="N=4004" LINK="662" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ntdll.dll" L="F" TR="N=4004" LINK="541" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\kernel32.dll" L="F" TR="N=4004" LINK="460" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ADVAPI32.dll" L="F" TR="N=4004" LINK="225" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\RPCRT4.dll" L="F" TR="N=4004" LINK="617" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ShimEng.dll" L="F" TR="N=4004" LINK="646" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\AppPatch\AcGenral.DLL" L="F" TR="N=4004" LINK="199" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USER32.dll" L="F" TR="N=4004" LINK="682" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\GDI32.dll" L="F" TR="N=4004" LINK="435" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINMM.dll" L="F" TR="N=4004" LINK="719" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ole32.dll" L="F" TR="N=4004" LINK="561" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msvcrt.dll" L="F" TR="N=4004" LINK="516" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\OLEAUT32.dll" L="F" TR="N=4004" LINK="563" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSACM32.dll" L="F" TR="N=4004" LINK="487" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\VERSION.dll" L="F" TR="N=4004" LINK="686" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHELL32.dll" L="F" TR="N=4004" LINK="644" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHLWAPI.dll" L="F" TR="N=4004" LINK="648" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USERENV.dll" L="F" TR="N=4004" LINK="683" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\UxTheme.dll" L="F" TR="N=4004" LINK="685" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll" L="F" TR="N=4004" LINK="760" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\comctl32.dll" L="F" TR="N=4004" LINK="255" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NTMARTA.DLL" L="F" TR="N=4004" LINK="546" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WLDAP32.dll" L="F" TR="N=4004" LINK="727" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SAMLIB.dll" L="F" TR="N=4004" LINK="625" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\rpcss.dll" L="F" TR="N=4004" LINK="618" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\WS2_32.dll" L="F" TR="N=4004" LINK="738" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\WS2HELP.dll" L="F" TR="N=4004" LINK="739" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\Secur32.dll" L="F" TR="N=4004" LINK="634" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\xpsp2res.dll" L="F" TR="N=4004" LINK="756" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\CLBCATQ.DLL" L="F" TR="N=4004" LINK="249" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\COMRes.dll" L="F" TR="N=4004" LINK="257" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\termsrv.dll" L="F" TR="N=4004" LINK="668" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\ICAAPI.dll" L="F" TR="N=4004" LINK="443" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\SETUPAPI.dll" L="F" TR="N=4004" LINK="640" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINTRUST.dll" L="F" TR="N=4004" LINK="725" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\CRYPT32.dll" L="F" TR="N=4004" LINK="260" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSASN1.dll" L="F" TR="N=4004" LINK="490" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\IMAGEHLP.dll" L="F" TR="N=4004" LINK="445" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\AUTHZ.dll" L="F" TR="N=4004" LINK="235" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\mstlsapi.dll" L="F" TR="N=4004" LINK="512" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\ACTIVEDS.dll" L="F" TR="N=4004" LINK="222" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\adsldpc.dll" L="F" TR="N=4004" LINK="224" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NETAPI32.dll" L="F" TR="N=4004" LINK="529" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\ATL.DLL" L="F" TR="N=4004" LINK="233" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\REGAPI.dll" L="F" TR="N=4004" LINK="613" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\rsaenh.dll" L="F" TR="N=4004" LINK="619" EVAL="1" F="1" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\Apphelp.dll" L="F" TR="N=4004" LINK="229" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WTSAPI32.dll" L="F" TR="N=4004" LINK="747" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINSTA.dll" L="F" TR="N=4004" LINK="724" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msv1_0.dll" L="F" TR="N=4004" LINK="514" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\iphlpapi.dll" L="F" TR="N=4004" LINK="452" EVAL="1" F="2" />
</NODE>
- <NODE NAME="Process" VALUE="svchost.exe (1044)" TR="N=4003" EXTRA="NT AUTHORITY\NetworkService" LINK="662" EVAL="5" F="2">
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\svchost.exe" L="F" TR="N=4004" LINK="662" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ntdll.dll" L="F" TR="N=4004" LINK="541" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\kernel32.dll" L="F" TR="N=4004" LINK="460" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ADVAPI32.dll" L="F" TR="N=4004" LINK="225" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\RPCRT4.dll" L="F" TR="N=4004" LINK="617" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ShimEng.dll" L="F" TR="N=4004" LINK="646" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\AppPatch\AcGenral.DLL" L="F" TR="N=4004" LINK="199" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USER32.dll" L="F" TR="N=4004" LINK="682" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\GDI32.dll" L="F" TR="N=4004" LINK="435" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINMM.dll" L="F" TR="N=4004" LINK="719" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ole32.dll" L="F" TR="N=4004" LINK="561" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msvcrt.dll" L="F" TR="N=4004" LINK="516" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\OLEAUT32.dll" L="F" TR="N=4004" LINK="563" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSACM32.dll" L="F" TR="N=4004" LINK="487" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\VERSION