GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-07-21 09:44:18 Windows 5.1.2600 Dodatek Service Pack 2 Harddisk0\DR0 -> \Device\0000005b SAMSUNG_HD502IJ rev.1AA01113 Running: z3ghwrpc.exe; Driver: C:\DOCUME~1\Ja\USTAWI~1\Temp\pxtdypow.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAdjustPrivilegesToken [0xB3CA1824] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwConnectPort [0xB3CA0DD0] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateFile [0xB3CA148A] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateKey [0xB3CA2062] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSection [0xB3CA3C26] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSymbolicLinkObject [0xB3CA3FA4] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThread [0xB3CA07BC] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwDeleteKey [0xB3CA1A10] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwDeleteValueKey [0xB3CA1C18] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwDuplicateObject [0xB3CA05C2] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwEnumerateKey [0xB3CA2830] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwEnumerateValueKey [0xB3CA2A86] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwLoadDriver [0xB3CA3658] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwMakeTemporaryObject [0xB3CA1098] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenFile [0xB3CA1666] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenKey [0xB3CA2052] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenProcess [0xB3CA01F0] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenSection [0xB3CA1332] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenThread [0xB3CA03F4] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwQueryKey [0xB3CA2C94] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwQueryMultipleValueKey [0xB3CA30E8] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwQueryValueKey [0xB3CA2EA6] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRenameKey [0xB3CA25C8] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSecurityObject [0xB3CA1E76] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSystemInformation [0xB3CA3944] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetValueKey [0xB3CA2330] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwShutdownSystem [0xB3CA1002] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSystemDebugControl [0xB3CA121E] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateProcess [0xB3CA0BD2] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateThread [0xB3CA09C0] ---- Kernel code sections - GMER 1.0.15 ---- .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB9777360, 0x37192D, 0xE8000020] ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\AGEIA Technologies\TrayIcon.exe[308] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\AGEIA Technologies\TrayIcon.exe[308] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\Program Files\AGEIA Technologies\TrayIcon.exe[308] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\AGEIA Technologies\TrayIcon.exe[308] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\AGEIA Technologies\TrayIcon.exe[308] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\AGEIA Technologies\TrayIcon.exe[308] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\AGEIA Technologies\TrayIcon.exe[308] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\AGEIA Technologies\TrayIcon.exe[308] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\AGEIA Technologies\TrayIcon.exe[308] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\AGEIA Technologies\TrayIcon.exe[308] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\AGEIA Technologies\TrayIcon.exe[308] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\AGEIA Technologies\TrayIcon.exe[308] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\AGEIA Technologies\TrayIcon.exe[308] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\AGEIA Technologies\TrayIcon.exe[308] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[336] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[336] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[336] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[336] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[336] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[336] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[336] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[336] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[336] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[336] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[336] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[336] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[336] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[336] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\RUNDLL32.EXE[364] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\RUNDLL32.EXE[364] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\WINDOWS\system32\RUNDLL32.EXE[364] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\RUNDLL32.EXE[364] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\RUNDLL32.EXE[364] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\RUNDLL32.EXE[364] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\RUNDLL32.EXE[364] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\RUNDLL32.EXE[364] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\RUNDLL32.EXE[364] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\RUNDLL32.EXE[364] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\RUNDLL32.EXE[364] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\RUNDLL32.EXE[364] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\RUNDLL32.EXE[364] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\RUNDLL32.EXE[364] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[432] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[432] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[432] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[432] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[432] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[432] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[432] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[432] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[432] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[432] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[432] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[432] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[432] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[432] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[460] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[460] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[460] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[460] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[460] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[460] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[460] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[460] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[460] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[460] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[460] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[460] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[460] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[460] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\RTHDCPL.EXE[472] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\RTHDCPL.EXE[472] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\WINDOWS\RTHDCPL.EXE[472] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\RTHDCPL.EXE[472] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\RTHDCPL.EXE[472] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\RTHDCPL.EXE[472] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\RTHDCPL.EXE[472] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\RTHDCPL.EXE[472] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\RTHDCPL.EXE[472] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\RTHDCPL.EXE[472] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\RTHDCPL.EXE[472] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\RTHDCPL.EXE[472] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\RTHDCPL.EXE[472] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\RTHDCPL.EXE[472] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[544] ntdll.dll!NtAllocateVirtualMemory 7C90CF50 5 Bytes JMP 0077FC60 