GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-11-24 15:22:39 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 SAMSUNG_HD252HJ rev.1AC01113 Running: tj45j6jb.exe; Driver: C:\DOCUME~1\PAWE~1\USTAWI~1\Temp\pxtdapow.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAdjustPrivilegesToken [0xB2B7A7E4] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwConnectPort [0xB2B79D90] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateFile [0xB2B7A44A] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateKey [0xB2B7B040] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSection [0xB2B7CC20] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSymbolicLinkObject [0xB2B7CF9E] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThread [0xB2B7977C] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwDeleteKey [0xB2B7A9D0] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwDeleteValueKey [0xB2B7ABE8] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwDuplicateObject [0xB2B79582] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwEnumerateKey [0xB2B7B82A] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwEnumerateValueKey [0xB2B7BA80] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwLoadDriver [0xB2B7C652] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwMakeTemporaryObject [0xB2B7A058] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenFile [0xB2B7A626] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenKey [0xB2B7B030] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenProcess [0xB2B791B0] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenSection [0xB2B7A2F2] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenThread [0xB2B793B4] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwQueryKey [0xB2B7BC8E] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwQueryMultipleValueKey [0xB2B7C0E2] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwQueryValueKey [0xB2B7BEA0] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRenameKey [0xB2B7B5B2] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSecurityObject [0xB2B7AE54] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSystemInformation [0xB2B7C93E] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetValueKey [0xB2B7B30A] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwShutdownSystem [0xB2B79FC2] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSystemDebugControl [0xB2B7A1DE] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateProcess [0xB2B79B92] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateThread [0xB2B79980] ---- Kernel code sections - GMER 1.0.15 ---- .text ntoskrnl.exe!ZwYieldExecution + 17A 804E49D4 4 Bytes [E8, AB, B7, B2] ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 00780630 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[196] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[196] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[196] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[196] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[196] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[196] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[196] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[196] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[196] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[196] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[196] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[196] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[196] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\TrueCrypt\TrueCrypt.exe[224] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\TrueCrypt\TrueCrypt.exe[224] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\TrueCrypt\TrueCrypt.exe[224] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\TrueCrypt\TrueCrypt.exe[224] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\TrueCrypt\TrueCrypt.exe[224] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\TrueCrypt\TrueCrypt.exe[224] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\TrueCrypt\TrueCrypt.exe[224] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\TrueCrypt\TrueCrypt.exe[224] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\TrueCrypt\TrueCrypt.exe[224] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\TrueCrypt\TrueCrypt.exe[224] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\TrueCrypt\TrueCrypt.exe[224] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\TrueCrypt\TrueCrypt.exe[224] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\TrueCrypt\TrueCrypt.exe[224] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[232] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[232] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[232] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[232] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[232] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[232] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[232] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[232] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[232] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[232] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[232] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[232] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[232] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[264] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[264] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[264] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[264] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[264] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[264] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[264] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[264] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[264] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[264] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[264] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[264] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\ctfmon.exe[264] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe[392] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe[392] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe[392] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe[392] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe[392] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe[392] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe[392] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe[392] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe[392] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe[392] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe[392] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe[392] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe[392] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[416] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[416] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[416] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[416] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[416] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[416] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[416] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[416] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[416] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[416] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[416] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[416] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[416] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[488] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[488] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[488] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[488] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[488] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[488] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[488] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[488] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[488] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[488] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[488] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[488] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[488] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\csrss.exe[568] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 10001450 C:\WINDOWS\system32\cmdcsr.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\csrss.exe[568] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 100017F0 C:\WINDOWS\system32\cmdcsr.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[644] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[644] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[644] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[644] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[644] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[644] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[644] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[644] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[644] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[644] RPCRT4.dll!RpcServerRegisterIfEx 77E8CD53 5 Bytes JMP 1001F870 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[644] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[644] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[644] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\services.exe[644] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[656] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[656] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[656] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[656] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[656] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[656] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[656] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[656] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[656] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[656] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[656] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[656] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\lsass.exe[656] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[824] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[824] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[824] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[824] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[824] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[824] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[824] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[824] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[824] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[824] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[824] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[824] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[824] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[840] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[840] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[840] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[840] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[840] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[840] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[840] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[840] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[840] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[840] RPCRT4.dll!RpcServerRegisterIfEx 