.dll" L="F" TR="N=4004" LINK="686" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHELL32.dll" L="F" TR="N=4004" LINK="644" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHLWAPI.dll" L="F" TR="N=4004" LINK="648" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USERENV.dll" L="F" TR="N=4004" LINK="683" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\UxTheme.dll" L="F" TR="N=4004" LINK="685" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll" L="F" TR="N=4004" LINK="760" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\comctl32.dll" L="F" TR="N=4004" LINK="255" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\rpcss.dll" L="F" TR="N=4004" LINK="618" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\WS2_32.dll" L="F" TR="N=4004" LINK="738" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\WS2HELP.dll" L="F" TR="N=4004" LINK="739" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\Secur32.dll" L="F" TR="N=4004" LINK="634" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\xpsp2res.dll" L="F" TR="N=4004" LINK="756" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\rsaenh.dll" L="F" TR="N=4004" LINK="619" EVAL="1" F="1" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\mswsock.dll" L="F" TR="N=4004" LINK="520" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\imon.dll" L="F" TR="N=4004" LINK="448" EVAL="5" F="512" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WSOCK32.dll" L="F" TR="N=4004" LINK="746" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\Program Files\Eset\pr_imon.dll" L="F" TR="N=4004" LINK="63" EVAL="5" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NTMARTA.DLL" L="F" TR="N=4004" LINK="546" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WLDAP32.dll" L="F" TR="N=4004" LINK="727" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SAMLIB.dll" L="F" TR="N=4004" LINK="625" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\hnetcfg.dll" L="F" TR="N=4004" LINK="441" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\wshtcpip.dll" L="F" TR="N=4004" LINK="744" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\DNSAPI.dll" L="F" TR="N=4004" LINK="284" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\iphlpapi.dll" L="F" TR="N=4004" LINK="452" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\winrnr.dll" L="F" TR="N=4004" LINK="720" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\rasadhlp.dll" L="F" TR="N=4004" LINK="602" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\CLBCATQ.DLL" L="F" TR="N=4004" LINK="249" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\COMRes.dll" L="F" TR="N=4004" LINK="257" EVAL="1" F="2" />
</NODE>
- <NODE NAME="Process" VALUE="svchost.exe (1152)" TR="N=4003" EXTRA="NT AUTHORITY\SYSTEM" LINK="662" EVAL="5" F="2">
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\svchost.exe" L="F" TR="N=4004" LINK="662" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ntdll.dll" L="F" TR="N=4004" LINK="541" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\kernel32.dll" L="F" TR="N=4004" LINK="460" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ADVAPI32.dll" L="F" TR="N=4004" LINK="225" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\RPCRT4.dll" L="F" TR="N=4004" LINK="617" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\ShimEng.dll" L="F" TR="N=4004" LINK="646" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\AppPatch\AcGenral.DLL" L="F" TR="N=4004" LINK="199" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USER32.dll" L="F" TR="N=4004" LINK="682" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\GDI32.dll" L="F" TR="N=4004" LINK="435" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\WINMM.dll" L="F" TR="N=4004" LINK="719" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ole32.dll" L="F" TR="N=4004" LINK="561" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msvcrt.dll" L="F" TR="N=4004" LINK="516" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\OLEAUT32.dll" L="F" TR="N=4004" LINK="563" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\MSACM32.dll" L="F" TR="N=4004" LINK="487" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\VERSION.dll" L="F" TR="N=4004" LINK="686" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHELL32.dll" L="F" TR="N=4004" LINK="644" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHLWAPI.dll" L="F" TR="N=4004" LINK="648" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USERENV.dll" L="F" TR="N=4004" LINK="683" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\UxTheme.dll" L="F" TR="N=4004" LINK="685" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll" L="F" TR="N=4004" LINK="760" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\comctl32.dll" L="F" TR="N=4004" LINK="255" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\NTMARTA.DLL" L="F" TR="N=4004" LINK="546" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WLDAP32.dll" L="F" TR="N=4004" LINK="727" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\SAMLIB.dll" L="F" TR="N=4004" LINK="625" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\xpsp2res.dll" L="F" TR="N=4004" LINK="756" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\shsvcs.dll" L="F" TR="N=4004" LINK="651" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\WINSTA.dll" L="F" TR="N=4004" LINK="724" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NETAPI32.dll" L="F" TR="N=4004" LINK="529" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\dhcpcsvc.dll" L="F" TR="N=4004" LINK="279" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\DNSAPI.dll" L="F" TR="N=4004" LINK="284" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\WS2_32.dll" L="F" TR="N=4004" LINK="738" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\WS2HELP.dll" L="F" TR="N=4004" LINK="739" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\iphlpapi.dll" L="F" TR="N=4004" LINK="452" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\Secur32.dll" L="F" TR="N=4004" LINK="634" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\imon.dll" L="F" TR="N=4004" LINK="448" EVAL="5" F="512" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\WSOCK32.dll" L="F" TR="N=4004" LINK="746" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\Program