Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

zpomalene PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119515
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zpomalene PC

#16 Příspěvek od Rudy »

OK. Ještě stáhněte, rozbalte a spusťte TDSSKiller: http://support.kaspersky.com/downloads/ ... killer.zip . Nechte pracovat a po skončení akce sem dejte log. Mám za to, že v MBR sektoru může být rootkit.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
macc
Návštěvník
Návštěvník
Příspěvky: 93
Registrován: 13 dub 2011 18:28

Re: zpomalene PC

#17 Příspěvek od macc »

13:22:05.0734 5108 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
13:22:05.0828 5108 ============================================================
13:22:05.0828 5108 Current date / time: 2012/05/12 13:22:05.0828
13:22:05.0828 5108 SystemInfo:
13:22:05.0828 5108
13:22:05.0828 5108 OS Version: 5.1.2600 ServicePack: 3.0
13:22:05.0828 5108 Product type: Workstation
13:22:05.0828 5108 ComputerName: JA
13:22:05.0828 5108 UserName: dom
13:22:05.0828 5108 Windows directory: C:\WINDOWS
13:22:05.0828 5108 System windows directory: C:\WINDOWS
13:22:05.0828 5108 Processor architecture: Intel x86
13:22:05.0828 5108 Number of processors: 1
13:22:05.0828 5108 Page size: 0x1000
13:22:05.0828 5108 Boot type: Normal boot
13:22:05.0828 5108 ============================================================
13:22:06.0937 5108 Drive \Device\Harddisk0\DR0 - Size: 0x1BF286DE00 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x11B2C, SectorsPerTrack: 0x21, TracksPerCylinder: 0x62, Type 'K0', Flags 0x00000054
13:22:06.0953 5108 Drive \Device\Harddisk1\DR1 - Size: 0x3A38A25A00 (232.88 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
13:22:06.0984 5108 Drive \Device\Harddisk2\DR2 - Size: 0x7470C05C00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
13:22:06.0984 5108 ============================================================
13:22:06.0984 5108 \Device\Harddisk0\DR0:
13:22:06.0984 5108 MBR partitions:
13:22:07.0000 5108 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xCC4, BlocksNum 0x703BCBE
13:22:07.0015 5108 \Device\Harddisk1\DR1:
13:22:07.0015 5108 MBR partitions:
13:22:07.0015 5108 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
13:22:07.0015 5108 \Device\Harddisk2\DR2:
13:22:07.0015 5108 MBR partitions:
13:22:07.0015 5108 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x8185947
13:22:07.0031 5108 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x81859C5, BlocksNum 0x321FF27C
13:22:07.0031 5108 ============================================================
13:22:07.0062 5108 C: <-> \Device\Harddisk2\DR2\Partition0
13:22:07.0078 5108 H: <-> \Device\Harddisk1\DR1\Partition0
13:22:07.0109 5108 E: <-> \Device\Harddisk0\DR0\Partition0
13:22:07.0125 5108 D: <-> \Device\Harddisk2\DR2\Partition1
13:22:07.0125 5108 ============================================================
13:22:07.0125 5108 Initialize success
13:22:07.0125 5108 ============================================================
13:22:09.0937 4380 ============================================================
13:22:09.0937 4380 Scan started
13:22:09.0937 4380 Mode: Manual;
13:22:09.0937 4380 ============================================================
13:22:10.0250 4380 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
13:22:10.0250 4380 !SASCORE - ok
13:22:10.0343 4380 Abiosdsk - ok
13:22:10.0343 4380 abp480n5 - ok
13:22:10.0406 4380 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:22:10.0406 4380 ACPI - ok
13:22:10.0437 4380 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
13:22:10.0453 4380 ACPIEC - ok
13:22:10.0500 4380 ADIHdAudAddService (23f78687cbf3972704650a799420bfa8) C:\WINDOWS\system32\drivers\ADIHdAud.sys
13:22:10.0515 4380 ADIHdAudAddService - ok
13:22:10.0562 4380 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:22:10.0562 4380 AdobeFlashPlayerUpdateSvc - ok
13:22:10.0578 4380 adpu160m - ok
13:22:10.0593 4380 AEADIFilters (4dc6b0772d1698f04fc79053a21c8260) C:\WINDOWS\system32\AEADISRV.EXE
13:22:10.0593 4380 AEADIFilters - ok
13:22:10.0609 4380 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
13:22:10.0625 4380 aec - ok
13:22:10.0640 4380 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
13:22:10.0656 4380 AFD - ok
13:22:10.0656 4380 Aha154x - ok
13:22:10.0671 4380 aic78u2 - ok
13:22:10.0687 4380 aic78xx - ok
13:22:10.0718 4380 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
13:22:10.0718 4380 ALG - ok
13:22:10.0734 4380 ALIEHCD (c4591fbadbe5244494c53dcebf217bb6) C:\WINDOWS\system32\Drivers\ALIEHCI.sys
13:22:10.0734 4380 ALIEHCD - ok
13:22:10.0750 4380 alihub (96dc7e3935bbfd4ee530151b72f9aa67) C:\WINDOWS\system32\DRIVERS\AliHub.sys
13:22:10.0750 4380 alihub - ok
13:22:10.0765 4380 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
13:22:10.0781 4380 AliIde - ok
13:22:10.0781 4380 aliroothub (8eb99ddd9217ea82f8b0a5a43b032781) C:\WINDOWS\system32\DRIVERS\AliRtHub.sys
13:22:10.0781 4380 aliroothub - ok
13:22:10.0843 4380 ALSysIO - ok
13:22:10.0875 4380 AmdK8 (99bd5596b5d06c2ead3cecc6f11999f5) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
13:22:10.0875 4380 AmdK8 - ok
13:22:10.0890 4380 amsint - ok
13:22:10.0953 4380 AntiLog32 (306fc4d34e68b5ea31f7d3cb6e0eacc2) C:\Program Files\AntiLogger\AntiLog32.sys
13:22:10.0953 4380 AntiLog32 - ok
13:22:10.0968 4380 ApfiltrService (b21fcbc58cb13bac70f74b5ac5da7409) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
13:22:10.0984 4380 ApfiltrService - ok
13:22:11.0015 4380 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
13:22:11.0015 4380 AppMgmt - ok
13:22:11.0046 4380 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
13:22:11.0046 4380 Arp1394 - ok
13:22:11.0046 4380 asc - ok
13:22:11.0062 4380 asc3350p - ok
13:22:11.0078 4380 asc3550 - ok
13:22:11.0156 4380 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:22:11.0156 4380 aspnet_state - ok
13:22:11.0187 4380 asusgsb (d320732bcf5ff856120bd06855c66867) C:\WINDOWS\system32\drivers\asusgsb.sys
13:22:11.0187 4380 asusgsb - ok
13:22:11.0218 4380 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:22:11.0218 4380 AsyncMac - ok
13:22:11.0250 4380 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
13:22:11.0265 4380 atapi - ok
13:22:11.0296 4380 Atdisk - ok
13:22:11.0296 4380 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:22:11.0296 4380 Atmarpc - ok
13:22:11.0328 4380 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
13:22:11.0328 4380 AudioSrv - ok
13:22:11.0359 4380 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
13:22:11.0359 4380 audstub - ok
13:22:11.0406 4380 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
13:22:11.0406 4380 Beep - ok
13:22:11.0578 4380 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120413.001\BHDrvx86.sys
13:22:11.0578 4380 BHDrvx86 - ok
13:22:11.0625 4380 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
13:22:11.0640 4380 BITS - ok
13:22:11.0703 4380 catchme - ok
13:22:11.0718 4380 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
13:22:11.0718 4380 cbidf2k - ok
13:22:11.0796 4380 cbVSCService (ed5411a69c5bac78d245c893af64352a) C:\Program Files\Cobian Backup 10\cbVSCService.exe
13:22:11.0796 4380 cbVSCService - ok
13:22:11.0828 4380 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:22:11.0828 4380 CCDECODE - ok
13:22:11.0906 4380 ccSet_NAV (599e7f6259a127c174c49938d2aa6a60) C:\WINDOWS\system32\drivers\NAV\1307000.009\ccSetx86.sys
13:22:11.0906 4380 ccSet_NAV - ok
13:22:11.0921 4380 cd20xrnt - ok
13:22:11.0953 4380 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
13:22:11.0953 4380 Cdaudio - ok
13:22:11.0968 4380 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
13:22:11.0968 4380 Cdfs - ok
