GMER 1.0.15.15572 - http://www.gmer.net Rootkit scan 2011-04-30 12:07:26 Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 MAXTOR_STM3500630AS rev.3.AAE Running: gz7rik2t.exe; Driver: C:\Users\Wosio\AppData\Local\Temp\ugloqpod.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAdjustPrivilegesToken [0x8D80DC14] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAlpcConnectPort [0x8D80F1C4] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAlpcCreatePort [0x8D80DE00] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwConnectPort [0x8D80CF40] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateFile [0x8D80D87A] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreatePort [0x8D80CE1C] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSection [0x8D80D626] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSymbolicLinkObject [0x8D80EE54] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThread [0x8D80C808] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwLoadDriver [0x8D80E864] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwMakeTemporaryObject [0x8D80D208] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenFile [0x8D80DA56] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenSection [0x8D80D4AC] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRequestWaitReplyPort [0x8D80E2FC] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSecureConnectPort [0x8D80E5B0] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSystemInformation [0x8D80EB5C] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwShutdownSystem [0x8D80D172] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSystemDebugControl [0x8D80D398] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateProcess [0x8D80CC1E] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateThread [0x8D80CA0C] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThreadEx [0x8D80DF10] ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!KeSetEvent + 119 82AC689C 4 Bytes [14, DC, 80, 8D] .text ntkrnlpa.exe!KeSetEvent + 13D 82AC68C0 8 Bytes [C4, F1, 80, 8D, 00, DE, 80, ...] .text ntkrnlpa.exe!KeSetEvent + 1C1 82AC6944 4 Bytes [40, CF, 80, 8D] .text ntkrnlpa.exe!KeSetEvent + 1D9 82AC695C 4 Bytes [7A, D8, 80, 8D] .text ntkrnlpa.exe!KeSetEvent + 205 82AC6988 4 Bytes [1C, CE, 80, 8D] .text ... .text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x8C803000, 0x1E7580, 0xE8000020] .text C:\Windows\system32\DRIVERS\athsgt.sys section is writeable [0x9C6F0300, 0x21F20, 0xE8000020] .text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0x9C719300, 0x3B6D8, 0xE8000020] .text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0x9C760300, 0x1BEE, 0xE8000020] ---- User code sections - GMER 1.0.15 ---- .text C:\Windows\system32\Dwm.exe[200] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[200] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] WS2_32.dll!WSASocketW 76CE34EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[580] WS2_32.dll!WSASocketA 76CE8FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[660] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] WS2_32.dll!WSASocketW 76CE34EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[672] WS2_32.dll!WSASocketA 76CE8FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[680] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[828] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[972] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 0050ED30 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO) .text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[972] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 005266C0 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[980] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iPod\bin\iPodService.exe[1016] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1052] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1076] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1132] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] WS2_32.dll!WSASocketW 76CE34EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] WS2_32.dll!WSASocketA 76CE8FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] shell32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] shell32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] shell32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1168] shell32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1228] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1252] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[1348] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1372] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] shell32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] shell32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] shell32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1412] shell32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Ati2evxx.exe[1568] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1772] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] WS2_32.dll!WSASocketW 76CE34EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] WS2_32.dll!WSASocketA 76CE8FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1824] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1892] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[1972] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 0017A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 0016CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 0017CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 0017CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ntdll.dll!NtClose 774F4164 5 Bytes JMP 0016CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 0017CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 0017CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 0017CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 0017CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 0017C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 0017CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 0017CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 0017C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 0017CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 0017CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 0017CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 0017C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 