Files\Eset\pr_imon.dll" L="F" TR="N=4004" LINK="63" EVAL="5" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\mswsock.dll" L="F" TR="N=4004" LINK="520" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\hnetcfg.dll" L="F" TR="N=4004" LINK="441" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\wshtcpip.dll" L="F" TR="N=4004" LINK="744" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\wzcsvc.dll" L="F" TR="N=4004" LINK="754" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\rtutils.dll" L="F" TR="N=4004" LINK="623" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\WMI.dll" L="F" TR="N=4004" LINK="730" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\CRYPT32.dll" L="F" TR="N=4004" LINK="260" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSASN1.dll" L="F" TR="N=4004" LINK="490" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\WTSAPI32.dll" L="F" TR="N=4004" LINK="747" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\ESENT.dll" L="F" TR="N=4004" LINK="429" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\ATL.DLL" L="F" TR="N=4004" LINK="233" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\rsaenh.dll" L="F" TR="N=4004" LINK="619" EVAL="1" F="1" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\CLBCATQ.DLL" L="F" TR="N=4004" LINK="249" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\COMRes.dll" L="F" TR="N=4004" LINK="257" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\rastls.dll" L="F" TR="N=4004" LINK="612" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\CRYPTUI.dll" L="F" TR="N=4004" LINK="265" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINTRUST.dll" L="F" TR="N=4004" LINK="725" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\IMAGEHLP.dll" L="F" TR="N=4004" LINK="445" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WININET.dll" L="F" TR="N=4004" LINK="716" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\MPRAPI.dll" L="F" TR="N=4004" LINK="485" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\ACTIVEDS.dll" L="F" TR="N=4004" LINK="222" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\adsldpc.dll" L="F" TR="N=4004" LINK="224" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\SETUPAPI.dll" L="F" TR="N=4004" LINK="640" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\RASAPI32.dll" L="F" TR="N=4004" LINK="603" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\rasman.dll" L="F" TR="N=4004" LINK="607" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\TAPI32.dll" L="F" TR="N=4004" LINK="665" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\SCHANNEL.dll" L="F" TR="N=4004" LINK="630" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\WinSCard.dll" L="F" TR="N=4004" LINK="721" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\raschap.dll" L="F" TR="N=4004" LINK="605" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msv1_0.dll" L="F" TR="N=4004" LINK="514" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\schedsvc.dll" L="F" TR="N=4004" LINK="631" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="
_________________
OS: Microsoft Windows XP Professional- Service Pack 3
Monitor: LG 19", kontrast 10 000:1, 5ms, 4:3, 1440x900
PC zostava: Intel Core 2Duo E8200, 2666MHz(9x296), Bios AMI, grafika NVIDIA GeForce 9600GT (512MB), Realtek HD Audio (repraky GENIUS 3600W, 5.1), HDD SAMSUNG 500GB SATA 2, mechanika TSSTcorp SH-202J Samsung blue ray, Atheros L1 gigabit 10/100/1000Base |
|
Registrovaný: 27.07.08
Prihlásený: 21.08.08
Príspevky: 38
Témy: 7
Bydlisko: Košice | Napísal autor témy toki: 29.07.2008 10:22 | |
|
ok, takze VIRUS ALERT je tam vzdy aj ked som vymazal toto co si mi vcera kazal....
<?xml version="1.0" encoding="utf-8" ?>
- <SYSTEMSTATUS EVAL="6" ITEMS_TOTAL="10953" STRIPPED="FALSE" START="080729-101420" END="080729-101500">
- <NODE NAME="SECTION" VALUE="Running Processes" NAME_CAPTION="Type" VALUE_CAPTION="Path" EXTRA_CAPTION="User Name" TR="V=4000;n=4001;v=4002;e=4006" TREE_ICON="1" PARENTS_ONLY="1" EVAL="5">
- <NODE NAME="Process" VALUE="system (0)" TR="N=4003" EXTRA="" EVAL="1">
<NODE EMPTY="1" EVAL="1" />
</NODE>
- <NODE NAME="Process" VALUE="system (4)" TR="N=4003" EXTRA="" EVAL="1">
<NODE EMPTY="1" EVAL="1" />
</NODE>
- <NODE NAME="Process" VALUE="smss.exe (676)" TR="N=4003" EXTRA="NT AUTHORITY\SYSTEM" LINK="654" EVAL="1" F="2">
<NODE NAME="Module" VALUE="\SystemRoot\System32\smss.exe" L="F" TR="N=4004" LINK="654" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ntdll.dll" L="F" TR="N=4004" LINK="541" EVAL="1" F="2" />
</NODE>
- <NODE NAME="Process" VALUE="csrss.exe (724)" TR="N=4003" EXTRA="NT AUTHORITY\SYSTEM" LINK="269" EVAL="1" F="2">
<NODE NAME="Module" VALUE="\??\H:\WINDOWS\system32\csrss.exe" L="F" TR="N=4004" LINK="269" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ntdll.dll" L="F" TR="N=4004" LINK="541" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\CSRSRV.dll" L="F" TR="N=4004" LINK="268" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\basesrv.dll" L="F" TR="N=4004" LINK="237" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\winsrv.dll" L="F" TR="N=4004" LINK="723" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USER32.dll" L="F" TR="N=4004" LINK="682" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\KERNEL32.dll" L="F" TR="N=4004" LINK="460" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\GDI32.dll" L="F" TR="N=4004" LINK="435" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\sxs.dll" L="F" TR="N=4004" LINK="663" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ADVAPI32.dll" L="F" TR="N=4004" LINK="225" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\RPCRT4.dll" L="F" TR="N=4004" LINK="617" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\Apphelp.dll" L="F" TR="N=4004" LINK="229" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\VERSION.dll" L="F" TR="N=4004" LINK="686" EVAL="1" F="2" />
</NODE>
- <NODE NAME="Process" VALUE="winlogon.exe (748)" TR="N=4003" EXTRA="NT AUTHORITY\SYSTEM" LINK="718" EVAL="1" F="2">