13:22:12.0000 4380 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:22:12.0000 4380 Cdrom - ok
13:22:12.0015 4380 Changer - ok
13:22:12.0046 4380 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
13:22:12.0046 4380 CiSvc - ok
13:22:12.0078 4380 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
13:22:12.0078 4380 ClipSrv - ok
13:22:12.0156 4380 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:22:12.0156 4380 clr_optimization_v2.0.50727_32 - ok
13:22:12.0203 4380 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:22:12.0203 4380 clr_optimization_v4.0.30319_32 - ok
13:22:12.0328 4380 cmdAgent (907324001ae25ac5959c91eaa34cabae) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
13:22:12.0359 4380 cmdAgent - ok
13:22:12.0453 4380 cmdGuard (bee235831f8e3f0baaca18b39d285cf5) C:\WINDOWS\system32\DRIVERS\cmdguard.sys
13:22:12.0468 4380 cmdGuard - ok
13:22:12.0500 4380 cmdHlp (de548946f36cab62fec2e6aa0149a619) C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
13:22:12.0500 4380 cmdHlp - ok
13:22:12.0500 4380 CmdIde - ok
13:22:12.0515 4380 COMSysApp - ok
13:22:12.0546 4380 Cpqarray - ok
13:22:12.0578 4380 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
13:22:12.0578 4380 CryptSvc - ok
13:22:12.0578 4380 dac2w2k - ok
13:22:12.0593 4380 dac960nt - ok
13:22:12.0640 4380 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
13:22:12.0656 4380 DcomLaunch - ok
13:22:12.0687 4380 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
13:22:12.0687 4380 Dhcp - ok
13:22:12.0734 4380 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
13:22:12.0734 4380 Disk - ok
13:22:12.0750 4380 dmadmin - ok
13:22:12.0781 4380 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
13:22:12.0796 4380 dmboot - ok
13:22:12.0812 4380 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
13:22:12.0812 4380 dmio - ok
13:22:12.0875 4380 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
13:22:12.0875 4380 dmload - ok
13:22:12.0906 4380 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
13:22:12.0906 4380 dmserver - ok
13:22:12.0937 4380 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
13:22:12.0937 4380 DMusic - ok
13:22:12.0968 4380 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
13:22:12.0968 4380 Dnscache - ok
13:22:13.0000 4380 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
13:22:13.0000 4380 Dot3svc - ok
13:22:13.0015 4380 dpti2o - ok
13:22:13.0125 4380 DriveClone Network Client IBP (3058482e48d268a2606bff9b7ff5be08) C:\Program Files\FarStone\RestoreIT 7\IBP\fsloader.exe
13:22:13.0125 4380 DriveClone Network Client IBP - ok
13:22:13.0140 4380 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
13:22:13.0140 4380 drmkaud - ok
13:22:13.0187 4380 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
13:22:13.0187 4380 dtsoftbus01 - ok
13:22:13.0218 4380 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
13:22:13.0218 4380 EapHost - ok
13:22:13.0265 4380 EaseUS Agent (64585b1d85ff7566b99ced303a02f357) C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
13:22:13.0265 4380 EaseUS Agent - ok
13:22:13.0312 4380 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
13:22:13.0328 4380 eeCtrl - ok
13:22:13.0343 4380 EIO (0daf3544804650526751c478aeccce63) C:\WINDOWS\system32\drivers\EIO.sys
13:22:13.0343 4380 EIO - ok
13:22:13.0359 4380 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:22:13.0375 4380 EraserUtilRebootDrv - ok
13:22:13.0390 4380 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
13:22:13.0390 4380 ERSvc - ok
13:22:13.0453 4380 EUBAKUP (40f272bc66a4692c4e5a07008b3c428d) C:\WINDOWS\system32\drivers\eubakup.sys
13:22:13.0453 4380 EUBAKUP - ok
13:22:13.0453 4380 EUBKMON (d6dd9e76f2d084292d3a032aa7ce9aec) C:\WINDOWS\system32\drivers\EUBKMON.sys
13:22:13.0468 4380 EUBKMON - ok
13:22:13.0484 4380 EUDSKACS (b5a6d8ffb1be1ea333c96f8788c6a909) C:\WINDOWS\system32\drivers\eudskacs.sys
13:22:13.0500 4380 EUDSKACS - ok
13:22:13.0515 4380 EUFDDISK (a67bf5bb59c6c15fab47c771dbe00c20) C:\WINDOWS\system32\drivers\EuFdDisk.sys
13:22:13.0515 4380 EUFDDISK - ok
13:22:13.0546 4380 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
13:22:13.0562 4380 Eventlog - ok
13:22:13.0578 4380 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\System32\es.dll
13:22:13.0578 4380 EventSystem - ok
13:22:13.0625 4380 FARMNTIO (5d4bf387faed15e832d5b575478a500c) c:\windows\system32\drivers\farmntio.sys
13:22:13.0625 4380 FARMNTIO - ok
13:22:13.0671 4380 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
13:22:13.0671 4380 Fastfat - ok
13:22:13.0703 4380 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
13:22:13.0703 4380 FastUserSwitchingCompatibility - ok
13:22:13.0734 4380 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
13:22:13.0734 4380 Fdc - ok
13:22:13.0750 4380 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
13:22:13.0750 4380 Fips - ok
13:22:13.0781 4380 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:22:13.0781 4380 Flpydisk - ok
13:22:13.0796 4380 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
13:22:13.0796 4380 FltMgr - ok
13:22:13.0890 4380 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:22:13.0890 4380 FontCache3.0.0.0 - ok
13:22:13.0921 4380 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:22:13.0921 4380 Fs_Rec - ok
13:22:13.0937 4380 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:22:13.0937 4380 Ftdisk - ok
13:22:13.0968 4380 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
13:22:13.0968 4380 gameenum - ok
13:22:13.0984 4380 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:22:13.0984 4380 Gpc - ok
13:22:14.0078 4380 Guard Agent (a6a4223573cfcf87843cfcb3a9c237c7) C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe
13:22:14.0078 4380 Guard Agent - ok
13:22:14.0125 4380 HCDisk (1f6ddb5a612edc26c4c792c8947dd3e6) C:\WINDOWS\system32\drivers\HCDisk.sys
13:22:14.0140 4380 HCDisk - ok
13:22:14.0187 4380 HdAudAddService (f58d2900c66a1e773e3375098e0e9337) C:\WINDOWS\system32\drivers\HdAudio.sys
13:22:14.0187 4380 HdAudAddService - ok
13:22:14.0234 4380 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:22:14.0234 4380 HDAudBus - ok
13:22:14.0312 4380 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:22:14.0312 4380 helpsvc - ok
13:22:14.0343 4380 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
13:22:14.0343 4380 HidServ - ok
13:22:14.0375 4380 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:22:14.0375 4380 HidUsb - ok
13:22:14.0406 4380 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
13:22:14.0406 4380 hkmsvc - ok
13:22:14.0421 4380 hpn - ok
13:22:14.0453 4380 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
13:22:14.0468 4380 HTTP - ok
13:22:14.0484 4380 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
13:22:14.0484 4380 HTTPFilter - ok
13:22:14.0500 4380 i2omgmt - ok
13:22:14.0515 4380 i2omp - ok
13:22:14.0531 4380 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:22:14.0546 4380 i8042prt - ok
13:22:14.0593 4380 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:22:14.0593 4380 IDriverT - ok
13:22:16.0062 4380 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:22:16.0078 4380 idsvc - ok
13:22:16.0421 4380 IDSxpx86 (cfbc1ce72e5353d428704659199147b1) C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120427.001\IDSxpx86.sys
13:22:16.0437 4380 IDSxpx86 - ok
13:22:16.0703 4380 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
13:22:16.0703 4380 Imapi - ok
13:22:16.0812 4380 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
13:22:16.0812 4380 ImapiService - ok
13:22:16.0828 4380 ini910u - ok
13:22:16.0921 4380 Inspect (f89849cf13805ef49da64a8a63193af7) C:\WINDOWS\system32\DRIVERS\inspect.sys
13:22:16.0937 4380 Inspect - ok
13:22:16.0953 4380 IntelIde - ok