00177790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 00178320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 0017CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 0017CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 0017CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 0017CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 0017CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 0017CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 0017CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 0017CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 0017CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 0017CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 0017CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 0017CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 0017CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 0017CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 0017CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 0017CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 0017CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 0017CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 0017CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 0017CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 0017CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 0017CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 0017CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 0017CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 0017CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 0017C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 0017C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 0017C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 0017CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 0017E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 00176BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 001762C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 0017D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 0017D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 0017DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 0017DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 0017E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 0017E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] WS2_32.dll!WSASocketW 76CE34EB 7 Bytes JMP 0017C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2212] WS2_32.dll!WSASocketA 76CE8FA9 5 Bytes JMP 0017C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] WS2_32.dll!WSASocketW 76CE34EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] WS2_32.dll!WSASocketA 76CE8FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Bonjour\mDNSResponder.exe[2304] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] WS2_32.dll!WSASocketW 76CE34EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] WS2_32.dll!WSASocketA 76CE8FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] WININET.dll!InternetConnectA 75DB5456 5 Bytes JMP 1002C980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] WININET.dll!InternetConnectW 75DB5AD2 5 Bytes JMP 1002C960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2.exe[2332] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2460] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2492] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2608] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2620] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] WININET.dll!InternetConnectA 75DB5456 5 Bytes JMP 1002C980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] WININET.dll!InternetConnectW 75DB5AD2 5 Bytes JMP 1002C960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\PSIA.exe[2700] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] WS2_32.dll!WSASocketW 76CE34EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[2732] WS2_32.dll!WSASocketA 76CE8FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] shell32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] shell32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] shell32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] shell32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Wosio\Downloads\gz7rik2t.exe[2808] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\sua.exe[2928] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] WININET.dll!InternetConnectA 75DB5456 5 Bytes JMP 1002C980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2944] WININET.dll!InternetConnectW 75DB5AD2 5 Bytes JMP 1002C960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2952] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\RtHDVCpl.exe[3188] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3196] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] WININET.DLL!InternetConnectA 75DB5456 5 Bytes JMP 1002C980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\iTunes\iTunesHelper.exe[3240] WININET.DLL!InternetConnectW 75DB5AD2 5 Bytes JMP 1002C960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3264] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3332] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] WININET.dll!InternetConnectA 75DB5456 5 Bytes JMP 1002C980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] WININET.dll!InternetConnectW 75DB5AD2 5 Bytes JMP 1002C960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3412] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] WININET.dll!InternetConnectA 75DB5456 5 Bytes JMP 1002C980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] WININET.dll!InternetConnectW 75DB5AD2 5 Bytes JMP 1002C960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] WS2_32.dll!WSASocketW 76CE34EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[3420] WS2_32.dll!WSASocketA 76CE8FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] WS2_32.dll!WSASocketW 76CE34EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] WS2_32.dll!WSASocketA 76CE8FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3428] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3436] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] WS2_32.dll!WSASocketW 76CE34EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[3464] WS2_32.dll!WSASocketA 