<NODE NAME="Module" VALUE="\??\H:\WINDOWS\system32\winlogon.exe" L="F" TR="N=4004" LINK="718" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ntdll.dll" L="F" TR="N=4004" LINK="541" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\kernel32.dll" L="F" TR="N=4004" LINK="460" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ADVAPI32.dll" L="F" TR="N=4004" LINK="225" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\RPCRT4.dll" L="F" TR="N=4004" LINK="617" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\AUTHZ.dll" L="F" TR="N=4004" LINK="235" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msvcrt.dll" L="F" TR="N=4004" LINK="516" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\CRYPT32.dll" L="F" TR="N=4004" LINK="260" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USER32.dll" L="F" TR="N=4004" LINK="682" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\GDI32.dll" L="F" TR="N=4004" LINK="435" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSASN1.dll" L="F" TR="N=4004" LINK="490" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NDdeApi.dll" L="F" TR="N=4004" LINK="527" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\PROFMAP.dll" L="F" TR="N=4004" LINK="580" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NETAPI32.dll" L="F" TR="N=4004" LINK="529" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USERENV.dll" L="F" TR="N=4004" LINK="683" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\PSAPI.DLL" L="F" TR="N=4004" LINK="581" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\REGAPI.dll" L="F" TR="N=4004" LINK="613" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\Secur32.dll" L="F" TR="N=4004" LINK="634" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SETUPAPI.dll" L="F" TR="N=4004" LINK="640" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\VERSION.dll" L="F" TR="N=4004" LINK="686" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINSTA.dll" L="F" TR="N=4004" LINK="724" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINTRUST.dll" L="F" TR="N=4004" LINK="725" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\IMAGEHLP.dll" L="F" TR="N=4004" LINK="445" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WS2_32.dll" L="F" TR="N=4004" LINK="738" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WS2HELP.dll" L="F" TR="N=4004" LINK="739" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSGINA.dll" L="F" TR="N=4004" LINK="497" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHELL32.dll" L="F" TR="N=4004" LINK="644" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHLWAPI.dll" L="F" TR="N=4004" LINK="648" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\COMCTL32.dll" L="F" TR="N=4004" LINK="255" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ODBC32.dll" L="F" TR="N=4004" LINK="559" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\comdlg32.dll" L="F" TR="N=4004" LINK="256" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll" L="F" TR="N=4004" LINK="760" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\odbcint.dll" L="F" TR="N=4004" LINK="560" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHSVCS.dll" L="F" TR="N=4004" LINK="651" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\sfc.dll" L="F" TR="N=4004" LINK="641" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\sfc_os.dll" L="F" TR="N=4004" LINK="642" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ole32.dll" L="F" TR="N=4004" LINK="561" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\Apphelp.dll" L="F" TR="N=4004" LINK="229" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINSCARD.DLL" L="F" TR="N=4004" LINK="721" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WTSAPI32.dll" L="F" TR="N=4004" LINK="747" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\sxs.dll" L="F" TR="N=4004" LINK="663" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\uxtheme.dll" L="F" TR="N=4004" LINK="685" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINMM.dll" L="F" TR="N=4004" LINK="719" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\cscdll.dll" L="F" TR="N=4004" LINK="266" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WlNotify.dll" L="F" TR="N=4004" LINK="728" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINSPOOL.DRV" L="F" TR="N=4004" LINK="722" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MPR.dll" L="F" TR="N=4004" LINK="484" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\rsaenh.dll" L="F" TR="N=4004" LINK="619" EVAL="1" F="1" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msv1_0.dll" L="F" TR="N=4004" LINK="514" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\iphlpapi.dll" L="F" TR="N=4004" LINK="452" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SAMLIB.dll" L="F" TR="N=4004" LINK="625" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\wldap32.dll" L="F" TR="N=4004" LINK="727" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\cscui.dll" L="F" TR="N=4004" LINK="267" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\wdmaud.drv" L="F" TR="N=4004" LINK="706" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\xpsp2res.dll" L="F" TR="N=4004" LINK="756" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\COMRes.dll" L="F" TR="N=4004" LINK="257" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\OLEAUT32.dll" L="F" TR="N=4004" LINK="563" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\CLBCATQ.DLL" L="F" TR="N=4004" LINK="249" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NTMARTA.DLL" L="F" TR="N=4004" LINK="546" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msacm32.drv" L="F" TR="N=4004" LINK="488" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSACM32.dll" L="F" TR="N=4004" LINK="487" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\midimap.dll" L="F" TR="N=4004" LINK="477" EVAL="1" F="2" />
</NODE>
- <NODE NAME="Process" VALUE="services.exe (792)" TR="N=4003" EXTRA="NT AUTHORITY\SYSTEM" LINK="638" EVAL="1" F="2">