77E8CD53 5 Bytes JMP 1001F870 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[840] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[840] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[840] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[840] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[900] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[900] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[900] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[900] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[900] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[900] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[900] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[900] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[900] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[900] RPCRT4.dll!RpcServerRegisterIfEx 77E8CD53 5 Bytes JMP 1001F870 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[900] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[900] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[900] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[900] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[900] rpcss.dll!WhichService 76A64234 8 Bytes JMP EDF01001 .text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[932] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 00534850 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO) .text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[932] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 0054ECA0 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[964] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[964] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[964] RPCRT4.dll!RpcServerRegisterIfEx 77E8CD53 5 Bytes JMP 1001F870 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[964] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[964] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[964] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\svchost.exe[964] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1076] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1076] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1076] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1076] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1076] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1076] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1076] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1076] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1076] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1076] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1076] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1076] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1076] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1192] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1192] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1192] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1192] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1192] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1192] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1192] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1192] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1192] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1192] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1192] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1192] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\spoolsv.exe[1192] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1260] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1260] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1260] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1260] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1260] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1260] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1260] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1260] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1260] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1260] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1260] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1260] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1260] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1292] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1292] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1292] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1292] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1292] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1292] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1292] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1292] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1292] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1292] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1292] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1292] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1292] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1336] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1336] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1336] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1336] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1336] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1336] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1336] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1336] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1336] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1336] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1336] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1336] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1336] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1348] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1348] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1348] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1348] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1348] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1348] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1348] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1348] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1348] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1348] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1348] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1348] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1348] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1380] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1380] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1380] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1380] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1380] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1380] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1380] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1380] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1380] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1380] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1380] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1380] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\System32\svchost.exe[1380] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[1852] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[1852] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[1852] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[1852] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[1852] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[1852] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[1852] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[1852] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[1852] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[1852] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[1852] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[1852] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\system32\Ati2evxx.exe[1852] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[1928] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[1928] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[1928] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[1928] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[1928] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[1928] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[1928] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[1928] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[1928] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[1928] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[1928] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[1928] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\Explorer.EXE[1928] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[2028] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[2028] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[2028] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[2028] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[2028] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[2028] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[2028] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[2028] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[2028] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[2028] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[2028] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[2028] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[2028] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\SOUNDMAN.EXE[2044] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\SOUNDMAN.EXE[2044] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\SOUNDMAN.EXE[2044] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\SOUNDMAN.EXE[2044] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\SOUNDMAN.EXE[2044] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\SOUNDMAN.EXE[2044] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\SOUNDMAN.EXE[2044] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\SOUNDMAN.EXE[2044] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\SOUNDMAN.EXE[2044] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\SOUNDMAN.EXE[2044] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\SOUNDMAN.EXE[2044] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\SOUNDMAN.EXE[2044] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\SOUNDMAN.EXE[2044] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2052] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2052] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2052] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2052] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2052] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2052] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2052] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2052] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2052] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2052] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2052] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2052] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2052] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2096] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2096] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2096] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2096] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2096] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2096] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2096] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2096] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2096] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2096] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2096] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2096] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2096] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Pawe許Pulpit\tj45j6jb.exe[2380] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001D120 