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[556] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[556] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[556] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[556] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[556] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[556] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[556] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[556] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[556] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[556] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[556] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[556] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[556] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[556] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[600] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[600] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\WINDOWS\system32\ctfmon.exe[600] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[600] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[600] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[600] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[600] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[600] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[600] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[600] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[600] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[600] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[600] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[600] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!NtAllocateVirtualMemory 7C90CF50 5 Bytes JMP 1002ADA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!NtCreateFile 7C90D090 5 Bytes JMP 1002AD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!NtCreateProcess 7C90D130 5 Bytes JMP 1002AE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!NtCreateProcessEx 7C90D140 5 Bytes JMP 1002AE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!NtDeleteFile 7C90D220 5 Bytes JMP 1002ADC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!NtFreeVirtualMemory 7C90D370 5 Bytes JMP 1002A430 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!NtLoadDriver 7C90D450 5 Bytes JMP 1002AD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!NtOpenFile 7C90D580 5 Bytes JMP 1002AD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!NtProtectVirtualMemory 7C90D6D0 5 Bytes JMP 1002A3E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!NtSetInformationProcess 7C90DC80 5 Bytes JMP 1002AD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!NtUnloadDriver 7C90DEA0 5 Bytes JMP 1002AD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!NtWriteVirtualMemory 7C90DF90 5 Bytes JMP 1002ADE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!KiUserExceptionDispatcher 7C90E45C 7 Bytes JMP 1002A6F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!RtlAllocateHeap 7C9100A4 5 Bytes JMP 1002A480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ntdll.dll!LdrGetProcedureAddress 7C917E88 5 Bytes JMP 1002ACE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002AC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002A9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002AC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002AC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002AA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 1002ACC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 1002AA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!GetModuleHandleA 7C80B731 5 Bytes JMP 1002AA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!GetModuleHandleW 7C80E4CD 5 Bytes JMP 1002AA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 1002AC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!MoveFileWithProgressW 7C81F716 5 Bytes JMP 1002AAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!MoveFileW 7C821249 5 Bytes JMP 1002AB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!OpenFile 7C82196A 5 Bytes JMP 1002AC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!CopyFileExW 7C827B1A 7 Bytes JMP 1002AB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!CopyFileA 7C8286D6 5 Bytes JMP 1002ABE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!CopyFileW 7C82F863 5 Bytes JMP 1002ABC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!DeleteFileA 7C831EC5 5 Bytes JMP 1002AAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!DeleteFileW 7C831F4B 5 Bytes JMP 1002AA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!MoveFileExW 7C835673 5 Bytes JMP 1002AB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!MoveFileA 7C835EA7 5 Bytes JMP 1002AB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!MoveFileWithProgressA 7C835EC6 5 Bytes JMP 1002AAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!MoveFileExA 7C85E3CB 5 Bytes JMP 1002AB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!CopyFileExA 7C85F2CC 5 Bytes JMP 1002ABA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 1002A9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] kernel32.dll!LoadModule 7C8624BE 5 Bytes JMP 1002ACA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] wininet.dll!InternetConnectA 3FD0DEAE 5 Bytes JMP 1002A920 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] wininet.dll!InternetConnectW 3FD0F862 5 Bytes JMP 1002A900 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] shell32.dll!ShellExecuteExW 7CA02F03 5 Bytes JMP 1002A940 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] shell32.dll!ShellExecuteEx 7CA40E25 5 Bytes JMP 1002A960 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] shell32.dll!ShellExecuteA 7CA41150 5 Bytes JMP 1002A9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] shell32.dll!ShellExecuteW 7CAB5BF0 5 Bytes JMP 1002A980 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] WS2_32.dll!WSASocketW 71A5404E 2 Bytes JMP 1002A8C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[664] WS2_32.dll!WSASocketW + 3 71A54051 4 Bytes [5D, 9E, CC, CC] {POP EBP; SAHF ; INT 3 ; INT 3 } .text C:\Program Files\Skype\Phone\Skype.exe[664] WS2_32.dll!WSASocketA 71A58B6A 5 Bytes JMP 1002A8E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtAllocateVirtualMemory 7C90CF50 5 Bytes JMP 1002ADA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtCreateFile 7C90D090 5 Bytes JMP 1002AD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 16, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtCreateProcess 7C90D130 5 Bytes JMP 1002AE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtCreateProcessEx 7C90D140 5 Bytes JMP 1002AE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtDeleteFile 7C90D220 5 Bytes JMP 1002ADC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtFreeVirtualMemory 7C90D370 5 Bytes JMP 1002A430 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtLoadDriver 7C90D450 5 Bytes JMP 1002AD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 16, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtOpenFile 7C90D580 5 Bytes JMP 1002AD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 16, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 16, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90EBFC .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 16, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 16, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 16, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90EC6D .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtProtectVirtualMemory 7C90D6D0 5 Bytes JMP 1002A3E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 16, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90ED9B .