GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-10-14 23:49:37 Windows 6.0.6001 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 TOSHIBA_MK1246GSX rev.LB213J Running: xst5i28k.exe; Driver: C:\Users\Kamila\AppData\Local\Temp\uwdiipod.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAdjustPrivilegesToken [0x8C395C14] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAlpcConnectPort [0x8C3971C4] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAlpcCreatePort [0x8C395E00] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwConnectPort [0x8C394F40] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateFile [0x8C39587A] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreatePort [0x8C394E1C] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSection [0x8C395626] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSymbolicLinkObject [0x8C396E54] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThread [0x8C394808] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwLoadDriver [0x8C396864] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwMakeTemporaryObject [0x8C395208] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenFile [0x8C395A56] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenSection [0x8C3954AC] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRequestWaitReplyPort [0x8C3962FC] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSecureConnectPort [0x8C3965B0] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSystemInformation [0x8C396B5C] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwShutdownSystem [0x8C395172] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSystemDebugControl [0x8C395398] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateProcess [0x8C394C1E] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateThread [0x8C394A0C] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThreadEx [0x8C395F10] INT 0x52 ? 8447ABF8 INT 0x62 ? 8447ABF8 INT 0x72 ? 8447ABF8 INT 0x92 ? 85DC8BF8 INT 0x93 ? 85DC8BF8 INT 0xA3 ? 85DC8BF8 INT 0xB3 ? 85DC8BF8 ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!KeSetTimerEx + 34C 822BA970 4 Bytes [14, 5C, 39, 8C] .text ntkrnlpa.exe!KeSetTimerEx + 370 822BA994 8 Bytes [C4, 71, 39, 8C, 00, 5E, 39, ...] .text ntkrnlpa.exe!KeSetTimerEx + 3F4 822BAA18 4 Bytes [40, 4F, 39, 8C] .text ntkrnlpa.exe!KeSetTimerEx + 40C 822BAA30 4 Bytes [7A, 58, 39, 8C] .text ntkrnlpa.exe!KeSetTimerEx + 438 822BAA5C 2 Bytes [1C, 4E] {SBB AL, 0x4e} .text ... ? System32\Drivers\spwb.sys System nie może odnaleźć określonej ścieżki. ! .text USBPORT.SYS!DllUnload 8BCF146F 5 Bytes JMP 85DC81D8 ---- User code sections - GMER 1.0.15 ---- .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] WS2_32.dll!WSASocketW 762634EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] WS2_32.dll!WSASocketA 76268FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] WININET.dll!InternetConnectA 762ADEAE 5 Bytes JMP 1002C980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] WININET.dll!InternetConnectW 762AF862 5 Bytes JMP 1002C960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[296] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] KERNEL32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] shell32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] shell32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] shell32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] shell32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[308] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] WS2_32.dll!WSASocketW 762634EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[596] WS2_32.dll!WSASocketA 76268FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[640] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] WS2_32.dll!WSASocketW 762634EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[652] WS2_32.dll!WSASocketA 76268FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[660] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] KERNEL32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] WS2_32.dll!WSASocketW 762634EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] WS2_32.dll!WSASocketA 76268FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[752] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[860] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[920] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[960] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 0050ED30 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO) .text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[960] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 005266C0 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ntdll.dll!KiUserExceptionDispatcher 77849648 5 Bytes JMP 1002C750 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] USER32.dll!SetWindowsHookExW 76457B69 5 Bytes JMP 6DCB9A91 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[996] USER32.dll!CallNextHookEx 76458C33 5 Bytes JMP 6DCAD0CD C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[996] USER32.dll!DialogBoxIndirectParamW 7645BD25 1 Byte [E9] .text C:\Program Files\Internet Explorer\iexplore.exe[996] USER32.dll!DialogBoxIndirectParamW 7645BD25 5 Bytes JMP 6DDB5329 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[996] USER32.dll!CreateWindowExW 76463D67 5 Bytes JMP 6DCBDB04 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[996] USER32.dll!DialogBoxParamW 76471FD5 5 Bytes JMP 6DBE54C5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[996] USER32.dll!UnhookWindowsHookEx 764808BE 5 Bytes JMP 6DC2466E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[996] USER32.dll!DialogBoxParamA 764980B2 5 Bytes JMP 6DDB52C6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[996] USER32.dll!DialogBoxIndirectParamA 764983DD 5 Bytes JMP 6DDB538C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[996] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] USER32.dll!MessageBoxIndirectA 764AD471 5 Bytes JMP 6DDB525B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[996] USER32.dll!MessageBoxIndirectW 764AD56B 5 Bytes JMP 6DDB51F0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[996] USER32.dll!MessageBoxExA 764AD5D1 5 Bytes JMP 6DDB518E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[996] USER32.dll!MessageBoxExW 764AD5F5 5 Bytes JMP 6DDB512C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[996] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ole32.dll!OleLoadFromStream 75EB9794 5 Bytes JMP 6DDB5691 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ole32.dll!CoCreateInstance 75EEE2D8 5 Bytes JMP 6DCBDB60 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[996] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] WININET.dll!InternetConnectA 762ADEAE 5 Bytes JMP 1002C980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[996] WININET.dll!InternetConnectW 762AF862 5 Bytes JMP 1002C960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1040] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] WS2_32.dll!WSASocketW 762634EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] WS2_32.dll!WSASocketA 76268FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] WININET.dll!InternetConnectA 762ADEAE 5 Bytes JMP 1002C980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1080] WININET.dll!InternetConnectW 762AF862 5 Bytes JMP 1002C960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] WS2_32.dll!WSASocketW 762634EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] WS2_32.dll!WSASocketA 76268FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] shell32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] shell32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] shell32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] shell32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 0091A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 0090CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 0091CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 0091CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 0090CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 0091CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 0091CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 0091CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 0091CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 0091C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 0091CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 0091CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 0091C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 0091CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 0091CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 0091CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 0091C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 00917790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 