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\services.exe" L="F" TR="N=4004" LINK="638" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ntdll.dll" L="F" TR="N=4004" LINK="541" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\kernel32.dll" L="F" TR="N=4004" LINK="460" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msvcrt.dll" L="F" TR="N=4004" LINK="516" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ADVAPI32.dll" L="F" TR="N=4004" LINK="225" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\RPCRT4.dll" L="F" TR="N=4004" LINK="617" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USER32.dll" L="F" TR="N=4004" LINK="682" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\GDI32.dll" L="F" TR="N=4004" LINK="435" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USERENV.dll" L="F" TR="N=4004" LINK="683" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SCESRV.dll" L="F" TR="N=4004" LINK="629" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\AUTHZ.dll" L="F" TR="N=4004" LINK="235" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\umpnpmgr.dll" L="F" TR="N=4004" LINK="673" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINSTA.dll" L="F" TR="N=4004" LINK="724" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NETAPI32.dll" L="F" TR="N=4004" LINK="529" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NCObjAPI.DLL" L="F" TR="N=4004" LINK="526" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSVCP60.dll" L="F" TR="N=4004" LINK="515" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ShimEng.dll" L="F" TR="N=4004" LINK="646" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\AppPatch\AcGenral.DLL" L="F" TR="N=4004" LINK="199" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINMM.dll" L="F" TR="N=4004" LINK="719" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ole32.dll" L="F" TR="N=4004" LINK="561" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\OLEAUT32.dll" L="F" TR="N=4004" LINK="563" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSACM32.dll" L="F" TR="N=4004" LINK="487" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\VERSION.dll" L="F" TR="N=4004" LINK="686" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHELL32.dll" L="F" TR="N=4004" LINK="644" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHLWAPI.dll" L="F" TR="N=4004" LINK="648" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\UxTheme.dll" L="F" TR="N=4004" LINK="685" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll" L="F" TR="N=4004" LINK="760" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\comctl32.dll" L="F" TR="N=4004" LINK="255" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\secur32.dll" L="F" TR="N=4004" LINK="634" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\Apphelp.dll" L="F" TR="N=4004" LINK="229" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\eventlog.dll" L="F" TR="N=4004" LINK="430" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WS2_32.dll" L="F" TR="N=4004" LINK="738" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WS2HELP.dll" L="F" TR="N=4004" LINK="739" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\PSAPI.DLL" L="F" TR="N=4004" LINK="581" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\wtsapi32.dll" L="F" TR="N=4004" LINK="747" EVAL="1" F="2" />
</NODE>
- <NODE NAME="Process" VALUE="lsass.exe (804)" TR="N=4003" EXTRA="NT AUTHORITY\SYSTEM" LINK="472" EVAL="5" F="2">
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\lsass.exe" L="F" TR="N=4004" LINK="472" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ntdll.dll" L="F" TR="N=4004" LINK="541" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\kernel32.dll" L="F" TR="N=4004" LINK="460" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ADVAPI32.dll" L="F" TR="N=4004" LINK="225" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\RPCRT4.dll" L="F" TR="N=4004" LINK="617" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\LSASRV.dll" L="F" TR="N=4004" LINK="471" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msvcrt.dll" L="F" TR="N=4004" LINK="516" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\Secur32.dll" L="F" TR="N=4004" LINK="634" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USER32.dll" L="F" TR="N=4004" LINK="682" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\GDI32.dll" L="F" TR="N=4004" LINK="435" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SAMSRV.dll" L="F" TR="N=4004" LINK="626" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\cryptdll.dll" L="F" TR="N=4004" LINK="261" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\DNSAPI.dll" L="F" TR="N=4004" LINK="284" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WS2_32.dll" L="F" TR="N=4004" LINK="738" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WS2HELP.dll" L="F" TR="N=4004" LINK="739" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSASN1.dll" L="F" TR="N=4004" LINK="490" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NETAPI32.dll" L="F" TR="N=4004" LINK="529" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SAMLIB.dll" L="F" TR="N=4004" LINK="625" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MPR.dll" L="F" TR="N=4004" LINK="484" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NTDSAPI.dll" L="F" TR="N=4004" LINK="542" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WLDAP32.dll" L="F" TR="N=4004" LINK="727" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ShimEng.dll" L="F" TR="N=4004" LINK="646" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\AppPatch\AcGenral.DLL" L="F" TR="N=4004" LINK="199" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINMM.dll" L="F" TR="N=4004" LINK="719" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ole32.dll" L="F" TR="N=4004" LINK="561" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\OLEAUT32.dll" L="F" TR="N=4004" LINK="563" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSACM32.dll" L="F" TR="N=4004" LINK="487" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\VERSION.dll" L="F" TR="N=4004" LINK="686" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHELL32.dll" L="F" TR="N=4004" LINK="644" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHLWAPI.dll" L="F" TR="N=4004" LINK="648" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USERENV.dll" L="F" TR="N=4004" LINK="683" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\UxTheme.dll" L="F" TR="N=4004" LINK="685" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll" L="F" TR="N=4004" LINK="760" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\comctl32.dll" L="F" TR="N=4004" LINK="255" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msprivs.dll" L="F" TR="N=4004" LINK="509" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\kerberos.dll" L="F" TR="N=4004" LINK="459" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msv1_0.dll" L="F" TR="N=4004" LINK="514" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\iphlpapi.dll" L="F" TR="N=4004" LINK="452" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\netlogon.dll" L="F" TR="N=4004" LINK="532" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\w32time.dll" L="F" TR="N=4004" LINK="689" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSVCP60.dll" L="F" TR="N=4004" LINK="515" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\schannel.dll" L="F" TR="N=4004" LINK="630" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\CRYPT32.dll" L="F" TR="N=4004" LINK="260" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\wdigest.dll" L="F" TR="N=4004" LINK="705" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\rsaenh.dll" L="F" TR="N=4004" LINK="619" EVAL="1" F="1" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\setupapi.dll" L="F" TR="N=4004" LINK="640" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\scecli.dll" L="F" TR="N=4004" LINK="628" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ipsecsvc.dll" L="F" TR="N=4004" LINK="455" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\AUTHZ.dll" L="F" TR="N=4004" LINK="235" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\oakley.DLL" L="F" TR="N=4004" LINK="557" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINIPSEC.DLL" L="F" TR="N=4004" LINK="717" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\imon.dll" L="F" TR="N=4004" LINK="448" EVAL="5" F="512" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WSOCK32.dll" L="F" TR="N=4004" LINK="746" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\Program Files\Eset\pr_imon.dll" L="F" TR="N=4004" LINK="63" EVAL="5" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NTMARTA.DLL" L="F" TR="N=4004" LINK="546" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\mswsock.dll" L="F" TR="N=4004" LINK="520" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\hnetcfg.dll" L="F" TR="N=4004" LINK="441" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\wshtcpip.dll" L="F" TR="N=4004" LINK="744" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\pstorsvc.dll" L="F" TR="N=4004" LINK="583" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\psbase.dll" L="F" TR="N=4004" LINK="582" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\dssenh.dll" L="F" TR="N=4004" LINK="424" EVAL="1" F="1" />
</NODE>
- <NODE NAME="Process" VALUE="svchost.exe (980)" TR="N=4003" EXTRA="NT AUTHORITY\SYSTEM" LINK="662" EVAL="1" F="2">
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\svchost.exe" L="F" TR="N=4004" LINK="662" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ntdll.dll" L="F" TR="N=4004" LINK="541" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\kernel32.dll" L="F" TR="N=4004" LINK="460" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ADVAPI32.dll" L="F" TR="N=4004" LINK="225" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\RPCRT4.dll" L="F" TR="N=4004" LINK="617" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ShimEng.dll" L="F" TR="N=4004" LINK="646" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\AppPatch\AcGenral.DLL" L="F" TR="N=4004" LINK="199" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USER32.dll" L="F" TR="N=4004" LINK="682" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\GDI32.dll" L="F" TR="N=4004" LINK="435" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINMM.dll" L="F" TR="N=4004" LINK="719" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ole32.dll" L="F" TR="N=4004" LINK="561" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msvcrt.dll" L="F" TR="N=4004" LINK="516" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\OLEAUT32.dll" L="F" TR="N=4004" LINK="563" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSACM32.dll" L="F" TR="N=4004" LINK="487" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\VERSION.dll" L="F" TR="N=4004" LINK="686" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHELL32.dll" L="F" TR="N=4004" LINK="644" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHLWAPI.dll" L="F" TR="N=4004" LINK="648" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USERENV.dll" L="F" TR="N=4004" LINK="683" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\UxTheme.dll" L="F" TR="N=4004" LINK="685" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll" L="F" TR="N=4004" LINK="760" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\comctl32.dll" L="F" TR="N=4004" LINK="255" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NTMARTA.DLL" L="F" TR="N=4004" LINK="546" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WLDAP32.dll" L="F" TR="N=4004" LINK="727" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SAMLIB.dll" L="F" TR="N=4004" LINK="625" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\rpcss.dll" L="F" TR="N=4004" LINK="618" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\WS2_32.dll" L="F" TR="N=4004" LINK="738" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\WS2HELP.dll" L="F" TR="N=4004" LINK="739" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\Secur32.dll" L="F" TR="N=4004" LINK="634" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\xpsp2res.dll" L="F" TR="N=4004" LINK="756" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\CLBCATQ.DLL" L="F" TR="N=4004" LINK="249" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\COMRes.dll" L="F" TR="N=4004" LINK="257" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\termsrv.dll" L="F" TR="N=4004" LINK="668" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\ICAAPI.dll" L="F" TR="N=4004" LINK="443" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\SETUPAPI.dll" L="F" TR="N=4004" LINK="640" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINTRUST.dll" L="F" TR="N=4004" LINK="725" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\CRYPT32.dll" L="F" TR="N=4004" LINK="260" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSASN1.dll" L="F" TR="N=4004" LINK="490" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\IMAGEHLP.dll" L="F" TR="N=4004" LINK="445" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\AUTHZ.dll" L="F" TR="N=4004" LINK="235" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\mstlsapi.dll" L="F" TR="N=4004" LINK="512" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\ACTIVEDS.dll" L="F" TR="N=4004" LINK="222" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\adsldpc.dll" L="F" TR="N=4004" LINK="224" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NETAPI32.dll" L="F" TR="N=4004" LINK="529" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\ATL.DLL" L="F" TR="N=4004" LINK="233" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\REGAPI.dll" L="F" TR="N=4004" LINK="613" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\rsaenh.dll" L="F" TR="N=4004" LINK="619" EVAL="1" F="1" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\Apphelp.dll" L="F" TR="N=4004" LINK="229" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WTSAPI32.dll" L="F" TR="N=4004" LINK="747" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINSTA.dll" L="F" TR="N=4004" LINK="724" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msv1_0.dll" L="F" TR="N=4004" LINK="514" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\iphlpapi.dll" L="F" TR="N=4004" LINK="452" EVAL="1" F="2" />
</NODE>
- <NODE NAME="Process" VALUE="svchost.exe (1044)" TR="N=4003" EXTRA="NT AUTHORITY\NetworkService" LINK="662" EVAL="5" F="2">
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\svchost.exe" L="F" TR="N=4004" LINK="662" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ntdll.dll" L="F" TR="N=4004" LINK="541" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\kernel32.dll" L="F" TR="N=4004" LINK="460" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ADVAPI32.dll" L="F" TR="N=4004" LINK="225" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\RPCRT4.dll" L="F" TR="N=4004" LINK="617" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ShimEng.dll" L="F" TR="N=4004" LINK="646" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\AppPatch\AcGenral.DLL" L="F" TR="N=4004" LINK="199" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USER32.dll" L="F" TR="N=4004" LINK="682" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\GDI32.dll" L="F" TR="N=4004" LINK="435" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINMM.dll" L="F" TR="N=4004" LINK="719" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ole32.dll" L="F" TR="N=4004" LINK="561" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msvcrt.dll" L="F" TR="N=4004" LINK="516" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\OLEAUT32.dll" L="F" TR="N=4004" LINK="563" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSACM32.dll" L="F" TR="N=4004" LINK="487" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\VERSION.dll" L="F" TR="N=4004" LINK="686" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHELL32.dll" L="F" TR="N=4004" LINK="644" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHLWAPI.dll" L="F" TR="N=4004" LINK="648" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USERENV.dll" L="F" TR="N=4004" LINK="683" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\UxTheme.dll" L="F" TR="N=4004" LINK="685" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll" L="F" TR="N=4004" LINK="760" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\comctl32.dll" L="F" TR="N=4004" LINK="255" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\rpcss.dll" L="F" TR="N=4004" LINK="618" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\WS2_32.dll" L="F" TR="N=4004" LINK="738" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\WS2HELP.dll" L="F" TR="N=4004" LINK="739" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\Secur32.dll" L="F" TR="N=4004" LINK="634" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\xpsp2res.dll" L="F" TR="N=4004" LINK="756" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\rsaenh.dll" L="F" TR="N=4004" LINK="619" EVAL="1" F="1" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\mswsock.dll" L="F" TR="N=4004" LINK="520" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\imon.dll" L="F" TR="N=4004" LINK="448" EVAL="5" F="512" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WSOCK32.dll" L="F" TR="N=4004" LINK="746" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\Program Files\Eset\pr_imon.dll" L="F" TR="N=4004" LINK="63" EVAL="5" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NTMARTA.DLL" L="F" TR="N=4004" LINK="546" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WLDAP32.dll" L="F" TR="N=4004" LINK="727" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SAMLIB.dll" L="F" TR="N=4004" LINK="625" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\hnetcfg.dll" L="F" TR="N=4004" LINK="441" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\wshtcpip.dll" L="F" TR="N=4004" LINK="744" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\DNSAPI.dll" L="F" TR="N=4004" LINK="284" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\iphlpapi.dll" L="F" TR="N=4004" LINK="452" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\winrnr.dll" L="F" TR="N=4004" LINK="720" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\rasadhlp.dll" L="F" TR="N=4004" LINK="602" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\CLBCATQ.DLL" L="F" TR="N=4004" LINK="249" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\COMRes.dll" L="F" TR="N=4004" LINK="257" EVAL="1" F="2" />
</NODE>
- <NODE NAME="Process" VALUE="svchost.exe (1152)" TR="N=4003" EXTRA="NT AUTHORITY\SYSTEM" LINK="662" EVAL="5" F="2">