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 16, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtSetInformationProcess 7C90DC80 5 Bytes JMP 1002AD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 16, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtUnloadDriver 7C90DEA0 5 Bytes JMP 1002AD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 16, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!NtWriteVirtualMemory 7C90DF90 5 Bytes JMP 1002ADE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!KiUserExceptionDispatcher 7C90E45C 7 Bytes JMP 1002A6F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!RtlAllocateHeap 7C9100A4 5 Bytes JMP 1002A480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ntdll.dll!LdrGetProcedureAddress 7C917E88 5 Bytes JMP 1002ACE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002AC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002A9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002AC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002AC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002AA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 1002ACC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 1002AA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!GetModuleHandleA 7C80B731 5 Bytes JMP 1002AA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!GetModuleHandleW 7C80E4CD 5 Bytes JMP 1002AA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 1002AC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!MoveFileWithProgressW 7C81F716 5 Bytes JMP 1002AAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!MoveFileW 7C821249 5 Bytes JMP 1002AB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!OpenFile 7C82196A 5 Bytes JMP 1002AC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!CopyFileExW 7C827B1A 7 Bytes JMP 1002AB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!CopyFileA 7C8286D6 5 Bytes JMP 1002ABE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!CopyFileW 7C82F863 5 Bytes JMP 1002ABC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!DeleteFileA 7C831EC5 5 Bytes JMP 1002AAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!DeleteFileW 7C831F4B 5 Bytes JMP 1002AA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!MoveFileExW 7C835673 5 Bytes JMP 1002AB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!MoveFileA 7C835EA7 5 Bytes JMP 1002AB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!MoveFileWithProgressA 7C835EC6 5 Bytes JMP 1002AAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!MoveFileExA 7C85E3CB 5 Bytes JMP 1002AB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!CopyFileExA 7C85F2CC 5 Bytes JMP 1002ABA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 1002A9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] kernel32.dll!LoadModule 7C8624BE 5 Bytes JMP 1002ACA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] SHELL32.dll!ShellExecuteExW 7CA02F03 5 Bytes JMP 1002A940 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] SHELL32.dll!ShellExecuteEx 7CA40E25 5 Bytes JMP 1002A960 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] SHELL32.dll!ShellExecuteA 7CA41150 5 Bytes JMP 1002A9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[768] SHELL32.dll!ShellExecuteW 7CAB5BF0 5 Bytes JMP 1002A980 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\csrss.exe[860] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 10001450 C:\WINDOWS\system32\cmdcsr.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\csrss.exe[860] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 100017F0 C:\WINDOWS\system32\cmdcsr.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[932] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[932] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\WINDOWS\system32\services.exe[932] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[932] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[932] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[932] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[932] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[932] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[932] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[932] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[932] RPCRT4.dll!RpcServerRegisterIfEx 77E8E05B 5 Bytes JMP 1001F060 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[932] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[932] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[932] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[932] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[944] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[944] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\WINDOWS\system32\lsass.exe[944] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[944] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[944] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[944] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[944] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[944] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[944] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[944] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[944] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[944] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[944] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[944] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1012] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1012] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\WINDOWS\System32\svchost.exe[1012] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1012] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1012] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1012] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1012] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1012] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1012] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1012] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1012] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1012] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1012] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1012] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1116] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1116] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\WINDOWS\system32\svchost.exe[1116] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1116] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1116] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1116] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1116] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1116] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1116] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1116] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1116] RPCRT4.dll!RpcServerRegisterIfEx 77E8E05B 5 Bytes JMP 1001F060 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1116] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1116] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1116] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1116] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1172] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1172] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\WINDOWS\system32\svchost.exe[1172] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1172] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1172] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1172] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1172] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1172] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1172] RPCRT4.dll!RpcServerRegisterIfEx 77E8E05B 5 Bytes JMP 1001F060 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1172] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1172] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1172] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1172] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1172] rpcss.dll!WhichService 76A63C84 8 Bytes JMP ED501001 .text C:\Documents and Settings\Ja\Moje dokumenty\Downloads\z3ghwrpc.exe[1208] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Ja\Moje dokumenty\Downloads\z3ghwrpc.exe[1208] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\Documents and Settings\Ja\Moje dokumenty\Downloads\z3ghwrpc.exe[1208] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Ja\Moje dokumenty\Downloads\z3ghwrpc.exe[1208] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Ja\Moje dokumenty\Downloads\z3ghwrpc.exe[1208] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Ja\Moje dokumenty\Downloads\z3ghwrpc.exe[1208] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Ja\Moje dokumenty\Downloads\z3ghwrpc.exe[1208] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Ja\Moje dokumenty\Downloads\z3ghwrpc.exe[1208] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Ja\Moje dokumenty\Downloads\z3ghwrpc.exe[1208] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Ja\Moje dokumenty\Downloads\z3ghwrpc.exe[1208] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Ja\Moje dokumenty\Downloads\z3ghwrpc.exe[1208] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Ja\Moje dokumenty\Downloads\z3ghwrpc.exe[1208] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Ja\Moje dokumenty\Downloads\z3ghwrpc.exe[1208] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Ja\Moje dokumenty\Downloads\z3ghwrpc.exe[1208] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1316] ntdll.dll!NtAllocateVirtualMemory 7C90CF50 5 Bytes JMP 00533F00 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO) .text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1316] ntdll.dll!NtCreateFile 7C90D090 5 Bytes JMP 0054D9A0 