00918320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 0091CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 0091CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!OpenFile 77513569 5 Bytes JMP 0091CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 0091CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 0091CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 0091CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 0091CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 0091CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 0091CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 0091CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 0091CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 0091CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 0091CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 0091CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 0091CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 0091CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 0091CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 0091CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 0091CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 0091CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 0091CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 0091CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 0091CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!WinExec 775A580B 5 Bytes JMP 0091CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 0091CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 0091E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 0091D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 009162C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 0091D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 0091DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 00916BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 0091DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 0091C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 0091C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 0091C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 0091CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 0091E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe[1236] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 0091E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1248] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1272] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] shell32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] shell32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] shell32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] shell32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] WinInet.dll!InternetConnectA 762ADEAE 5 Bytes JMP 1002C980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1340] WinInet.dll!InternetConnectW 762AF862 5 Bytes JMP 1002C960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1484] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe[1536] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] WS2_32.dll!WSASocketW 762634EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] WS2_32.dll!WSASocketA 76268FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1740] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1764] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WLANExt.exe[1776] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] KERNEL32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Mobility Center\MobilityService.exe[1860] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] WININET.dll!InternetConnectA 762ADEAE 5 Bytes JMP 1002C980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] WININET.dll!InternetConnectW 762AF862 5 Bytes JMP 1002C960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] WS2_32.dll!WSASocketW 762634EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe[2004] WS2_32.dll!WSASocketA 76268FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[2016] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\servicing\TrustedInstaller.exe[2076] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2196] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] WS2_32.dll!WSASocketW 762634EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] WS2_32.dll!WSASocketA 76268FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2244] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2260] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2316] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2348] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2404] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] WS2_32.dll!WSASocketW 762634EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] WS2_32.dll!WSASocketA 76268FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2460] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] KERNEL32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] shell32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] shell32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] shell32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[2536] shell32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[2648] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2708] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2732] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] WS2_32.dll!WSASocketW 762634EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2764] WS2_32.dll!WSASocketA 76268FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\DRIVERS\xaudio.exe[2796] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] KERNEL32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] shell32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] shell32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] shell32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] shell32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2816] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] KERNEL32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] shell32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] shell32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] shell32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] shell32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2904] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] shell32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] shell32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] shell32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wuauclt.exe[3072] shell32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] WS2_32.dll!WSASocketW 762634EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3088] WS2_32.dll!WSASocketA 76268FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 0168A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 0167CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 0168CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 0168CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 0167CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 0168CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 0168CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 0168CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 0168CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 0168C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 0168CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 0168CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 0168C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 0168CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 0168CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 0168CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 0168C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 01687790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 01688320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 0168CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 0168CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!OpenFile 77513569 5 Bytes JMP 0168CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 0168CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 0168CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 0168CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 0168CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 0168CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 0168CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 0168CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 0168CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 0168CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 0168CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 0168CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 