13:22:17.0000 4380 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
13:22:17.0000 4380 ip6fw - ok
13:22:17.0031 4380 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:22:17.0031 4380 IpFilterDriver - ok
13:22:17.0046 4380 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:22:17.0062 4380 IpInIp - ok
13:22:17.0140 4380 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:22:17.0140 4380 IpNat - ok
13:22:17.0203 4380 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:22:17.0203 4380 IPSec - ok
13:22:17.0250 4380 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
13:22:17.0250 4380 IRENUM - ok
13:22:17.0265 4380 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:22:17.0265 4380 isapnp - ok
13:22:17.0453 4380 JavaQuickStarterService (8c5c59e1921eca3607390a1f641556df) C:\Program Files\Java\jre7\bin\jqs.exe
13:22:17.0453 4380 JavaQuickStarterService - ok
13:22:17.0500 4380 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:22:17.0500 4380 Kbdclass - ok
13:22:17.0562 4380 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:22:17.0562 4380 kbdhid - ok
13:22:17.0640 4380 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
13:22:17.0640 4380 kmixer - ok
13:22:17.0703 4380 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
13:22:17.0703 4380 KSecDD - ok
13:22:17.0750 4380 L8042Kbd (3c342af6b920d37fd9155877af2b4b4e) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
13:22:17.0750 4380 L8042Kbd - ok
13:22:17.0781 4380 lbrtfdc - ok
13:22:17.0812 4380 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
13:22:17.0812 4380 LmHosts - ok
13:22:18.0031 4380 m5288 (485ed377977dc9661626aaab614504cf) C:\WINDOWS\system32\DRIVERS\m5288.sys
13:22:18.0031 4380 m5288 - ok
13:22:18.0093 4380 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
13:22:18.0093 4380 mnmdd - ok
13:22:18.0140 4380 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\System32\mnmsrvc.exe
13:22:18.0140 4380 mnmsrvc - ok
13:22:18.0296 4380 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
13:22:18.0296 4380 Modem - ok
13:22:18.0359 4380 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:22:18.0359 4380 Mouclass - ok
13:22:18.0375 4380 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
13:22:18.0375 4380 MountMgr - ok
13:22:18.0484 4380 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:22:18.0484 4380 MozillaMaintenance - ok
13:22:18.0500 4380 mraid35x - ok
13:22:18.0593 4380 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:22:18.0593 4380 MRxDAV - ok
13:22:18.0609 4380 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\System32\msdtc.exe
13:22:18.0609 4380 MSDTC - ok
13:22:18.0640 4380 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
13:22:18.0640 4380 Msfs - ok
13:22:18.0656 4380 MSIServer - ok
13:22:18.0671 4380 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:22:18.0671 4380 MSKSSRV - ok
13:22:18.0687 4380 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:22:18.0687 4380 MSPCLOCK - ok
13:22:18.0703 4380 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
13:22:18.0703 4380 MSPQM - ok
13:22:18.0734 4380 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:22:18.0734 4380 mssmbios - ok
13:22:18.0750 4380 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
13:22:18.0750 4380 MSTEE - ok
13:22:18.0781 4380 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
13:22:18.0781 4380 ms_mpu401 - ok
13:22:18.0812 4380 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
13:22:18.0812 4380 MTsensor - ok
13:22:18.0921 4380 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
13:22:18.0921 4380 Mup - ok
13:22:18.0968 4380 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:22:18.0968 4380 NABTSFEC - ok
13:22:19.0203 4380 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
13:22:19.0203 4380 napagent - ok
13:22:19.0406 4380 NAV (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe
13:22:19.0406 4380 NAV - ok
13:22:19.0593 4380 NAVENG (862f55824ac81295837b0ab63f91071f) C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120428.016\NAVENG.SYS
13:22:19.0609 4380 NAVENG - ok
13:22:20.0000 4380 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120428.016\NAVEX15.SYS
13:22:20.0062 4380 NAVEX15 - ok
13:22:20.0421 4380 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
13:22:20.0421 4380 NDIS - ok
13:22:20.0468 4380 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:22:20.0468 4380 NdisIP - ok
13:22:20.0531 4380 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:22:20.0531 4380 NdisTapi - ok
13:22:20.0546 4380 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:22:20.0546 4380 Ndisuio - ok
13:22:20.0640 4380 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:22:20.0656 4380 NdisWan - ok
13:22:20.0765 4380 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
13:22:20.0765 4380 NDProxy - ok
13:22:21.0078 4380 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
13:22:21.0078 4380 NetBT - ok
13:22:21.0140 4380 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
13:22:21.0140 4380 NetDDE - ok
13:22:21.0156 4380 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
13:22:21.0156 4380 NetDDEdsdm - ok
13:22:21.0234 4380 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
13:22:21.0250 4380 Netman - ok
13:22:21.0390 4380 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:22:21.0390 4380 NetTcpPortSharing - ok
13:22:21.0421 4380 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
13:22:21.0437 4380 NIC1394 - ok
13:22:21.0531 4380 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
13:22:21.0531 4380 Nla - ok
13:22:21.0578 4380 nmwcd (cfe3462a9e94a57dcd9676f6b7fe7f67) C:\WINDOWS\system32\drivers\ccdcmb.sys
13:22:21.0578 4380 nmwcd - ok
13:22:21.0640 4380 nmwcdc (8f2a94f991f8c73cec26b4b5620d1edc) C:\WINDOWS\system32\drivers\ccdcmbo.sys
13:22:21.0640 4380 nmwcdc - ok
13:22:21.0687 4380 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
13:22:21.0687 4380 Npfs - ok
13:22:22.0312 4380 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
13:22:22.0312 4380 Ntfs - ok
13:22:22.0765 4380 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
13:22:22.0765 4380 NtmsSvc - ok
13:22:22.0843 4380 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
13:22:22.0843 4380 Null - ok
13:22:24.0359 4380 nv (062c16f3364c7706713282163586988e) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:22:24.0500 4380 nv - ok
13:22:24.0609 4380 NVSvc (b2f5ac506c9b1103827b62ba18a2c514) C:\WINDOWS\system32\nvsvc32.exe
13:22:24.0609 4380 NVSvc - ok
13:22:24.0734 4380 nvUpdatusService (844a25c9e3076edef2b12e0beded755d) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:22:24.0812 4380 nvUpdatusService - ok
13:22:24.0875 4380 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:22:24.0875 4380 NwlnkFlt - ok
13:22:24.0906 4380 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:22:24.0906 4380 NwlnkFwd - ok
13:22:24.0953 4380 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
13:22:24.0953 4380 ohci1394 - ok
13:22:24.0984 4380 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
13:22:24.0984 4380 Parport - ok
13:22:25.0000 4380 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
13:22:25.0000 4380 PartMgr - ok
13:22:25.0015 4380 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
13:22:25.0015 4380 ParVdm - ok
13:22:25.0046 4380 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
13:22:25.0046 4380 pccsmcfd - ok
13:22:25.0062 4380 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
13:22:25.0062 4380 PCI - ok
13:22:25.0078 4380 PCIDump - ok
13:22:25.0093 4380 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
13:22:25.0093 4380 PCIIde - ok
13:22:25.0125 4380 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
13:22:25.0125 4380 Pcmcia - ok
13:22:25.0140 4380 PDCOMP - ok