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1348] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1348] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\WINDOWS\system32\svchost.exe[1348] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1348] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1348] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1348] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1348] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1348] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1348] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1348] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1348] RPCRT4.dll!RpcServerRegisterIfEx 77E8E05B 5 Bytes JMP 1001F060 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1348] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1348] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1348] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1348] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\rundll32.exe[1416] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\rundll32.exe[1416] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\WINDOWS\system32\rundll32.exe[1416] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\rundll32.exe[1416] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\rundll32.exe[1416] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\rundll32.exe[1416] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\rundll32.exe[1416] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\rundll32.exe[1416] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\rundll32.exe[1416] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\rundll32.exe[1416] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\rundll32.exe[1416] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\rundll32.exe[1416] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\rundll32.exe[1416] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\rundll32.exe[1416] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[1468] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[1468] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[1468] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[1468] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[1468] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[1468] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[1468] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[1468] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[1468] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[1468] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[1468] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[1468] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[1468] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[1468] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtAllocateVirtualMemory 7C90CF50 5 Bytes JMP 1002ADA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtCreateFile 7C90D090 5 Bytes JMP 1002AD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtCreateProcess 7C90D130 5 Bytes JMP 1002AE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtCreateProcessEx 7C90D140 5 Bytes JMP 1002AE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtDeleteFile 7C90D220 5 Bytes JMP 1002ADC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtFreeVirtualMemory 7C90D370 5 Bytes JMP 1002A430 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtLoadDriver 7C90D450 5 Bytes JMP 1002AD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenFile 7C90D580 5 Bytes JMP 1002AD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90F3FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90F46D .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtProtectVirtualMemory 7C90D6D0 5 Bytes JMP 1002A3E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90F59B .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtSetInformationProcess 7C90DC80 5 Bytes JMP 1002AD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtUnloadDriver 7C90DEA0 5 Bytes JMP 1002AD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 1E, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtWriteVirtualMemory 7C90DF90 5 Bytes JMP 1002ADE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!KiUserExceptionDispatcher 7C90E45C 7 Bytes JMP 1002A6F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!RtlAllocateHeap 7C9100A4 5 Bytes JMP 1002A480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!LdrGetProcedureAddress 7C917E88 5 Bytes JMP 1002ACE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002AC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002A9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002AC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002AC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002AA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 1002ACC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 1002AA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!GetModuleHandleA 7C80B731 5 Bytes JMP 1002AA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!GetModuleHandleW 7C80E4CD 5 Bytes JMP 1002AA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 1002AC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!MoveFileWithProgressW 7C81F716 5 Bytes JMP 1002AAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!MoveFileW 7C821249 5 Bytes JMP 1002AB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!OpenFile 7C82196A 5 Bytes JMP 1002AC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!CopyFileExW 7C827B1A 7 Bytes JMP 1002AB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!CopyFileA 7C8286D6 5 Bytes JMP 1002ABE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!CopyFileW 7C82F863 5 Bytes JMP 1002ABC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!DeleteFileA 7C831EC5 5 Bytes JMP 1002AAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!DeleteFileW 7C831F4B 5 Bytes JMP 1002AA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!MoveFileExW 7C835673 5 Bytes JMP 1002AB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!MoveFileA 7C835EA7 5 Bytes JMP 1002AB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!MoveFileWithProgressA 7C835EC6 5 Bytes JMP 1002AAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!MoveFileExA 7C85E3CB 5 Bytes JMP 1002AB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!CopyFileExA 7C85F2CC 5 Bytes JMP 1002ABA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 1002A9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] kernel32.dll!LoadModule 7C8624BE 5 Bytes JMP 1002ACA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] SHELL32.dll!ShellExecuteExW 7CA02F03 5 Bytes JMP 1002A940 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] SHELL32.dll!ShellExecuteEx 7CA40E25 5 Bytes JMP 1002A960 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] SHELL32.dll!ShellExecuteA 7CA41150 5 Bytes JMP 1002A9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1480] SHELL32.dll!ShellExecuteW 7CAB5BF0 5 Bytes JMP 1002A980 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1496] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1496] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\WINDOWS\system32\svchost.exe[1496] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1496] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1496] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1496] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1496] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1496] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1496] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1496] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1496] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1496] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1496] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1496] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1572] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1572] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\WINDOWS\system32\svchost.exe[1572] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1572] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1572] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1572] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1572] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1572] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1572] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1572] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1572] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1572] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1572] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[1572] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\nvsvc32.exe[1616] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\nvsvc32.exe[1616] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\WINDOWS\system32