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\svchost.exe" L="F" TR="N=4004" LINK="662" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ntdll.dll" L="F" TR="N=4004" LINK="541" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\kernel32.dll" L="F" TR="N=4004" LINK="460" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ADVAPI32.dll" L="F" TR="N=4004" LINK="225" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\RPCRT4.dll" L="F" TR="N=4004" LINK="617" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\ShimEng.dll" L="F" TR="N=4004" LINK="646" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\AppPatch\AcGenral.DLL" L="F" TR="N=4004" LINK="199" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USER32.dll" L="F" TR="N=4004" LINK="682" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\GDI32.dll" L="F" TR="N=4004" LINK="435" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\WINMM.dll" L="F" TR="N=4004" LINK="719" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\ole32.dll" L="F" TR="N=4004" LINK="561" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msvcrt.dll" L="F" TR="N=4004" LINK="516" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\OLEAUT32.dll" L="F" TR="N=4004" LINK="563" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\MSACM32.dll" L="F" TR="N=4004" LINK="487" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\VERSION.dll" L="F" TR="N=4004" LINK="686" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHELL32.dll" L="F" TR="N=4004" LINK="644" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\SHLWAPI.dll" L="F" TR="N=4004" LINK="648" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\USERENV.dll" L="F" TR="N=4004" LINK="683" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\UxTheme.dll" L="F" TR="N=4004" LINK="685" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll" L="F" TR="N=4004" LINK="760" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\comctl32.dll" L="F" TR="N=4004" LINK="255" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\NTMARTA.DLL" L="F" TR="N=4004" LINK="546" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WLDAP32.dll" L="F" TR="N=4004" LINK="727" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\SAMLIB.dll" L="F" TR="N=4004" LINK="625" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\xpsp2res.dll" L="F" TR="N=4004" LINK="756" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\shsvcs.dll" L="F" TR="N=4004" LINK="651" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\WINSTA.dll" L="F" TR="N=4004" LINK="724" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\NETAPI32.dll" L="F" TR="N=4004" LINK="529" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\dhcpcsvc.dll" L="F" TR="N=4004" LINK="279" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\DNSAPI.dll" L="F" TR="N=4004" LINK="284" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\WS2_32.dll" L="F" TR="N=4004" LINK="738" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\WS2HELP.dll" L="F" TR="N=4004" LINK="739" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\iphlpapi.dll" L="F" TR="N=4004" LINK="452" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\Secur32.dll" L="F" TR="N=4004" LINK="634" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\imon.dll" L="F" TR="N=4004" LINK="448" EVAL="5" F="512" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\WSOCK32.dll" L="F" TR="N=4004" LINK="746" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\Program Files\Eset\pr_imon.dll" L="F" TR="N=4004" LINK="63" EVAL="5" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\mswsock.dll" L="F" TR="N=4004" LINK="520" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\hnetcfg.dll" L="F" TR="N=4004" LINK="441" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\wshtcpip.dll" L="F" TR="N=4004" LINK="744" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\wzcsvc.dll" L="F" TR="N=4004" LINK="754" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\rtutils.dll" L="F" TR="N=4004" LINK="623" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\WMI.dll" L="F" TR="N=4004" LINK="730" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\CRYPT32.dll" L="F" TR="N=4004" LINK="260" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\MSASN1.dll" L="F" TR="N=4004" LINK="490" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\WTSAPI32.dll" L="F" TR="N=4004" LINK="747" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\ESENT.dll" L="F" TR="N=4004" LINK="429" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\ATL.DLL" L="F" TR="N=4004" LINK="233" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\rsaenh.dll" L="F" TR="N=4004" LINK="619" EVAL="1" F="1" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\CLBCATQ.DLL" L="F" TR="N=4004" LINK="249" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\COMRes.dll" L="F" TR="N=4004" LINK="257" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\rastls.dll" L="F" TR="N=4004" LINK="612" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\CRYPTUI.dll" L="F" TR="N=4004" LINK="265" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WINTRUST.dll" L="F" TR="N=4004" LINK="725" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\IMAGEHLP.dll" L="F" TR="N=4004" LINK="445" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\WININET.dll" L="F" TR="N=4004" LINK="716" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\MPRAPI.dll" L="F" TR="N=4004" LINK="485" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\ACTIVEDS.dll" L="F" TR="N=4004" LINK="222" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\adsldpc.dll" L="F" TR="N=4004" LINK="224" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\SETUPAPI.dll" L="F" TR="N=4004" LINK="640" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\RASAPI32.dll" L="F" TR="N=4004" LINK="603" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\rasman.dll" L="F" TR="N=4004" LINK="607" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\TAPI32.dll" L="F" TR="N=4004" LINK="665" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\SCHANNEL.dll" L="F" TR="N=4004" LINK="630" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\WinSCard.dll" L="F" TR="N=4004" LINK="721" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\System32\raschap.dll" L="F" TR="N=4004" LINK="605" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="H:\WINDOWS\system32\msv1_0.dll" L="F" TR="N=4004" LINK="514" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="h:\windows\system32\schedsvc.dll" L="F" TR="N=4004" LINK="631" EVAL="1" F="2" />
<NODE NAME="Module" VALUE="
_________________
OS: Microsoft Windows XP Professional- Service Pack 3
Monitor: LG 19", kontrast 10 000:1, 5ms, 4:3, 1440x900
PC zostava: Intel Core 2Duo E8200, 2666MHz(9x296), Bios AMI, grafika NVIDIA GeForce 9600GT (512MB), Realtek HD Audio (repraky GENIUS 3600W, 5.1), HDD SAMSUNG 500GB SATA 2, mechanika TSSTcorp SH-202J Samsung blue ray, Atheros L1 gigabit 10/100/1000Base |
|
| Stránka: 1 z 1
| [ Príspevkov: 8 ] | |
| Nemôžete zakladať nové témy v tomto fóre
Nemôžete odpovedať na témy v tomto fóre
Nemôžete upravovať svoje príspevky v tomto fóre
Nemôžete mazať svoje príspevky v tomto fóre
|
|