13:22:25.0156 4380 PDFRAME - ok
13:22:25.0171 4380 PDRELI - ok
13:22:25.0187 4380 PDRFRAME - ok
13:22:25.0187 4380 perc2 - ok
13:22:25.0203 4380 perc2hib - ok
13:22:25.0265 4380 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
13:22:25.0281 4380 PlugPlay - ok
13:22:25.0296 4380 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
13:22:25.0296 4380 PolicyAgent - ok
13:22:25.0312 4380 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:22:25.0312 4380 PptpMiniport - ok
13:22:25.0343 4380 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
13:22:25.0343 4380 Processor - ok
13:22:25.0359 4380 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
13:22:25.0359 4380 ProtectedStorage - ok
13:22:25.0375 4380 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:22:25.0375 4380 Ptilink - ok
13:22:25.0390 4380 ql1080 - ok
13:22:25.0406 4380 Ql10wnt - ok
13:22:25.0421 4380 ql12160 - ok
13:22:25.0437 4380 ql1240 - ok
13:22:25.0437 4380 ql1280 - ok
13:22:25.0453 4380 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:22:25.0468 4380 RasAcd - ok
13:22:25.0484 4380 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
13:22:25.0484 4380 RasAuto - ok
13:22:25.0515 4380 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:22:25.0515 4380 Rasl2tp - ok
13:22:25.0546 4380 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
13:22:25.0546 4380 RasMan - ok
13:22:25.0562 4380 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:22:25.0562 4380 RasPppoe - ok
13:22:25.0578 4380 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
13:22:25.0578 4380 Raspti - ok
13:22:25.0593 4380 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:22:25.0593 4380 RDPCDD - ok
13:22:25.0625 4380 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:22:25.0625 4380 rdpdr - ok
13:22:25.0671 4380 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
13:22:25.0671 4380 RDPWD - ok
13:22:25.0703 4380 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
13:22:25.0703 4380 RDSessMgr - ok
13:22:25.0734 4380 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
13:22:25.0734 4380 redbook - ok
13:22:25.0765 4380 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
13:22:25.0765 4380 RemoteAccess - ok
13:22:25.0781 4380 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
13:22:25.0781 4380 RemoteRegistry - ok
13:22:25.0828 4380 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\System32\rpcss.dll
13:22:25.0828 4380 RpcSs - ok
13:22:25.0859 4380 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\System32\rsvp.exe
13:22:25.0875 4380 RSVP - ok
13:22:25.0890 4380 RTL8023xp (f7a8c9024e82534cec50613d87e88645) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
13:22:25.0890 4380 RTL8023xp - ok
13:22:25.0906 4380 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
13:22:25.0906 4380 rtl8139 - ok
13:22:25.0953 4380 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
13:22:25.0953 4380 SamSs - ok
13:22:26.0031 4380 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
13:22:26.0031 4380 SASDIFSV - ok
13:22:26.0046 4380 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
13:22:26.0062 4380 SASKUTIL - ok
13:22:26.0093 4380 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
13:22:26.0093 4380 SCardSvr - ok
13:22:26.0125 4380 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
13:22:26.0125 4380 Schedule - ok
13:22:26.0156 4380 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:22:26.0156 4380 Secdrv - ok
13:22:26.0187 4380 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
13:22:26.0187 4380 seclogon - ok
13:22:26.0234 4380 SenFiltService (eca77beeb2be8d573cf1b265e44fbfbd) C:\WINDOWS\system32\drivers\Senfilt.sys
13:22:26.0234 4380 SenFiltService - ok
13:22:26.0265 4380 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
13:22:26.0265 4380 SENS - ok
13:22:26.0312 4380 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
13:22:26.0312 4380 serenum - ok
13:22:26.0328 4380 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
13:22:26.0328 4380 Serial - ok
13:22:26.0375 4380 ServiceLayer (8c1f87f5fdd92229d1754b98f073913f) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
13:22:26.0390 4380 ServiceLayer - ok
13:22:26.0453 4380 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
13:22:26.0453 4380 Sfloppy - ok
13:22:26.0515 4380 SgtSch2Svc (8cb1b48f6f1e1e6375301808ff2be49f) C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
13:22:26.0515 4380 SgtSch2Svc - ok
13:22:26.0546 4380 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
13:22:26.0562 4380 SharedAccess - ok
13:22:26.0578 4380 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
13:22:26.0578 4380 ShellHWDetection - ok
13:22:26.0593 4380 Simbad - ok
13:22:26.0625 4380 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
13:22:26.0625 4380 SkypeUpdate - ok
13:22:26.0671 4380 SLEE_17_DRIVER (eaca11d07d7e74d72b913089b75b1416) C:\WINDOWS\system32\drivers\Sleen17.sys
13:22:26.0671 4380 SLEE_17_DRIVER - ok
13:22:26.0671 4380 slicedisk.sys - ok
13:22:26.0703 4380 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:22:26.0703 4380 SLIP - ok
13:22:26.0750 4380 snapman (85bada660d57bc5aef52b11cabd6d8f9) C:\WINDOWS\system32\DRIVERS\snapman.sys
13:22:26.0750 4380 snapman - ok
13:22:26.0765 4380 Sparrow - ok
13:22:26.0796 4380 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
13:22:26.0796 4380 splitter - ok
13:22:26.0828 4380 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
13:22:26.0828 4380 Spooler - ok
13:22:26.0875 4380 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
13:22:26.0875 4380 sr - ok
13:22:26.0890 4380 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
13:22:26.0906 4380 srservice - ok
13:22:27.0000 4380 SRTSP (9dd258ee034afd36259cb7357e19d0b1) C:\WINDOWS\System32\Drivers\NAV\1307000.009\SRTSP.SYS
13:22:27.0000 4380 SRTSP - ok
13:22:27.0015 4380 SRTSPX (0cc3a10f363436c7b478419eb73f8d91) C:\WINDOWS\system32\drivers\NAV\1307000.009\SRTSPX.SYS
13:22:27.0015 4380 SRTSPX - ok
13:22:27.0046 4380 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
13:22:27.0046 4380 SSDPSRV - ok
13:22:27.0078 4380 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
13:22:27.0078 4380 stisvc - ok
13:22:27.0218 4380 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:22:27.0218 4380 streamip - ok
13:22:27.0390 4380 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
13:22:27.0406 4380 swenum - ok
13:22:27.0421 4380 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
13:22:27.0437 4380 swmidi - ok
13:22:27.0437 4380 SwPrv - ok
13:22:27.0468 4380 symc810 - ok
13:22:27.0468 4380 symc8xx - ok
13:22:27.0531 4380 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\WINDOWS\system32\drivers\NAV\1307000.009\SYMDS.SYS
13:22:27.0531 4380 SymDS - ok
13:22:27.0593 4380 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\WINDOWS\system32\drivers\NAV\1307000.009\SYMEFA.SYS
13:22:27.0593 4380 SymEFA - ok
13:22:27.0640 4380 SymEvent (555fb450fe6908600310e990738b41d6) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
13:22:27.0640 4380 SymEvent - ok
13:22:27.0671 4380 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\WINDOWS\system32\drivers\NAV\1307000.009\Ironx86.SYS
13:22:27.0671 4380 SymIRON - ok
13:22:27.0703 4380 SYMTDI (508bd882040f9cb12319e3a4fc78edb9) C:\WINDOWS\System32\Drivers\NAV\1307000.009\SYMTDI.SYS
13:22:27.0703 4380 SYMTDI - ok
13:22:27.0718 4380 sym_hi - ok
13:22:27.0734 4380 sym_u3 - ok
13:22:27.0765 4380 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
13:22:27.0765 4380 sysaudio - ok
13:22:27.0796 4380 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
13:22:27.0796 4380 SysmonLog - ok
13:22:27.0828 4380 tap0901 (98a1e6bc9f766b0b0a5bf00af847ef20) C:\WINDOWS\system32\DRIVERS\tap0901.sys