\nvsvc32.exe[1616] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\nvsvc32.exe[1616] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\nvsvc32.exe[1616] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\nvsvc32.exe[1616] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\nvsvc32.exe[1616] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\nvsvc32.exe[1616] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\nvsvc32.exe[1616] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\nvsvc32.exe[1616] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\nvsvc32.exe[1616] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\nvsvc32.exe[1616] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\nvsvc32.exe[1616] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\nvsvc32.exe[1616] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1724] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1724] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\WINDOWS\system32\spoolsv.exe[1724] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1724] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1724] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1724] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1724] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1724] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1724] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1724] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1724] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1724] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1724] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1724] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\DOCUME~1\Ja\USTAWI~1\Temp\ose00000.exe[1824] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\DOCUME~1\Ja\USTAWI~1\Temp\ose00000.exe[1824] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\DOCUME~1\Ja\USTAWI~1\Temp\ose00000.exe[1824] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\DOCUME~1\Ja\USTAWI~1\Temp\ose00000.exe[1824] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\DOCUME~1\Ja\USTAWI~1\Temp\ose00000.exe[1824] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\DOCUME~1\Ja\USTAWI~1\Temp\ose00000.exe[1824] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\DOCUME~1\Ja\USTAWI~1\Temp\ose00000.exe[1824] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\DOCUME~1\Ja\USTAWI~1\Temp\ose00000.exe[1824] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\DOCUME~1\Ja\USTAWI~1\Temp\ose00000.exe[1824] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\DOCUME~1\Ja\USTAWI~1\Temp\ose00000.exe[1824] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\DOCUME~1\Ja\USTAWI~1\Temp\ose00000.exe[1824] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\DOCUME~1\Ja\USTAWI~1\Temp\ose00000.exe[1824] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\DOCUME~1\Ja\USTAWI~1\Temp\ose00000.exe[1824] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\DOCUME~1\Ja\USTAWI~1\Temp\ose00000.exe[1824] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[2044] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[2044] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\WINDOWS\Explorer.EXE[2044] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[2044] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[2044] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[2044] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[2044] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[2044] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[2044] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[2044] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[2044] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[2044] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[2044] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[2044] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!NtAllocateVirtualMemory 7C90CF50 5 Bytes JMP 1002ADA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!NtCreateFile 7C90D090 5 Bytes JMP 1002AD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!NtCreateProcess 7C90D130 5 Bytes JMP 1002AE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!NtCreateProcessEx 7C90D140 5 Bytes JMP 1002AE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!NtDeleteFile 7C90D220 5 Bytes JMP 1002ADC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!NtFreeVirtualMemory 7C90D370 5 Bytes JMP 1002A430 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!NtLoadDriver 7C90D450 5 Bytes JMP 1002AD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!NtOpenFile 7C90D580 5 Bytes JMP 1002AD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!NtProtectVirtualMemory 7C90D6D0 5 Bytes JMP 1002A3E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!NtSetInformationProcess 7C90DC80 5 Bytes JMP 1002AD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!NtUnloadDriver 7C90DEA0 5 Bytes JMP 1002AD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!NtWriteVirtualMemory 7C90DF90 5 Bytes JMP 1002ADE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!KiUserExceptionDispatcher 7C90E45C 7 Bytes JMP 1002A6F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!RtlAllocateHeap 7C9100A4 5 Bytes JMP 1002A480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ntdll.dll!LdrGetProcedureAddress 7C917E88 5 Bytes JMP 1002ACE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002AC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002A9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002AC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002AC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002AA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 1002ACC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 1002AA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!GetModuleHandleA 7C80B731 5 Bytes JMP 1002AA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!GetModuleHandleW 7C80E4CD 5 Bytes JMP 1002AA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 1002AC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!MoveFileWithProgressW 7C81F716 5 Bytes JMP 1002AAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!MoveFileW 7C821249 5 Bytes JMP 1002AB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!OpenFile 7C82196A 5 Bytes JMP 1002AC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!CopyFileExW 7C827B1A 7 Bytes JMP 1002AB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!CopyFileA 7C8286D6 5 Bytes JMP 1002ABE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!CopyFileW 7C82F863 5 Bytes JMP 1002ABC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!DeleteFileA 7C831EC5 5 Bytes JMP 1002AAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!DeleteFileW 7C831F4B 5 Bytes JMP 1002AA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!MoveFileExW 7C835673 5 Bytes JMP 1002AB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!MoveFileA 7C835EA7 5 Bytes JMP 1002AB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!MoveFileWithProgressA 7C835EC6 5 Bytes JMP 1002AAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!MoveFileExA 7C85E3CB 5 Bytes JMP 1002AB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!CopyFileExA 7C85F2CC 5 Bytes JMP 1002ABA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 1002A9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] kernel32.dll!LoadModule 7C8624BE 5 Bytes JMP 1002ACA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] SHELL32.dll!ShellExecuteExW 7CA02F03 5 Bytes JMP 1002A940 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] SHELL32.dll!ShellExecuteEx 7CA40E25 5 Bytes JMP 1002A960 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] SHELL32.dll!ShellExecuteA 7CA41150 5 Bytes JMP 1002A9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] SHELL32.dll!ShellExecuteW 7CAB5BF0 5 Bytes JMP 1002A980 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] WS2_32.dll!WSASocketW 71A5404E 2 Bytes JMP 1002A8C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] WS2_32.dll!WSASocketW + 3 71A54051 4 Bytes [5D, 9E, CC, CC] {POP EBP; SAHF ; INT 3 ; INT 3 } .text C:\Program Files\Google\Chrome\Application\chrome.exe[2092] WS2_32.dll!WSASocketA 71A58B6A 5 Bytes JMP 1002A8E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtAllocateVirtualMemory 7C90CF50 5 Bytes JMP 1002ADA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtCreateFile 7C90D090 5 Bytes JMP 1002AD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 1C, 00] {SUB [EAX], AL; SBB AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtCreateProcess 7C90D130 5 Bytes JMP 1002AE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtCreateProcessEx 7C90D140 5 Bytes JMP 1002AE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtDeleteFile 7C90D220 5 Bytes JMP 1002ADC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtFreeVirtualMemory 7C90D370 5 Bytes JMP 1002A430 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtLoadDriver 7C90D450 5 Bytes JMP 1002AD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 1C, 00] {SUB [EBX], AL; SBB AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtOpenFile 7C90D580 5 Bytes JMP 1002AD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 1C, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 1C, 00] {TEST AL, 0x1; SBB AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90F1FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 1C, 00] {TEST AL, 0x2; SBB AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 1C, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 1C, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90F26D .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtProtectVirtualMemory 7C90D6D0 5 Bytes JMP 1002A3E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 1C, 00] {TEST AL, 0x0; SBB AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90F39B .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 1C, 00] {SUB [ECX], AL; SBB AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtSetInformationProcess 7C90DC80 5 Bytes JMP 1002AD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 1C, 00] {SUB [EDX], AL; SBB AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtUnloadDriver 7C90DEA0 5 Bytes JMP 1002AD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 1C, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!NtWriteVirtualMemory 7C90DF90 5 Bytes JMP 1002ADE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!KiUserExceptionDispatcher 7C90E45C 7 Bytes JMP 1002A6F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!RtlAllocateHeap 7C9100A4 5 Bytes JMP 1002A480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ntdll.dll!LdrGetProcedureAddress 7C917E88 5 Bytes JMP 1002ACE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002AC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002A9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002AC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002AC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002AA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 1002ACC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 1002AA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!GetModuleHandleA 7C80B731 5 Bytes JMP 1002AA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!GetModuleHandleW 7C80E4CD 5 Bytes JMP 1002AA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 1002AC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!MoveFileWithProgressW 7C81F716 5 Bytes JMP 1002AAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!MoveFileW 7C821249 5 Bytes JMP 1002AB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!OpenFile 7C82196A 5 Bytes JMP 1002AC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!CopyFileExW 7C827B1A 7 Bytes JMP 1002AB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!CopyFileA 7C8286D6 5 Bytes JMP 1002ABE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!CopyFileW 7C82F863 5 Bytes JMP 1002ABC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!DeleteFileA 7C831EC5 5 Bytes JMP 1002AAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!DeleteFileW 7C831F4B 5 Bytes JMP 1002AA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!MoveFileExW 7C835673 5 Bytes JMP 1002AB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!MoveFileA 7C835EA7 5 Bytes JMP 1002AB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!MoveFileWithProgressA 7C835EC6 5 Bytes JMP 1002AAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!MoveFileExA 7C85E3CB 5 Bytes JMP 1002AB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!CopyFileExA 7C85F2CC 5 Bytes JMP 1002ABA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 1002A9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] kernel32.dll!LoadModule 7C8624BE 5 Bytes JMP 1002ACA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] SHELL32.dll!ShellExecuteExW 7CA02F03 5 Bytes JMP 1002A940 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] SHELL32.dll!ShellExecuteEx 7CA40E25 5 Bytes JMP 1002A960 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] SHELL32.dll!ShellExecuteA 7CA41150 5 Bytes JMP 1002A9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2280] SHELL32.dll!ShellExecuteW 7CAB5BF0 5 Bytes JMP 1002A980 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe[2284] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe[2284] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe[2284] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe[2284] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe[2284] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe[2284] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe[2284] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe[2284] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe[2284] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe[2284] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe[2284] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe[2284] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe[2284] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe[2284] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtAllocateVirtualMemory 7C90CF50 5 Bytes JMP 1002ADA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtCreateFile 7C90D090 5 Bytes JMP 1002AD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtCreateProcess 7C90D130 5 Bytes JMP 1002AE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtCreateProcessEx 7C90D140 5 Bytes JMP 1002AE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtDeleteFile 7C90D220 5 Bytes JMP 1002ADC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtFreeVirtualMemory 7C90D370 5 Bytes JMP 1002A430 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtLoadDriver 7C90D450 5 Bytes JMP 1002AD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtOpenFile 7C90D580 5 Bytes JMP 1002AD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B912AFC .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B912B6D .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtProtectVirtualMemory 7C90D6D0 5 Bytes JMP 1002A3E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B912C9B .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtSetInformationProcess 7C90DC80 5 Bytes JMP 1002AD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtUnloadDriver 7C90DEA0 5 Bytes JMP 1002AD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!NtWriteVirtualMemory 7C90DF90 5 Bytes JMP 1002ADE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!KiUserExceptionDispatcher 7C90E45C 7 Bytes JMP 1002A6F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!RtlAllocateHeap 7C9100A4 5 Bytes JMP 1002A480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ntdll.dll!LdrGetProcedureAddress 7C917E88 5 Bytes JMP 1002ACE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002AC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002A9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002AC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002AC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002AA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 1002ACC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 1002AA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!GetModuleHandleA 7C80B731 5 Bytes JMP 1002AA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!GetModuleHandleW 7C80E4CD 5 Bytes JMP 1002AA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 1002AC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!MoveFileWithProgressW 7C81F716 5 Bytes JMP 1002AAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!MoveFileW 7C821249 5 Bytes JMP 1002AB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!OpenFile 7C82196A 5 Bytes JMP 1002AC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!CopyFileExW 7C827B1A 7 Bytes JMP 1002AB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!CopyFileA 7C8286D6 5 Bytes JMP 1002ABE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!CopyFileW 7C82F863 5 Bytes JMP 1002ABC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!DeleteFileA 7C831EC5 5 Bytes JMP 1002AAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!DeleteFileW 7C831F4B 5 Bytes JMP 1002AA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!MoveFileExW 7C835673 5 Bytes JMP 1002AB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!MoveFileA 7C835EA7 5 Bytes JMP 1002AB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!MoveFileWithProgressA 7C835EC6 5 Bytes JMP 1002AAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!MoveFileExA 7C85E3CB 5 Bytes JMP 