76CE8FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Secunia\PSI\psi_tray.exe[3500] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3540] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3548] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\WUDFHost.exe[3572] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ntdll.dll!KiUserExceptionDispatcher 774F5BF8 5 Bytes JMP 1002C750 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] WS2_32.dll!WSASocketW 76CE34EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] WS2_32.dll!WSASocketA 76CE8FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[3696] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] WS2_32.dll!WSASocketW 76CE34EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[3736] WS2_32.dll!WSASocketA 76CE8FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ntdll.dll!LdrLoadDll 774B93A8 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ntdll.dll!LdrUnloadDll 774CB740 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ntdll.dll!LdrGetProcedureAddress 774D57A0 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ntdll.dll!NtAllocateVirtualMemory 774F3F84 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ntdll.dll!NtClose 774F4164 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ntdll.dll!NtCreateFile 774F4224 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ntdll.dll!NtCreateProcess 774F42E4 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ntdll.dll!NtCreateProcessEx 774F42F4 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ntdll.dll!NtDeleteFile 774F4604 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ntdll.dll!NtFreeVirtualMemory 774F4794 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ntdll.dll!NtLoadDriver 774F48B4 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ntdll.dll!NtOpenFile 774F4A04 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ntdll.dll!NtProtectVirtualMemory 774F4B84 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ntdll.dll!NtSetInformationProcess 774F5174 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ntdll.dll!NtUnloadDriver 774F53C4 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ntdll.dll!NtWriteVirtualMemory 774F54C4 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ntdll.dll!RtlAllocateHeap 774F63B0 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!CreateProcessW 77041BF3 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!CreateProcessA 77041C28 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!VirtualProtect 77041DC3 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!OpenFile 7704355A 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!MoveFileW 7704A2F2 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!CopyFileExW 77050211 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!CopyFileW 77050299 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!DeleteFileW 7705F4B6 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!DeleteFileA 7705F5D2 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!MoveFileWithProgressW 770610A4 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!MoveFileExW 770610C8 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!LoadLibraryExW 77069109 7 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!LoadLibraryW 77069362 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!LoadLibraryExA 770694B4 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!LoadLibraryA 770694DC 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!GetProcAddress 7708903B 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!GetModuleHandleA 770892A5 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!GetModuleHandleW 7708A804 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!CreateFileW 7708AECB 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!CreateFileA 7708CE5F 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!MoveFileExA 77090F0A 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!MoveFileWithProgressA 77090F2A 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!CopyFileA 77092433 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!MoveFileA 770CF641 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!CopyFileExA 770D19F9 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!WinExec 770D5CF7 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] kernel32.dll!LoadModule 770D5E4F 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] USER32.dll!EndTask 76C8AD32 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ADVAPI32.dll!CreateProcessAsUserA 76F7CEB9 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ADVAPI32.dll!CreateProcessAsUserW 76F91EE9 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ADVAPI32.dll!OpenServiceA 76F92EBD 7 Bytes JMP 1002D590 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ADVAPI32.dll!OpenServiceW 76F98354 7 Bytes JMP 1002D830 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ADVAPI32.dll!CreateServiceW 76FB9EB4 7 Bytes JMP 1002DAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ADVAPI32.dll!CreateServiceA 76FF72A1 7 Bytes JMP 1002DD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ole32.dll!CoGetClassObject 76ADFAE8 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] ole32.dll!CoCreateInstanceEx 76AF9F81 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] SHELL32.dll!ShellExecuteEx 7618A292 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] SHELL32.dll!ShellExecuteA 7618A32D 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] WS2_32.dll!WSASocketW 76CE34EB 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe[4016] WS2_32.dll!WSASocketA 76CE8FA9 