0168CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 0168CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 0168CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 0168CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 0168CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 0168CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 0168CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 0168CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 0168CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!WinExec 775A580B 5 Bytes JMP 0168CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 0168CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 0168E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 0168D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 016862C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 0168D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 0168DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 01686BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 0168DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 0168C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 0168C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 0168C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 0168CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 0168E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3132] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 0168E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 0429A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 0428CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 0429CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 0429CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 0428CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 0429CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 0429CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 0429CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 0429CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 0429C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 0429CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 0429CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 0429C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 0429CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 0429CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 0429CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 0429C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 04297790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 04298320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 0429CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 0429CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!OpenFile 77513569 5 Bytes JMP 0429CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 0429CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 0429CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 0429CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 0429CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 0429CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 0429CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 0429CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 0429CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 0429CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 0429CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 0429CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 0429CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 0429CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 0429CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 0429CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 0429CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 0429CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 0429CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 0429CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 0429CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!WinExec 775A580B 5 Bytes JMP 0429CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 0429CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 0429E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 0429D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 042962C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 0429D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 0429DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 04296BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 0429DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 0429E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 0429E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 0429C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 0429C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 0429C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 0429CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] WS2_32.dll!WSASocketW 762634EB 7 Bytes JMP 0429C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] WS2_32.dll!WSASocketA 76268FA9 5 Bytes JMP 0429C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] WININET.dll!InternetConnectA 762ADEAE 5 Bytes JMP 0429C980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Gadu-Gadu 10\gg.exe[3184] WININET.dll!InternetConnectW 762AF862 5 Bytes JMP 0429C960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ntdll.dll!KiUserExceptionDispatcher 77849648 5 Bytes JMP 1002C750 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] USER32.dll!DialogBoxIndirectParamW 7645BD25 1 Byte [E9] .text C:\Program Files\Internet Explorer\iexplore.exe[3220] USER32.dll!DialogBoxIndirectParamW 7645BD25 5 Bytes JMP 6DDB5329 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] USER32.dll!CreateWindowExW 76463D67 5 Bytes JMP 6DCBDB04 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] USER32.dll!DialogBoxParamW 76471FD5 5 Bytes JMP 6DBE54C5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] USER32.dll!DialogBoxParamA 764980B2 5 Bytes JMP 6DDB52C6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] USER32.dll!DialogBoxIndirectParamA 764983DD 5 Bytes JMP 6DDB538C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] USER32.dll!MessageBoxIndirectA 764AD471 5 Bytes JMP 6DDB525B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] USER32.dll!MessageBoxIndirectW 764AD56B 5 Bytes JMP 6DDB51F0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] USER32.dll!MessageBoxExA 764AD5D1 5 Bytes JMP 6DDB518E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] USER32.dll!MessageBoxExW 764AD5F5 5 Bytes JMP 6DDB512C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] WININET.dll!InternetConnectA 762ADEAE 5 Bytes JMP 1002C980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Internet Explorer\iexplore.exe[3220] WININET.dll!InternetConnectW 762AF862 5 Bytes JMP 1002C960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 003DA630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 003CCE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 003DCD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 003DCE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 003CCD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 003DCDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 003DCE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 003DCE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 003DCE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 003DC490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 003DCDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 003DCDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 003DC440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 003DCD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 003DCD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 003DCE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 003DC4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 003D7790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 003D8320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 003DCA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 003DCBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!OpenFile 77513569 5 Bytes JMP 003DCCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 003DCB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 003DCC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 003DCBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 003DCBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 003DCAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 003DCB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 003DCB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 003DCB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 003DCCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 003DCA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 003DCCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 003DCA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 003DCD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 003DCAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 003DCAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 003DCC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 003DCC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 003DCB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 003DCC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 003DCC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!WinExec 775A580B 5 Bytes JMP 003DCA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 003DCD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 003DE3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 003DD590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 003D62C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 003DD830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 003DDAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 003D6BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 003DDD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 003DC9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 003DC9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 003DC9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 003DCA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 003DE600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3396] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 003DE840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ntdll.dll!KiUserExceptionDispatcher 77849648 5 Bytes JMP 1002C750 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] wininet.dll!InternetConnectA 762ADEAE 5 Bytes JMP 1002C980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] wininet.dll!InternetConnectW 762AF862 5 Bytes JMP 1002C960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] shell32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] shell32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] shell32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] shell32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] WS2_32.dll!WSASocketW 762634EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Skype\Phone\Skype.exe[3436] WS2_32.dll!WSASocketA 76268FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[3444] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 01BEA630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 01BDCE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 01BECD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 01BECE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 01BDCD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 01BECDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 01BECE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 01BECE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 01BECE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 01BEC490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 01BECDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 01BECDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 01BEC440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 01BECD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 01BECD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 01BECE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 01BEC4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 01BE7790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 01BE8320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 01BECA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 01BECBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!OpenFile 77513569 5 Bytes JMP 01BECCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 01BECB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 01BECC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 01BECBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 01BECBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 01BECAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 01BECB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 01BECB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 01BECB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 01BECCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 01BECA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 01BECCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 01BECA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 01BECD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 01BECAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 01BECAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 01BECC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 01BECC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 01BECB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 01BECC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 01BECC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!WinExec 775A580B 5 Bytes JMP 01BECA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 01BECD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 01BED590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 01BE62C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 01BED830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 01BEDAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 01BE6BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 01BEDD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 01BEE3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 01BEC9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 01BEC9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 01BEC9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 01BECA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 01BEE600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 01BEE840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] WININET.dll!InternetConnectA 762ADEAE 5 Bytes JMP 01BEC980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] WININET.dll!InternetConnectW 762AF862 5 Bytes JMP 01BEC960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] WS2_32.dll!WSASocketW 762634EB 7 Bytes JMP 01BEC920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[3512] WS2_32.dll!WSASocketA 76268FA9 5 Bytes JMP 01BEC940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] WS2_32.dll!WSASocketW 762634EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[3548] WS2_32.dll!WSASocketA 76268FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3564] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3580] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] SHELL32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] SHELL32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] SHELL32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] SHELL32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3592] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3884] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ntdll.dll!LdrLoadDll 778179B3 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ntdll.dll!LdrUnloadDll 7782E5AC 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ntdll.dll!LdrGetProcedureAddress 77834C19 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ntdll.dll!NtAllocateVirtualMemory 778479D8 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ntdll.dll!NtClose 77847BB8 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ntdll.dll!NtCreateFile 77847C78 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ntdll.dll!NtCreateProcess 77847D38 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ntdll.dll!NtCreateProcessEx 77847D48 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ntdll.dll!NtDeleteFile 77848058 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ntdll.dll!NtFreeVirtualMemory 778481E8 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ntdll.dll!NtLoadDriver 77848308 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ntdll.dll!NtOpenFile 77848458 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ntdll.dll!NtProtectVirtualMemory 778485D8 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ntdll.dll!NtSetInformationProcess 77848BC8 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ntdll.dll!NtUnloadDriver 77848E18 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ntdll.dll!NtWriteVirtualMemory 77848F18 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ntdll.dll!RtlAllocateHeap 778556E6 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!CreateProcessW 77511C01 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!CreateProcessA 77511C36 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!VirtualProtect 77511DD1 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!MoveFileA 775124CD 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!OpenFile 