1002AB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!CopyFileExA 7C85F2CC 5 Bytes JMP 1002ABA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 1002A9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] kernel32.dll!LoadModule 7C8624BE 5 Bytes JMP 1002ACA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] SHELL32.dll!ShellExecuteExW 7CA02F03 5 Bytes JMP 1002A940 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] SHELL32.dll!ShellExecuteEx 7CA40E25 5 Bytes JMP 1002A960 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] SHELL32.dll!ShellExecuteA 7CA41150 5 Bytes JMP 1002A9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3088] SHELL32.dll!ShellExecuteW 7CAB5BF0 5 Bytes JMP 1002A980 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\msiexec.exe[3104] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\msiexec.exe[3104] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\WINDOWS\system32\msiexec.exe[3104] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\msiexec.exe[3104] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\msiexec.exe[3104] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\msiexec.exe[3104] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\msiexec.exe[3104] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\msiexec.exe[3104] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\msiexec.exe[3104] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\msiexec.exe[3104] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\msiexec.exe[3104] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\msiexec.exe[3104] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\msiexec.exe[3104] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\msiexec.exe[3104] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[3644] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[3644] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\WINDOWS\system32\svchost.exe[3644] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[3644] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[3644] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[3644] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[3644] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[3644] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[3644] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[3644] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[3644] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[3644] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[3644] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[3644] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\alg.exe[3664] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\alg.exe[3664] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\WINDOWS\System32\alg.exe[3664] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\alg.exe[3664] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\alg.exe[3664] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\alg.exe[3664] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\alg.exe[3664] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\alg.exe[3664] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\alg.exe[3664] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\alg.exe[3664] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\alg.exe[3664] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\alg.exe[3664] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\alg.exe[3664] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\alg.exe[3664] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtAllocateVirtualMemory 7C90CF50 5 Bytes JMP 1002ADA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtCreateFile 7C90D090 5 Bytes JMP 1002AD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtCreateProcess 7C90D130 5 Bytes JMP 1002AE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtCreateProcessEx 7C90D140 5 Bytes JMP 1002AE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtDeleteFile 7C90D220 5 Bytes JMP 1002ADC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtFreeVirtualMemory 7C90D370 5 Bytes JMP 1002A430 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtLoadDriver 7C90D450 5 Bytes JMP 1002AD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenFile 7C90D580 5 Bytes JMP 1002AD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtProtectVirtualMemory 7C90D6D0 5 Bytes JMP 1002A3E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtSetInformationProcess 7C90DC80 5 Bytes JMP 1002AD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtUnloadDriver 7C90DEA0 5 Bytes JMP 1002AD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtWriteVirtualMemory 7C90DF90 5 Bytes JMP 1002ADE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!KiUserExceptionDispatcher 7C90E45C 7 Bytes JMP 1002A6F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!RtlAllocateHeap 7C9100A4 5 Bytes JMP 1002A480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!LdrGetProcedureAddress 7C917E88 5 Bytes JMP 1002ACE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002AC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002A9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002AC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002AC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002AA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 1002ACC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 1002AA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!GetModuleHandleA 7C80B731 5 Bytes JMP 1002AA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!GetModuleHandleW 7C80E4CD 5 Bytes JMP 1002AA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 1002AC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!MoveFileWithProgressW 7C81F716 5 Bytes JMP 1002AAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!MoveFileW 7C821249 5 Bytes JMP 1002AB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!OpenFile 7C82196A 5 Bytes JMP 1002AC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!CopyFileExW 7C827B1A 7 Bytes JMP 1002AB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!CopyFileA 7C8286D6 5 Bytes JMP 1002ABE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!CopyFileW 7C82F863 5 Bytes JMP 1002ABC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!DeleteFileA 7C831EC5 5 Bytes JMP 1002AAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!DeleteFileW 7C831F4B 5 Bytes JMP 1002AA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!MoveFileExW 7C835673 5 Bytes JMP 1002AB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!MoveFileA 7C835EA7 5 Bytes JMP 1002AB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!MoveFileWithProgressA 7C835EC6 5 Bytes JMP 1002AAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!MoveFileExA 7C85E3CB 5 Bytes JMP 1002AB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!CopyFileExA 7C85F2CC 5 Bytes JMP 1002ABA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 1002A9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] kernel32.dll!LoadModule 7C8624BE 5 Bytes JMP 1002ACA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] SHELL32.dll!ShellExecuteExW 7CA02F03 5 Bytes JMP 1002A940 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] SHELL32.dll!ShellExecuteEx 7CA40E25 5 Bytes JMP 1002A960 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] SHELL32.dll!ShellExecuteA 7CA41150 5 Bytes JMP 1002A9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] SHELL32.dll!ShellExecuteW 7CAB5BF0 5 Bytes JMP 1002A980 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtAllocateVirtualMemory 7C90CF50 5 Bytes JMP 1002ADA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtClose 7C90CFD0 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtClose + 3 7C90CFD3 2 Bytes [71, 93] {JNO 0xffffffffffffff95} .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtCreateFile 7C90D090 5 Bytes JMP 1002AD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtCreateProcess 7C90D130 5 Bytes JMP 1002AE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtCreateProcessEx 7C90D140 5 Bytes JMP 1002AE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtDeleteFile 7C90D220 5 Bytes JMP 1002ADC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtFreeVirtualMemory 7C90D370 5 Bytes JMP 1002A430 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtLoadDriver 7C90D450 5 Bytes JMP 1002AD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtOpenFile 7C90D580 5 Bytes JMP 1002AD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B912AFC .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B912B6D .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtProtectVirtualMemory 7C90D6D0 5 Bytes JMP 1002A3E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B912C9B .