13:22:27.0828 4380 tap0901 - ok
13:22:27.0859 4380 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\WINDOWS\system32\DRIVERS\taphss.sys
13:22:27.0859 4380 taphss - ok
13:22:27.0890 4380 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
13:22:27.0890 4380 TapiSrv - ok
13:22:27.0906 4380 tapoas (827c8058c284ff0013e4462efe2591a3) C:\WINDOWS\system32\DRIVERS\tapoas.sys
13:22:27.0906 4380 tapoas - ok
13:22:27.0953 4380 Tcpip (cbeebeb899e31ef52b962cb31fc8ca5c) C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:22:27.0953 4380 Tcpip - ok
13:22:27.0984 4380 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
13:22:27.0984 4380 TDPIPE - ok
13:22:28.0031 4380 tdrpman (3b7b6779eb231f731bba8f9fe67aadfc) C:\WINDOWS\system32\DRIVERS\tdrpman.sys
13:22:28.0031 4380 tdrpman - ok
13:22:28.0062 4380 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
13:22:28.0062 4380 TDTCP - ok
13:22:28.0078 4380 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
13:22:28.0078 4380 TermDD - ok
13:22:28.0125 4380 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
13:22:28.0125 4380 TermService - ok
13:22:28.0421 4380 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
13:22:28.0421 4380 Themes - ok
13:22:28.0453 4380 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
13:22:28.0453 4380 tifsfilter - ok
13:22:28.0531 4380 timounter (a34d7024bb7140ec785c86bc065d4f60) C:\WINDOWS\system32\DRIVERS\timntr.sys
13:22:28.0531 4380 timounter - ok
13:22:28.0562 4380 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\System32\tlntsvr.exe
13:22:28.0562 4380 TlntSvr - ok
13:22:28.0578 4380 TosIde - ok
13:22:28.0609 4380 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
13:22:28.0609 4380 TrkWks - ok
13:22:28.0640 4380 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
13:22:28.0640 4380 Udfs - ok
13:22:28.0671 4380 UimBus (0a1822d12cf103633893caf9cae4e69d) C:\WINDOWS\system32\DRIVERS\UimBus.sys
13:22:28.0671 4380 UimBus - ok
13:22:28.0703 4380 Uim_IM (42f7398a76d279e0f63fc600920ab90c) C:\WINDOWS\system32\Drivers\Uim_IM.sys
13:22:28.0703 4380 Uim_IM - ok
13:22:28.0718 4380 Uim_Vim (48ad04132fcac71e0eec3de5fb22d66e) C:\WINDOWS\system32\Drivers\Uim_Vim.sys
13:22:28.0734 4380 Uim_Vim - ok
13:22:28.0750 4380 ultra - ok
13:22:28.0765 4380 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
13:22:28.0781 4380 Update - ok
13:22:28.0812 4380 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
13:22:28.0812 4380 upnphost - ok
13:22:28.0843 4380 upperdev (ec01da44b090d2651fc032c8b9257232) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
13:22:28.0843 4380 upperdev - ok
13:22:28.0859 4380 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
13:22:28.0875 4380 UPS - ok
13:22:28.0890 4380 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:22:28.0890 4380 usbccgp - ok
13:22:28.0921 4380 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:22:28.0921 4380 usbehci - ok
13:22:28.0953 4380 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:22:28.0953 4380 usbhub - ok
13:22:28.0968 4380 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
13:22:28.0968 4380 usbohci - ok
13:22:29.0015 4380 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:22:29.0015 4380 usbscan - ok
13:22:29.0031 4380 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
13:22:29.0031 4380 usbser - ok
13:22:29.0062 4380 UsbserFilt (4abd37cfbd710e64f01f9da8710c73f7) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
13:22:29.0062 4380 UsbserFilt - ok
13:22:29.0093 4380 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:22:29.0093 4380 usbstor - ok
13:22:29.0125 4380 VBoxNetAdp (226cd9e42be28a84ec56430fbb57224f) C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
13:22:29.0125 4380 VBoxNetAdp - ok
13:22:29.0140 4380 VBoxNetFlt - ok
13:22:29.0171 4380 VCSVADHWSer (b2abab4ca46bad182e27763dc19c780f) C:\WINDOWS\system32\DRIVERS\vcsvad.sys
13:22:29.0171 4380 VCSVADHWSer - ok
13:22:29.0203 4380 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
13:22:29.0218 4380 VgaSave - ok
13:22:29.0218 4380 ViaIde - ok
13:22:29.0234 4380 Video3D - ok
13:22:29.0328 4380 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
13:22:29.0328 4380 VolSnap - ok
13:22:29.0359 4380 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
13:22:29.0359 4380 VSS - ok
13:22:29.0390 4380 VVBackd5 (6609b7500dd575d8e0f3aff3dab2a5db) C:\WINDOWS\system32\drivers\VVBackd5.sys
13:22:29.0390 4380 VVBackd5 - ok
13:22:29.0421 4380 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
13:22:29.0421 4380 W32Time - ok
13:22:29.0468 4380 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:22:29.0468 4380 Wanarp - ok
13:22:29.0531 4380 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
13:22:29.0531 4380 Wdf01000 - ok
13:22:29.0546 4380 WDICA - ok
13:22:29.0578 4380 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
13:22:29.0578 4380 wdmaud - ok
13:22:29.0609 4380 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
13:22:29.0625 4380 WebClient - ok
13:22:29.0687 4380 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
13:22:29.0687 4380 winmgmt - ok
13:22:29.0734 4380 WmdmPmSN (6199b2ae3f9db9cb6db230471a1dc601) C:\WINDOWS\System32\mspmsnsv.dll
13:22:29.0750 4380 WmdmPmSN - ok
13:22:29.0796 4380 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
13:22:29.0796 4380 Wmi - ok
13:22:29.0843 4380 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\System32\wbem\wmiapsrv.exe
13:22:29.0859 4380 WmiApSrv - ok
13:22:29.0953 4380 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:22:29.0968 4380 WPFFontCache_v0400 - ok
13:22:30.0015 4380 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:22:30.0015 4380 WS2IFSL - ok
13:22:30.0062 4380 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
13:22:30.0062 4380 wscsvc - ok
13:22:30.0093 4380 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:22:30.0093 4380 WSTCODEC - ok
13:22:30.0109 4380 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
13:22:30.0109 4380 wuauserv - ok
13:22:30.0171 4380 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
13:22:30.0171 4380 WZCSVC - ok
13:22:30.0203 4380 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
13:22:30.0203 4380 xmlprov - ok
13:22:30.0250 4380 yukonwxp (87f126d0f8dc176b282924df0417075e) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
13:22:30.0250 4380 yukonwxp - ok
13:22:30.0312 4380 MBR (0x1B8) (c06575b18b90345ce86ab291b56db94d) \Device\Harddisk0\DR0
13:22:30.0359 4380 \Device\Harddisk0\DR0 - ok
13:22:30.0390 4380 MBR (0x1B8) (10ae9eb13951b8e206480773f877a330) \Device\Harddisk1\DR1
13:22:30.0390 4380 \Device\Harddisk1\DR1 - ok
13:22:30.0421 4380 MBR (0x1B8) (de83356bc6a0e023d03551d114adc73e) \Device\Harddisk2\DR2
13:22:30.0468 4380 \Device\Harddisk2\DR2 - ok
13:22:30.0500 4380 Boot (0x1200) (c888d988bb9f0fef3cb7f36283ce135d) \Device\Harddisk0\DR0\Partition0
13:22:30.0500 4380 \Device\Harddisk0\DR0\Partition0 - ok
13:22:30.0500 4380 Boot (0x1200) (1448eda2e10f3643549902c88c36c9d2) \Device\Harddisk1\DR1\Partition0
13:22:30.0500 4380 \Device\Harddisk1\DR1\Partition0 - ok
13:22:30.0515 4380 Boot (0x1200) (517775648974438e8574266eedf6b6ac) \Device\Harddisk2\DR2\Partition0
13:22:30.0515 4380 \Device\Harddisk2\DR2\Partition0 - ok
13:22:30.0531 4380 Boot (0x1200) (69b0278ebb080e0fac1ed5fbaf631a7a) \Device\Harddisk2\DR2\Partition1
13:22:30.0531 4380 \Device\Harddisk2\DR2\Partition1 - ok
13:22:30.0531 4380 ============================================================
13:22:30.0531 4380 Scan finished
13:22:30.0531 4380 ============================================================
13:22:30.0562 4504 Detected object count: 0
13:22:30.0562 4504 Actual detected object count: 0
Nahoru
macc
Návštěvník
Návštěvník
Příspěvky: 93
Registrován: 13 dub 2011 18:28