77513569 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!MoveFileWithProgressA 77515883 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!CopyFileW 77516FAD 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!MoveFileW 7751A672 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!CopyFileExW 7751BFA1 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!DeleteFileW 7752C680 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!DeleteFileA 7752C79C 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!MoveFileWithProgressW 77531104 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!MoveFileExW 77531128 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!LoadLibraryExW 7753374A 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!LoadLibraryW 7753382D 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!LoadLibraryExA 77539649 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!LoadLibraryA 77539671 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!GetProcAddress 7755BAC6 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!GetModuleHandleW 7755BB2E 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!GetModuleHandleA 7755BD5D 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!CreateFileW 7755CE4E 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!CreateFileA 7755D171 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!MoveFileExA 77560B26 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!CopyFileA 77562187 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!CopyFileExA 775A1291 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!WinExec 775A580B 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] kernel32.dll!LoadModule 775A5963 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] USER32.dll!EndTask 7649ACCF 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ADVAPI32.dll!OpenServiceA 772AA383 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ADVAPI32.dll!CreateProcessAsUserW 772AA8F5 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ADVAPI32.dll!OpenServiceW 772AFFC3 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ADVAPI32.dll!CreateServiceW 772D38FF 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ADVAPI32.dll!CreateProcessAsUserA 772F48A6 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ADVAPI32.dll!CreateServiceA 77316C71 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] shell32.dll!ShellExecuteW 765BA2C5 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] shell32.dll!ShellExecuteExW 7660FFBD 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] shell32.dll!ShellExecuteEx 767B8C3A 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] shell32.dll!ShellExecuteA 767B8CD5 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ole32.dll!CoGetClassObject 75ED6178 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Kamila\Desktop\xst5i28k.exe[4148] ole32.dll!CoCreateInstanceEx 75EEE31B 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [806916D6] \SystemRoot\System32\Drivers\spwb.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [80691042] \SystemRoot\System32\Drivers\spwb.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [80691800] \SystemRoot\System32\Drivers\spwb.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [806910C0] \SystemRoot\System32\Drivers\spwb.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8069113E] \SystemRoot\System32\Drivers\spwb.sys IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [806A0E9C] \SystemRoot\System32\Drivers\spwb.sys ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [744E8864] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74529855] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [744EB984] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [744DFB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [744E7A29] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [744DEA65] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [7451B12D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [744EBC4A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [744E0756] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [744E06BD] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [744D71B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7456D9E0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [74507329] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [744DE109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [744D697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [744D69A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [744E2475] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [006A2300] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [006A1B30] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [006A2690] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated) IAT C:\Windows\Explorer.EXE[2732] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [006A1290] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated) IAT C:\Program Files\Internet Explorer\iexplore.exe[3220] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [04332300] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated) IAT C:\Program Files\Internet Explorer\iexplore.exe[3220] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [04331B30] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated) IAT C:\Program Files\Internet Explorer\iexplore.exe[3220] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [04332690] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated) IAT C:\Program Files\Internet Explorer\iexplore.exe[3220] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [04331290] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated) IAT C:\Program Files\Skype\Phone\Skype.exe[3436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [03EE2300] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated) IAT C:\Program Files\Skype\Phone\Skype.exe[3436] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [03EE1B30] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated) IAT C:\Program Files\Skype\Phone\Skype.exe[3436] @ C:\Windows\system32\shell32.dll [KERNEL32.dll!GetProcAddress] [03EE2690] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated) IAT C:\Program Files\Skype\Phone\Skype.exe[3436] @ C:\Windows\system32\shell32.dll [KERNEL32.dll!LoadLibraryA] [03EE1290] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated) ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 84E0D1F8 Device \FileSystem\fastfat \FatCdrom 867B41F8 AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Dynamiczna struktura WDF/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Dynamiczna struktura WDF/Microsoft Corporation) Device \Driver\volmgr \Device\VolMgrControl 84E091F8 Device \Driver\usbuhci \Device\USBPDO-0 85DED1F8 Device \Driver\usbuhci \Device\USBPDO-1 85DED1F8 Device \Driver\usbehci \Device\USBPDO-2 85E751F8 Device \Driver\usbuhci \Device\USBPDO-3 85DED1F8 Device \Driver\usbuhci \Device\USBPDO-4 85DED1F8 Device \Driver\usbuhci \Device\USBPDO-5 85DED1F8 Device \Driver\netbt \Device\NetBT_Tcpip_{FACD8CE0-4493-4DFA-A802-516BD6A0E7A5} 866B71F8 Device \Driver\usbehci \Device\USBPDO-6 85E751F8 Device \Driver\volmgr \Device\HarddiskVolume1 84E091F8 Device \Driver\volmgr \Device\HarddiskVolume2 84E091F8 Device \Driver\cdrom \Device\CdRom0 85E4C1F8 Device \Driver\volmgr \Device\HarddiskVolume3 84E091F8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 84E0C1F8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-3 84E0C1F8 Device \Driver\atapi \Device\Ide\IdePort0 84E0C1F8 Device \Driver\atapi \Device\Ide\IdePort1 84E0C1F8 Device \Driver\atapi \Device\Ide\IdePort2 84E0C1F8 Device \Driver\atapi \Device\Ide\IdePort3 84E0C1F8 Device \Driver\netbt \Device\NetBt_Wins_Export 866B71F8 Device \Driver\Smb \Device\NetbiosSmb 867571F8 Device \Driver\iScsiPrt \Device\RaidPort0 85E481F8 Device \Driver\usbuhci \Device\USBFDO-0 85DED1F8 Device \Driver\usbuhci \Device\USBFDO-1 85DED1F8 Device \Driver\usbehci \Device\USBFDO-2 85E751F8 Device \Driver\usbuhci \Device\USBFDO-3 85DED1F8 Device \Driver\usbuhci \Device\USBFDO-4 85DED1F8 Device \Driver\usbuhci \Device\USBFDO-5 85DED1F8 Device \Driver\netbt \Device\NetBT_Tcpip_{0B8FE43C-9061-4D0A-BF0F-88A5BD8BE88B} 866B71F8 Device \Driver\usbehci \Device\USBFDO-6 85E751F8 Device \FileSystem\fastfat \Fat 867B41F8 AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Menedżer filtrów systemu plików firmy Microsoft/Microsoft Corporation) Device \FileSystem\cdfs \Cdfs 8756A500 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x44 0x17 0x0B 0x0C ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x44 0x17 0x0B 0x0C ... ---- Files - GMER 1.0.15 ---- File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\Temp 0 bytes File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\Temp\baseupd 0 bytes ---- EOF - GMER 1.0.15 ----