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Pawe許Pulpit\tj45j6jb.exe[2380] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BCD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Pawe許Pulpit\tj45j6jb.exe[2380] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B9B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Pawe許Pulpit\tj45j6jb.exe[2380] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027F40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Pawe許Pulpit\tj45j6jb.exe[2380] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D240 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Pawe許Pulpit\tj45j6jb.exe[2380] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10025070 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Pawe許Pulpit\tj45j6jb.exe[2380] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025C00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Pawe許Pulpit\tj45j6jb.exe[2380] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Pawe許Pulpit\tj45j6jb.exe[2380] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028AE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Pawe許Pulpit\tj45j6jb.exe[2380] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Pawe許Pulpit\tj45j6jb.exe[2380] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Pawe許Pulpit\tj45j6jb.exe[2380] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023BA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Documents and Settings\Pawe許Pulpit\tj45j6jb.exe[2380] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 100244D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO) ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] [F742A750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] [F742A820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] [F742A7F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [F742A7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [F742A7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [F742A820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [F742A750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [F742A7F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [F742A7F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [F742A7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [F742A820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [F742A750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [F742A7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [F742A7F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [F742A750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [F742A820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [F742A750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [F742A820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [F742A7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [F742A7F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [F742A7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [F742A820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [F742A750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO) ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!GetProcAddress] [0065EBE0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!LoadLibraryA] [0065EA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [0065EAD0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] [0065E130] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] [0065EB50] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [0065EA50] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [0065EA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [0065EBE0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [0065EA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [0065EA50] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [0065EBE0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] [0065E130] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [0065EA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [0065EA50] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [0065EBE0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [0065EBE0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [0065EA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] [0065EB50] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] [0065E130] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [0065EBE0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [0065EA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] [0065E130] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] [0065EB50] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [0065EA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] [0065E130] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [0065EBE0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHLWAPI.dll [GDI32.dll!DeleteObject] [0065D890] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] [0065EB50] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [0065EA90] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [0065EAD0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [0065EA50] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [0065E130] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [0065EA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [0065EBE0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [0065DC90] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [0065DD20] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [0065D830] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!RegisterClassA] [0065E1C0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!RegisterClassW] [0065E280] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SystemParametersInfoW] [0065E4C0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CallWindowProcW] [0065DB50] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CallWindowProcA] [0065DBF0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSystemMetrics] [0065E340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [GDI32.dll!DeleteObject] [0065D890] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] [0065EB50] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [0065EA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [0065EA50] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [0065EBE0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] [0065E130] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [0065EAD0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [0065EA90] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!AdjustWindowRectEx] [0065E600] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] [0065DC90] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSystemMetrics] [0065E340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColor] [0065D830] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [0065DD20] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!RegisterClassW] [0065E280] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColorBrush] [0065D8E0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!FillRect] [0065E740] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DrawFrameControl] [0065E810] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DrawEdge] [0065E7C0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SystemParametersInfoW] [0065E4C0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetScrollInfo] [0065DAE0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!CallWindowProcW] [0065DB50] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetScrollInfo] [0065D9D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\ole32.dll [GDI32.dll!DeleteObject] [0065D890] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [0065EBE0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [0065EA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [0065EA50] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] [0065E130] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [0065EAD0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [0065EA90] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SystemParametersInfoW] [0065E4C0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetSystemMetrics] [0065E340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetSysColor] [0065D830] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!CallWindowProcW] [0065DB50] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!RegisterClassW] [0065E280] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] [0065DD20] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [0065EA50] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [0065EA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [0065EBE0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] [0065E130] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [0065EA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [0065EBE0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [0065EA50] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [0065EA90] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateThread] [0065E130] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [0065EBE0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [0065EA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\USERENV.dll [USER32.dll!GetSystemMetrics] [0065E340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [0065EBE0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [0065EA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [0065EA90] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [0065EAD0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] [0065E130] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] [0065EB50] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[184] @ C:\WINDOWS\system32\CRYPT32.dll [USER32.dll!GetSystemMetrics] [0065E340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\Tcpip \Device\Ip cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) AttachedDevice \Driver\Tcpip \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) AttachedDevice \Driver\Tcpip \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) AttachedDevice \Driver\Tcpip \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) ---- EOF - GMER 1.0.15 ----