Re: zpomalene PC

#18 Příspěvek od macc »

po combofixu už PC vypadá lépe
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119515
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zpomalene PC

#19 Příspěvek od Rudy »

Ono mi v tom logu falíruje toto:
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST350041 rev.CC46 -> Harddisk2\DR2 -> \Device\Scsi\m52881Port2Path0Target2Lun0
.
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!
Podle toho by měl být MBR rootkit na 2. HDD, ale podle speciální utility je OK:
13:22:30.0515 4380 \Device\Harddisk2\DR2\Partition0 - ok
13:22:30.0531 4380 \Device\Harddisk2\DR2\Partition1 - ok
Poprosím ještě o jeden sken jinou utilitou. Stáhněte MBR: http://www2.gmer.net/mbr/mbr.exe a uložte na plochu. Potom start>spustit>(napsat) "%userprofile%\plocha\mbr" -t -s>OK. Log, který se objeví, sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
macc
Návštěvník
Návštěvník
Příspěvky: 93
Registrován: 13 dub 2011 18:28

Re: zpomalene PC

#20 Příspěvek od macc »

jen to probliklo na monitoru,tak snad je to celý

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST350041 rev.CC46 -> Harddisk2\DR2 -> \Device\Scsi\m52881Port2Path0Target2Lun0

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys SCSIPORT.SYS hal.dll m5288.sys
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys
C:\WINDOWS\system32\drivers\m5288.sys ULi Electronics Inc. ULi SATA Controller Driver
1 ntkrnlpa!IofCallDriver[0x804EE140] -> \Device\Harddisk2\DR2[0x8AA50030]
3 CLASSPNP[0xB8108FD7] -> ntkrnlpa!IofCallDriver[0x804EE140] -> \Device\Scsi\m52881Port2Path0Target2Lun0[0x8AA5E570]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1a; MOV DI, 0x61a; PUSH DI; MOV CX, 0x1e6; REP MOVSB ; RET ; MOV SI, 0x7a8; CMP BYTE [SI+0x6], 0x77; JZ 0x36; MOV SI, 0x7be; }
user != kernel MBR !!!
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119515
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zpomalene PC

#21 Příspěvek od Rudy »

Spusťte znovu stejným způsobem, jen s jiným parametrem:
start>spustit>(napsat) "%userprofile%\plocha\mbr" -f>OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
macc
Návštěvník
Návštěvník
Příspěvky: 93
Registrován: 13 dub 2011 18:28

Re: zpomalene PC

#22 Příspěvek od macc »

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST350041 rev.CC46 -> Harddisk2\DR2 -> \Device\Scsi\m52881Port2Path0Target2Lun0

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119515
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zpomalene PC

#23 Příspěvek od Rudy »

Ještě zkuste sken GMER: http://forum.viry.cz/viewtopic.php?f=29&t=62878 a dejte oba logy.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
macc
Návštěvník
Návštěvník
Příspěvky: 93
Registrován: 13 dub 2011 18:28

Re: zpomalene PC

#24 Příspěvek od macc »

log.1

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-05-12 21:08:28
Windows 5.1.2600 Service Pack 3 Harddisk2\DR2 -> \Device\Scsi\m52881Port2Path0Target2Lun0 ST350041 rev.CC46
Running: gmer.exe; Driver: C:\DOCUME~1\dom\LOCALS~1\Temp\pgtdypow.sys


---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk2\DR2 sector 00: rootkit-like behavior

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwEnumerateKey [0xB2424830]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwEnumerateValueKey [0xB2424A86]

---- Devices - GMER 1.0.15 ----

Device Ntfs.sys (NT File System Driver/Microsoft Corporation)

AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)

---- EOF - GMER 1.0.15 ----
Nahoru
macc
Návštěvník
Návštěvník
Příspěvky: 93
Registrován: 13 dub 2011 18:28

Re: zpomalene PC

#25 Příspěvek od macc »

log.2
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-05-12 21:17:49
Windows 5.1.2600 Service Pack 3 Harddisk2\DR2 -> \Device\Scsi\m52881Port2Path0Target2Lun0 ST350041 rev.CC46
Running: gmer.exe; Driver: C:\DOCUME~1\dom\LOCALS~1\Temp\pgtdypow.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAdjustPrivilegesToken [0xB2423824]
SSDT 89058200 ZwAlertResumeThread
SSDT 88FE30C0 ZwAlertThread
SSDT 89045F60 ZwAllocateVirtualMemory
SSDT 89012008 ZwAssignProcessToJobObject
SSDT 891DF6B8 ZwConnectPort
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwCreateFile [0xB1F0AC98]
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xB22CFD40]
SSDT 88FFB170 ZwCreateMutant
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSection [0xB2425C26]
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwCreateSymbolicLinkObject [0xB1F0B154]
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwCreateThread [0xB1F0A48E]
SSDT 890480E8 ZwDebugActiveProcess
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwDeleteKey [0xB1F0AA86]
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwDeleteValueKey [0xB1F0A958]
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwDeviceIoControlFile [0xB1F0B1F2]
SSDT 89026128 ZwDuplicateObject
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwEnumerateKey [0xB2424830]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwEnumerateValueKey [0xB2424A86]
SSDT 8902C1D0 ZwFreeVirtualMemory
SSDT 88FFB008 ZwImpersonateAnonymousToken
SSDT 89058120 ZwImpersonateThread
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwLoadDriver [0xB1F0A2C4]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwMakeTemporaryObject [0xB2423098]
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwMapViewOfSection [0xB1F0A066]
SSDT 88FFB090 ZwOpenEvent
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwOpenFile [0xB1F0AF7E]
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwOpenKey [0xB1F0AC52]
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwOpenProcess [0xB1F0A5BE]
SSDT 88FDAF48 ZwOpenProcessToken
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwOpenSection [0xB1F0A724]
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwOpenThread [0xB1F0A66E]
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwProtectVirtualMemory [0xB1F0B114]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwQueryKey [0xB2424C94]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwQueryMultipleValueKey [0xB24250E8]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwQueryValueKey [0xB2424EA6]
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwQueueApcThread [0xB1F0A54C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRenameKey [0xB24245C8]
SSDT 88FE31A0 ZwResumeThread
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwSecureConnectPort [0xB1F0B0AC]
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwSetContextThread [0xB1F09FF6]
SSDT 8902A0F0 ZwSetInformationProcess
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSecurityObject [0xB2423E76]
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwSetSystemInformation [0xB1F0A420]
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwSetValueKey [0xB1F0AB52]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwShutdownSystem [0xB2423002]
SSDT 8902B1C8 ZwSuspendProcess
SSDT 89042060 ZwSuspendThread
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSystemDebugControl [0xB242321E]
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwTerminateProcess [0xB1F0A83E]
SSDT 89042140 ZwTerminateThread
SSDT 8902A1E0 ZwUnmapViewOfSection
SSDT \??\C:\Program Files\AntiLogger\AntiLog32.sys (Zemana AntiLogger Driver/Zemana Ltd.) ZwWriteVirtualMemory [0xB1F09ED2]

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 23A8 80501BB8 12 Bytes [24, 38, 42, B2, 00, 82, 05, ...] {AND AL, 0x38; INC EDX; MOV DL, 0x0; ADD BYTE [0xfe30c089], -0x78}
.text ntkrnlpa.exe!ZwCallbackReturn + 2460 80501C70 4 Bytes [E8, 80, 04, 89]
.text ntkrnlpa.exe!ZwCallbackReturn + 2770 80501F80 12 Bytes [C8, B1, 02, 89, 60, 20, 04, ...] {ENTER 0x2b1, 0x89; PUSHA ; AND [ECX+ECX*4], AL; PUSH DS; XOR AL, [EDX-0x4e]}
? SYMDS.SYS Systém nemůže nalézt uvedený soubor. !
? SYMEFA.SYS Systém nemůže nalézt uvedený soubor. !
.text C:\WINDOWS\System32\DRIVERS\nv4_mini.sys section is writeable [0xB6AA63C0, 0x95B7EA, 0xE8000020]
? C:\DOCUME~1\dom\LOCALS~1\Temp\mbr.sys Systém nemůže nalézt uvedený soubor. !