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\Explorer.EXE[2944] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [743F7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2944] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [7444A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2944] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [743FBB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2944] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [743EF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2944] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [743F75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2944] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [743EE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2944] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74428395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2944] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [743FDA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2944] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [743EFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2944] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [743EFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2944] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [743E71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2944] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7447CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2944] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [7441C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2944] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [743ED968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2944] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [743E6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2944] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [743E687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2944] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [743F2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\tdx \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) AttachedDevice \Driver\tdx \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) AttachedDevice \Driver\tdx \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Menedżer filtrów systemu plików firmy Microsoft/Microsoft Corporation) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{AFCD3C5A-CA3D-46BB-935D-659AAFDC2546}\Linkage@Bind ????????????????????????????????????*6to4mp?????? ?????????????????????#????????????????????? ?????????????????????#?????????????????????????????????????2??C9???????????{??a5??*6to4mp?11??? ?????????????????????#????????????????????? ?????????????????????#?????????????????????????????????????????????????????D??ud??????I ??? ?????????????????????#????????????&???????????????????????Line in at rear panel (black)???????????????????? ?????????????????????#????????????????????????????? ?????????????????????#????????z?????????????????????????????????????z??????o??????nettun.inf:Microsoft.NTx86:6to4mp.ndi:6.0.6002.18005:*6to4mp?(P?SysClass.dll,ComputerClassInstaller??????????????4???e??tunnel?50}??? *?????????????????Karta Microsoft 6to4?4???????????????????????????????????????(??? ?????????????????????#?????????????????????????????????????????????????????????????(N?????? ?????????????????????#????????*???????????Karta Microsoft 6to4?S??@nettun.inf,%6to4mp.displayname%;Karta Microsoft 6to4?????????????????????????? Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{AFCD3C5A-CA3D-46BB-935D-659AAFDC2546}\Linkage@Export ???S???????????????S????????????? ???????R???????????????????????????????e?????S???R????? P??S??????????????{BA407977-A498-4A9B-9C82-0B5B4808C210}????????*??S????????d?????TCPIP6TUNNEL?Tcpip6???????`??S??????????\Device\{BA407977-A498-4A9B-9C82-0B5B4808C210}??????????$???4????? ??????? ????t?????????? ????????????????????????????????????????? ???????????$???4????? ??????? ????????????????????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????(????????????????????????????????????????????????????????????????????????????????????????????????&????@??$???S????????????????????????@??$???R????????????????????????@??$???S???????????????????????? ??????????????? ??????????S???E???S??????????????????$???4????? ??????? ????t?????????? ????????????????????????????????????????? ???????tunnel?.0.(??????S???d???&????????X??????.???t??????$???4????? ??????? ????t?????????? ????????????????????????????????????????? ?????@??$???R????????????? Reg HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Linkage@Bind ???S?@(??????e??????????????STORAGE\VolumeSnapshot??95@??e?e?e?e?e?e?e?e?e?e?e?e?e???h?????e??8??????e??????s????e?e?e???e?????2???2???%???%???2???2????ck??@nettun.inf,%6to4mp.displayname%;Karta Microsoft 6to4?(??????????F?????s1-(??????????B???????????e?e?e?e?e?e?e?e?e?e-0????z??e???3??15???????????e????X??e???????t`?{4d36e972-e325-11ce-bfc1-08002be10318}\0013???x???:??e???D?g?eX?@nettun.inf,%msft%;Microsoft?e???????R???R??{533c5b84-ec70-11d2-9505-00c04f79deaf}?F?F????`??e???B???????G??volsnap.inf?10???????e???m???e??tunnel?wal??6TO4 Adapter????? l??e???l?????02|????z??e???A??.d ???????????????????N??e???)?????2?2??{4d36e972-e325-11ce-bfc1-08002be10318}??????nettun.inf:Microsoft.NTx86:6to4mp.ndi:6.0.6002.18005:*6to4mp?i ???????????????P???*??e????????0?Karta Microsoft 6to4?A???e?e?????e?e?e??????? ???????e?????e???????#????????????????????? ???????e???????????L?#?????????????????????????e??????????Microsoft????????e???D???????a??? ???e???{?????839??6-21-2006????????????e???e??? ???????e?????e???????#??????? Reg HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Linkage@Route ????????? ???????8?????g????????????????????????????????????Typ??????????i????????c??????????????????t???8??????????????????????????????l???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????MSAFD NetBIOS [\Device\NetBT_Tcpip6_{4949ABB7-8B6C-4B04-BEA4-79C9644E24C1}] SEQPACKET 115???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????l???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????MSAFD NetBIOS [\Device\NetBT_Tcpip6_{4949ABB7-8B6C-4B04-BEA4-79C9644E24C1}] DATAGRAM 115??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? Reg HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Linkage@Export ?????4???6???????6???4??b9???4?495???\????X??4???4????????N??4???9????DEC5??{4d36e972-e325-11ce-bfc1-08002be10318}?855???????4???1??sC??Net?ev??? ???4???{?????332??*6to4mp??A??? ?????????????3?????6????????$?N?*?????????{4d36e972-e325-11ce-bfc1-08002be10318}\0043?67???????????4????????????N??4??????????????{5D1B359A-45E0-4C46-A142-04E531823A9E}?5?????????????y???????????????C???????s?????4?????4??? ???????????????c???????????4??????????te???????????4???3??? ?????????????4???????"??????????D?&???????????????????????? ???????4?????????????"??????*?.??? ???????in???????????4??????????du??????*?????????????????.??4???w??k ??Po??czenie lokalne* 42???4???????4????????????????,Po??czenie lokalne* 42????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????6TO4 Adapter?????????????????????????????????????????????????????????????????????????? Reg HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Linkage@Bind ???O?N???N??? ???????N?????N???????