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtReplyWaitReceivePort 7C90DA70 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA80 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtSetInformationProcess 7C90DC80 5 Bytes JMP 1002AD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtUnloadDriver 7C90DEA0 5 Bytes JMP 1002AD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!NtWriteVirtualMemory 7C90DF90 5 Bytes JMP 1002ADE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!KiUserExceptionDispatcher 7C90E45C 7 Bytes JMP 1002A6F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!RtlAllocateHeap 7C9100A4 5 Bytes JMP 1002A480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ntdll.dll!LdrGetProcedureAddress 7C917E88 5 Bytes JMP 1002ACE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002AC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002A9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002AC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002AC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002AA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 1002ACC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 1002AA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!GetModuleHandleA 7C80B731 5 Bytes JMP 1002AA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!GetModuleHandleW 7C80E4CD 5 Bytes JMP 1002AA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 1002AC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!MoveFileWithProgressW 7C81F716 5 Bytes JMP 1002AAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!MoveFileW 7C821249 5 Bytes JMP 1002AB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!OpenFile 7C82196A 5 Bytes JMP 1002AC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!CopyFileExW 7C827B1A 7 Bytes JMP 1002AB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!CopyFileA 7C8286D6 5 Bytes JMP 1002ABE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!CopyFileW 7C82F863 5 Bytes JMP 1002ABC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!DeleteFileA 7C831EC5 5 Bytes JMP 1002AAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!DeleteFileW 7C831F4B 5 Bytes JMP 1002AA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!MoveFileExW 7C835673 5 Bytes JMP 1002AB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!MoveFileA 7C835EA7 5 Bytes JMP 1002AB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!MoveFileWithProgressA 7C835EC6 5 Bytes JMP 1002AAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!MoveFileExA 7C85E3CB 5 Bytes JMP 1002AB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!CopyFileExA 7C85F2CC 5 Bytes JMP 1002ABA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 1002A9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] kernel32.dll!LoadModule 7C8624BE 5 Bytes JMP 1002ACA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ADVAPI32.dll!CreateProcessAsUserW 77DDA889 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] ADVAPI32.dll!CreateProcessAsUserA 77E00C80 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] GDI32.dll!GetPixel 77F1B73C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] GDI32.dll!CreateDCA 77F1B7C2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] GDI32.dll!CreateDCW 77F1BE28 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] SHELL32.dll!ShellExecuteExW 7CA02F03 5 Bytes JMP 1002A940 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] SHELL32.dll!ShellExecuteEx 7CA40E25 5 Bytes JMP 1002A960 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] SHELL32.dll!ShellExecuteA 7CA41150 5 Bytes JMP 1002A9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4084] SHELL32.dll!ShellExecuteW 7CAB5BF0 5 Bytes JMP 1002A980 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] [BA605750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] [BA605820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] [BA6057F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [BA6057B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [BA6057B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [BA605820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [BA605750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [BA6057F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [BA6057F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [BA6057B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [BA605820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [BA605750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [BA6057B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [BA6057F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [BA605750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [BA605820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [BA605750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [BA605820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [BA6057B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [BA6057F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [BA6057B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [BA605820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [BA605750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [BA6057B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [BA6057F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [BA605750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [BA605820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\Tcpip \Device\Ip cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) AttachedDevice \Driver\Tcpip \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) AttachedDevice \Driver\Tcpip \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) AttachedDevice \Driver\Tcpip \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) ---- Files - GMER 1.0.15 ---- File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\951D7FDF-F161-4111-A1CB-AD4DF6FFD3A8.data 3903119 bytes executable File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\BE62929B-A543-4568-97B0-B5BD4D0F8E24.data.info 246 bytes File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\396B2CC4-7AEE-49F5-B5BA-711217C519EF.data 697856 bytes executable File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\396B2CC4-7AEE-49F5-B5BA-711217C519EF.data.info 108 bytes File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\4574CAEB-1B82-4D2B-BFD8-4A806E0751F2.data 2081792 bytes executable File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\4574CAEB-1B82-4D2B-BFD8-4A806E0751F2.data.info 246 bytes File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\511AAF08-0F3F-4B4D-9BB4-67F46C69FD6C.data 3914956 bytes executable File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\511AAF08-0F3F-4B4D-9BB4-67F46C69FD6C.data.info 298 bytes File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\6097CF2C-3CD6-4974-B7FD-441B0632CD7A.data 109597 bytes executable File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\6097CF2C-3CD6-4974-B7FD-441B0632CD7A.data.info 98 bytes File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\74D10C3F-4B80-43DC-AF53-8683AC6750F7.data 446976 bytes File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\74D10C3F-4B80-43DC-AF53-8683AC6750F7.data.info 210 bytes File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\D7136CDE-91F4-4D0B-BE21-582E1B202107.data 98304 bytes executable File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\D7136CDE-91F4-4D0B-BE21-582E1B202107.data.info 246 bytes File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\FC61C9D8-3B60-4526-9501-8A1D8C2D793B.data 98304 bytes executable File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\FC61C9D8-3B60-4526-9501-8A1D8C2D793B.data.info 246 bytes File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\FD4D3E61-10B0-432C-BAE6-2457EECC6C92.data 3914956 bytes executable File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\FD4D3E61-10B0-432C-BAE6-2457EECC6C92.data.info 298 bytes File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\Temp 0 bytes File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\Temp\baseupd 0 bytes File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\951D7FDF-F161-4111-A1CB-AD4DF6FFD3A8.data.info 284 bytes File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\96739655-E4AF-4768-B3A9-67222B2C3B1E.data 15054665 bytes executable File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\96739655-E4AF-4768-B3A9-67222B2C3B1E.data.info 260 bytes File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\BAF83610-BB81-4A8B-8610-F460BBCABD04.data 1630208 bytes executable File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\BAF83610-BB81-4A8B-8610-F460BBCABD04.data.info 238 bytes File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\BE62929B-A543-4568-97B0-B5BD4D0F8E24.data 1464430 bytes executable ---- EOF - GMER 1.0.15 ----