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\AEADISRV.EXE[452] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\AEADISRV.EXE[452] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\WINDOWS\system32\AEADISRV.EXE[452] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\AEADISRV.EXE[452] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\AEADISRV.EXE[452] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\AEADISRV.EXE[452] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\AEADISRV.EXE[452] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\AEADISRV.EXE[452] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\AEADISRV.EXE[452] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\AEADISRV.EXE[452] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\AEADISRV.EXE[452] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\AEADISRV.EXE[452] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\AEADISRV.EXE[452] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\AEADISRV.EXE[452] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[476] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[476] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\WINDOWS\System32\svchost.exe[476] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[476] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[476] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[476] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[476] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[476] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[476] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[476] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[476] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[476] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[476] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[476] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[532] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[532] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[532] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[532] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[532] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[532] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[532] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[532] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[532] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[532] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[532] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[532] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[532] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[532] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre7\bin\jqs.exe[540] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre7\bin\jqs.exe[540] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\Program Files\Java\jre7\bin\jqs.exe[540] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre7\bin\jqs.exe[540] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre7\bin\jqs.exe[540] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre7\bin\jqs.exe[540] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre7\bin\jqs.exe[540] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre7\bin\jqs.exe[540] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre7\bin\jqs.exe[540] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre7\bin\jqs.exe[540] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre7\bin\jqs.exe[540] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre7\bin\jqs.exe[540] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre7\bin\jqs.exe[540] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre7\bin\jqs.exe[540] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe[712] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe[712] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe[712] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe[712] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe[712] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe[712] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe[712] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe[712] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe[712] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe[712] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe[712] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe[712] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe[712] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe[712] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[788] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[788] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\WINDOWS\Explorer.EXE[788] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[788] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[788] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[788] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[788] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[788] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[788] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[788] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[788] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[788] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[788] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[788] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cobian Backup 10\cbVSCService.exe[812] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cobian Backup 10\cbVSCService.exe[812] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\Program Files\Cobian Backup 10\cbVSCService.exe[812] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cobian Backup 10\cbVSCService.exe[812] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cobian Backup 10\cbVSCService.exe[812] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cobian Backup 10\cbVSCService.exe[812] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cobian Backup 10\cbVSCService.exe[812] KERNEL32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cobian Backup 10\cbVSCService.exe[812] KERNEL32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cobian Backup 10\cbVSCService.exe[812] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cobian Backup 10\cbVSCService.exe[812] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cobian Backup 10\cbVSCService.exe[812] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cobian Backup 10\cbVSCService.exe[812] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cobian Backup 10\cbVSCService.exe[812] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cobian Backup 10\cbVSCService.exe[812] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\csrss.exe[884] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 10001450 C:\WINDOWS\system32\cmdcsr.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\csrss.exe[884] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 100017F0 C:\WINDOWS\system32\cmdcsr.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\nvsvc32.exe[936] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\nvsvc32.exe[936] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\WINDOWS\system32\nvsvc32.exe[936] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\nvsvc32.exe[936] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\nvsvc32.exe[936] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\nvsvc32.exe[936] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\nvsvc32.exe[936] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\nvsvc32.exe[936] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\nvsvc32.exe[936] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\nvsvc32.exe[936] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\nvsvc32.exe[936] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\nvsvc32.exe[936] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\nvsvc32.exe[936] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\nvsvc32.exe[936] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1100] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1100] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\WINDOWS\System32\svchost.exe[1100] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1100] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1100] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1100] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1100] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1100] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1100] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1100] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1100] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1100] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1100] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1100] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1132] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1132] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\WINDOWS\system32\services.exe[1132] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1132] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1132] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1132] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1132] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1132] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1132] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1132] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1132] RPCRT4.dll!RpcServerRegisterIfEx 77E8CD53 5 Bytes JMP 1001F060 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1132] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1132] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1132] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1132] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1144] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1144] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\WINDOWS\system32\lsass.exe[1144] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1144] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1144] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1144] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1144] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1144] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1144] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1144] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1144] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1144] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1144] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1144] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1344] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1344] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1344] RPCRT4.dll!RpcServerRegisterIfEx 77E8CD53 5 Bytes JMP 1001F060 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1344] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1344] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1344] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1344] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\fsloader.exe[1400] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\fsloader.exe[1400] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\Program Files\FarStone\RestoreIT 7\IBP\fsloader.exe[1400] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\fsloader.exe[1400] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\fsloader.exe[1400] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\fsloader.exe[1400] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\fsloader.exe[1400] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\fsloader.exe[1400] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\fsloader.exe[1400] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\fsloader.exe[1400] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\fsloader.exe[1400] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\fsloader.exe[1400] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\fsloader.exe[1400] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\fsloader.exe[1400] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1452] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1452] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\WINDOWS\system32\svchost.exe[1452] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1452] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1452] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1452] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1452] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1452] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1452] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1452] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1452] RPCRT4.dll!RpcServerRegisterIfEx 77E8CD53 5 Bytes JMP 1001F060 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1452] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1452] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1452] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1452] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1452] rpcss.dll!WhichService 76A74234 8 Bytes JMP ED501001
.text C:\Program Files\FarStone\RestoreIT 7\IBP\VBPTask.exe[1564] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 009BD080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\VBPTask.exe[1564] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [0B, 84]
.text C:\Program Files\FarStone\RestoreIT 7\IBP\VBPTask.exe[1564] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 009CBB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\VBPTask.exe[1564] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 009CB860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\VBPTask.exe[1564] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 009C7DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\VBPTask.exe[1564] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 009BD1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\VBPTask.exe[1564] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 009C4F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\VBPTask.exe[1564] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 009C5AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\VBPTask.exe[1564] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 009C8BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\VBPTask.exe[1564] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 009C8990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\VBPTask.exe[1564] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 009C9CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\VBPTask.exe[1564] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 009C9BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\VBPTask.exe[1564] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 009C3A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\FarStone\RestoreIT 7\IBP\VBPTask.exe[1564] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 009C4390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe[1584] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe[1584] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe[1584] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe[1584] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe[1584] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe[1584] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe[1584] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe[1584] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe[1584] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe[1584] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe[1584] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe[1584] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe[1584] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe[1584] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1592] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 00533F00 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1592] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 0054D9A0 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1648] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1648] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\WINDOWS\system32\svchost.exe[1648] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1648] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1648] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1648] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1648] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1648] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1648] RPCRT4.dll!RpcServerRegisterIfEx 77E8CD53 5 Bytes JMP 1001F060 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1648] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1648] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1648] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1648] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe[1720] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe[1720] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe[1720] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe[1720] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe[1720] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe[1720] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe[1720] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe[1720] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe[1720] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe[1720] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe[1720] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe[1720] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe[1720] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe[1720] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1740] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1740] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\WINDOWS\System32\svchost.exe[1740] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1740] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1740] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1740] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1740] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1740] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1740] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1740] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1740] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1740] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1740] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\svchost.exe[1740] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1876] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1876] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\WINDOWS\system32\svchost.exe[1876] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1876] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1876] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1876] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1876] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1876] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1876] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1876] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1876] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1876] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1876] GDI32.dll!
Nahoru
macc
Návštěvník
Návštěvník
Příspěvky: 93
Registrován: 13 dub 2011 18:28

Re: zpomalene PC

#26 Příspěvek od macc »

CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1876] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[1996] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[1996] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\WINDOWS\system32\spoolsv.exe[1996] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[1996] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[1996] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[1996] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[1996] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[1996] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[1996] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[1996] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[1996] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[1996] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[1996] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[1996] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2044] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2044] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2044] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2044] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2044] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2044] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2044] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2044] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2044] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2044] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2044] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2044] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2044] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2044] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[2072] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[2072] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[2072] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[2072] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[2072] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[2072] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[2072] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[2072] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[2072] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[2072] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[2072] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[2072] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[2072] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Norton AntiVirus\Engine\19.7.0.9\ccSvcHst.exe[2072] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 0077FC60 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apoint.exe[2156] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apoint.exe[2156] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\Program Files\Apoint\Apoint.exe[2156] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apoint.exe[2156] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apoint.exe[2156] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apoint.exe[2156] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apoint.exe[2156] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apoint.exe[2156] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apoint.exe[2156] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apoint.exe[2156] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apoint.exe[2156] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apoint.exe[2156] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apoint.exe[2156] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apoint.exe[2156] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002ADA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002AD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002AE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002AE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002ADC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002A430 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002AD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002AD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002A3E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002AD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002AD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002ADE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 7 Bytes JMP 1002A6F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002A480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 1002ACE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002AC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002A9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002AC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002AC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002AA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002ACC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002AA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002AA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002AA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002AC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002AAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002AB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002AC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002AB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002ABE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002ABC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002AAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002AA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002AB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002AB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002AAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002AB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!CopyFileExA 7C85F39C 1 Byte [E9]
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002ABA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002A9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002ACA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 1002A940 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 1002A960 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 1002A9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 1002A980 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] WS2_32.dll!WSASocketW 71A9404E 2 Bytes JMP 1002A8C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Opera\opera.exe[2216] WS2_32.dll!WSASocketW + 3 71A94051 4 Bytes [59, 9E, CC, CC] {POP ECX; SAHF ; INT 3 ; INT 3 }
.text C:\Program Files\Opera\opera.exe[2216] WS2_32.dll!WSASocketA 71A98B6A 5 Bytes JMP 1002A8E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\ApMsgFwd.exe[2264] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\ApMsgFwd.exe[2264] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\Program Files\Apoint\ApMsgFwd.exe[2264] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\ApMsgFwd.exe[2264] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\ApMsgFwd.exe[2264] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\ApMsgFwd.exe[2264] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\ApMsgFwd.exe[2264] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\ApMsgFwd.exe[2264] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\ApMsgFwd.exe[2264] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\ApMsgFwd.exe[2264] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\ApMsgFwd.exe[2264] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\ApMsgFwd.exe[2264] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\ApMsgFwd.exe[2264] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\ApMsgFwd.exe[2264] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\alg.exe[2432] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\alg.exe[2432] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\WINDOWS\System32\alg.exe[2432] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\alg.exe[2432] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\alg.exe[2432] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\alg.exe[2432] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\alg.exe[2432] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\alg.exe[2432] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\alg.exe[2432] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\alg.exe[2432] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\alg.exe[2432] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\alg.exe[2432] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\alg.exe[2432] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\alg.exe[2432] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\AntiLogger\AntiLogger.exe[2564] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\AntiLogger\AntiLogger.exe[2564] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\Program Files\AntiLogger\AntiLogger.exe[2564] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\AntiLogger\AntiLogger.exe[2564] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\AntiLogger\AntiLogger.exe[2564] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\AntiLogger\AntiLogger.exe[2564] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\AntiLogger\AntiLogger.exe[2564] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\AntiLogger\AntiLogger.exe[2564] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\AntiLogger\AntiLogger.exe[2564] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\AntiLogger\AntiLogger.exe[2564] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\AntiLogger\AntiLogger.exe[2564] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\AntiLogger\AntiLogger.exe[2564] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\AntiLogger\AntiLogger.exe[2564] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\AntiLogger\AntiLogger.exe[2564] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2656] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2656] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\WINDOWS\system32\ctfmon.exe[2656] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2656] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2656] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2656] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2656] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2656] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2656] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2656] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2656] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2656] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2656] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2656] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apntex.exe[2776] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apntex.exe[2776] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\Program Files\Apoint\Apntex.exe[2776] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apntex.exe[2776] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apntex.exe[2776] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apntex.exe[2776] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apntex.exe[2776] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apntex.exe[2776] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apntex.exe[2776] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apntex.exe[2776] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apntex.exe[2776] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apntex.exe[2776] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apntex.exe[2776] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Apoint\Apntex.exe[2776] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Documents and Settings\dom\Plocha\gmer\gmer.exe[3076] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Documents and Settings\dom\Plocha\gmer\gmer.exe[3076] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\Documents and Settings\dom\Plocha\gmer\gmer.exe[3076] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Documents and Settings\dom\Plocha\gmer\gmer.exe[3076] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Documents and Settings\dom\Plocha\gmer\gmer.exe[3076] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Documents and Settings\dom\Plocha\gmer\gmer.exe[3076] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Documents and Settings\dom\Plocha\gmer\gmer.exe[3076] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Documents and Settings\dom\Plocha\gmer\gmer.exe[3076] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Documents and Settings\dom\Plocha\gmer\gmer.exe[3076] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Documents and Settings\dom\Plocha\gmer\gmer.exe[3076] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Documents and Settings\dom\Plocha\gmer\gmer.exe[3076] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Documents and Settings\dom\Plocha\gmer\gmer.exe[3076] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Documents and Settings\dom\Plocha\gmer\gmer.exe[3076] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Documents and Settings\dom\Plocha\gmer\gmer.exe[3076] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[3848] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[3848] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[3848] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[3848] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[3848] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[3848] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[3848] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[3848] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[3848] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[3848] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[3848] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[3848] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[3848] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[3848] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] [B7C99750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] [B7C99820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] [B7C997F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [B7C997B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [B7C997B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [B7C99820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [B7C99750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [B7C997F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [B7C997B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [B7C997F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [B7C99750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [B7C99820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [B7C99750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [B7C99820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [B7C997B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [B7C997F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [B7C997B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [B7C99820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [B7C99750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!GetProcAddress] [0065E610] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!LoadLibraryA] [0065E440] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [0065E500] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] [0065DB60] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] [0065E580] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [0065E480] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [0065E440] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [0065E610] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [0065E440] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [0065E480] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [0065E610] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] [0065DB60] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [0065E440] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [0065E480] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [0065E610] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [0065E610] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [0065E440] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] [0065E580] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] [0065DB60] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [0065E610] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [0065E440] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] [0065DB60] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] [0065E580] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [0065E440] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] [0065DB60] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [0065E610] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHLWAPI.dll [GDI32.dll!DeleteObject] [0065D2C0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] [0065E580] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [0065E4C0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [0065E500] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [0065E480] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [0065DB60] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [0065E440] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [0065E610] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [0065D6C0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [0065D750] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [0065D260] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!RegisterClassA] [0065DBF0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!RegisterClassW] [0065DCB0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SystemParametersInfoW] [0065DEF0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CallWindowProcW] [0065D580] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CallWindowProcA] [0065D620] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSystemMetrics] [0065DD70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [GDI32.dll!DeleteObject] [0065D2C0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] [0065E580] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [0065E440] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [0065E480] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [0065E610] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] [0065DB60] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [0065E500] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [0065E4C0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!AdjustWindowRectEx] [0065E030] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] [0065D6C0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSystemMetrics] [0065DD70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColor] [0065D260] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [0065D750] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!RegisterClassW] [0065DCB0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColorBrush] [0065D310] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!FillRect] [0065E170] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DrawFrameControl] [0065E240] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DrawEdge] [0065E1F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SystemParametersInfoW] [0065DEF0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetScrollInfo] [0065D510] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!CallWindowProcW] [0065D580] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetScrollInfo] [0065D400] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\ole32.dll [GDI32.dll!DeleteObject] [0065D2C0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [0065E610] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [0065E440] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [0065E480] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] [0065DB60] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [0065E500] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [0065E4C0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SystemParametersInfoW] [0065DEF0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetSystemMetrics] [0065DD70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetSysColor] [0065D260] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!CallWindowProcW] [0065D580] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!RegisterClassW] [0065DCB0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] [0065D750] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [0065E480] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [0065E440] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [0065E610] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] [0065DB60] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [0065E440] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [0065E610] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [0065E480] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [0065E4C0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateThread] [0065DB60] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [0065E610] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [0065E440] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!GetSystemMetrics] [0065DD70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [0065E610] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [0065E440] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [0065E4C0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [0065E500] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] [0065DB60] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] [0065E580] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2084] @ C:\WINDOWS\system32\CRYPT32.dll [USER32.dll!GetSystemMetrics] [0065DD70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk2\DR2 sector 00: rootkit-like behavior

---- EOF - GMER 1.0.15 ----
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119515
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zpomalene PC

#27 Příspěvek od Rudy »

Podle GMERu také čisto. Jak se nyní PC chová?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
macc
Návštěvník
Návštěvník
Příspěvky: 93
Registrován: 13 dub 2011 18:28

Re: zpomalene PC

#28 Příspěvek od macc »

Neustále zamrzává,když na něco kliknu,tak čekám,než se coliv spustí.
Ale ted má dobrou chvilku a vypadá,že šlape.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119515
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zpomalene PC

#29 Příspěvek od Rudy »

Zkuste defragmentovat disk.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
macc
Návštěvník
Návštěvník
Příspěvky: 93
Registrován: 13 dub 2011 18:28

Re: zpomalene PC

#30 Příspěvek od macc »

Po defragmentaci se PC zlepšilo,už funguje,ale občas se stejně na chvilku sekne
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“