#????????????????????? ???????O???????????N?#?????????????????????O???N???????????P???P???O???????????????????????????? ??????????????????O?O?O??msv1_0????????????????????h??????N????????H???????????????(?? ??????????????g????O?O?O????????????????@??????????????? ???????????????(???????????????????p???????????????P??????????????????????? ?????????????????? ???????????????????????N??????????????s?????P??O????????????????X?kerberos?msv1_0?schannel?wdigest?tspkg????`????????????????e??8??O0??????O???????????????s0???????????????????????(?? ???????????????????????O????????`???????????????????????s???(?? ???O??????????s?????????????????????????????????????????0??????????????????????????P?P?O???? ??O????????X???????????????????0????????????????????????????O????1?????????????????????????0?????????????????????g?0?????????????????????e???? ???????????????????O?????????? ?W?&?????????????????????H?AMD HDMI Output??4 ???????????????x?? ???????????????????O??????????????&?????????????? Reg HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Linkage@Route ???i8}??@monitor.inf,%generic%;(Standardowe typy monitor?w)?d_??? ???????i?????i???????#????????????????????monitor\default_monitor?91?????i?????????i???E??B-???i?i?? ??????????0??8} ??????????????????i?i?i??Net??&???????????4??????????*6to4mp?? ??? ???????U?????i???????#????????????&????????????????????i??? ???????i?????i???????#???????????????????????i??0??h?h?h?h?h?h?h?h?h?h?????????????????????????????e??? ???????i???????????T?#????????????????????? ???????i?????i???????#????????????????????6.0.6001.18000?S?S?????i????{4d36e972-e325-11ce-bfc1-08002be10318}????P?Net???@??????????????? ??????i??????N?@?? ???i??????????????*6to4mp??3 ???X??i???????t@??????i???????? ?nettun.inf???E???i?iic ??????????5??1C@??????i???2??10 ?6to4mp.ndi???????i?i3A ???????????????8??????i??????????*6to4mp??????i?i?? ???????????????8??????i??????????Microsoft????i?i?i ??????????????? ?????????????T????i?iKa????N??i??????????8?X?{4d36e972-e325-11ce-bfc1-08002be10318}????@??????i???????3 ?Net??&???i?i?i@?? ???i??????????????*6to4mp Reg HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Linkage@Export ?????G???H?H?T???????G??????????????? ???????H?????H???????#???????????????????????H?????H???????????????????H??????????6.0.6002.18005???????A?H??????:??H?????g????@nettun.inf,%msft%;Microsoft???????H???A?????H???????H??????????????*6to4mp?????? ???????A?????H???????#????????????????????? ???????H???????????A?#???????????????????????H?????????????5??-5???????H???}??DA??*6to4mp?????? ???????A?????H???????#????????????????????? ???????H???????????H?#???????????????????????H?????????????????????????????????????H?H????? ???????A?????H???????#????????????&??????????????????????????H???A????? ???????H?????H???????#???????????????????????H????? ???????H???????????A?#????????z??????????????H??????????????????????z??H??????????nettun.inf:Microsoft.NTx86:6to4mp.ndi:6.0.6002.18005:*6to4mp?1????N??????7????D?kb???????????H???????????????H???????e??tunnel??????? *??H??????????????Karta Microsoft 6to4?????A?A?A?A?A?A?A?A?A?A?A?A?A?A?A?A?H?H????? ???????A?????H???????#???????????????????????A???A???H???A???A???H???A???H??\ Reg HKLM\SYSTEM\CurrentControlSet\Services\NetBIOS\Linkage@Bind ????????????????????????????????????*6to4mp?????? ???????R?????????????#????????????????????? ?????????????????????#????????????????????????????????????????????*6to4mp?????? ???????R?????????????#????????????????????? ?????????????????????#????????????????????????????????????? ??????????????????????????????? ???????R?????????????#????????????&??????????????????????????????R????? ?????????????????????#??????????????????????????????????????????????????????0???|??????c??????????????????????????????? ???????????????????R?#????????z????????????????????i??%\????z??????s??????nettun.inf:Microsoft.NTx86:6to4mp.ndi:6.0.6002.18005:*6to4mp?T???????????n???e??tunnel?\MS??? *??????t?????e.l??Karta Microsoft 6to4?w?????????????????????R?R??????????????? ??? ???????R?????????????#???????????????????????????????????R??????????????????P?????????????? ?????????????????????#????????*???????????? l??????????????s??@nettun.inf,%6to4mp.displayname%;Karta Microsoft 6to4??????????????R?????????????????P?????sDa??????cr??????RA??? ? Reg HKLM\SYSTEM\CurrentControlSet\Services\NetBIOS\Linkage@Route ???S?R???????(???????S??????????????*6to4mp?????? ???????R?????S???????#????????????????????? ???????S???????????R?#???????????????????????S?????????????????????????S??????????*6to4mp?????? ???????R?????S???????#????????????????????? ???????S???????????S?#???????????????????????S?????????????????????????????????????S?S????? ???????R?????S???????#????????????&????????????????????5?????S???R????? ???????S?????S???????#???????????????????????S????? ???????S???????????R?#????????z??????????????S??????????????????????z??S??????????nettun.inf:Microsoft.NTx86:6to4mp.ndi:6.0.6002.18005:*6to4mp??????X??????F??????s???tunnel??????? *??S??????????????Karta Microsoft 6to4?????R?R?R?R?R?R?R?R?R?R?R?R?R?R?R`S?S?S????? ???????R?????S???????#???????????????????????R???S???S???R???R???S???R???S??AFD NetBIOS ??? ???????S???????????S?#????????*????????????R?R13??? l??S???E?????ET ??@nettun.inf,%6to4mp.displayname%;Karta Microsoft 6to4??????R???????R???S?S?????????????????s???????S???????????????S????????????? ???????R????????? Reg HKLM\SYSTEM\CurrentControlSet\Services\NetBIOS\Linkage@Export ??????????????8?????????????????????????6}??Net?t????????????????????????????O???????????????????????????????????????????????e????????????????(???????????????t??? ??????????????d(???????????????????????????????N??????\????X?{A2FD3FB8-DA2D-41AD-ACE4-9BFE05C89FFB}?18} ?????????????????????????????????? ???????????????????????????????????????s??????????????????? ?????????????????????????????????????C????????????????????????????????????????HDx?? ??????????????????????????????N???????D; ???N????????D?????O???????????????????????????????????????????????????????? ???N????????D??P?Zezw?l na dost?p do p?tli zwrotnej???? ??????????????o???????????????????????????.??? ??????????????????????????????N???????????{F411E899-7864-42F6-9B9D-3979C3EA82EE}?&00 ??????????e??f5???????????-??a0??? ???????????????????????????????????????s??????????????????????N???? ?????????????????????????????????????Cud`??????? ?????????? ????0??????????-?CD7?????-B9??? ??????????????????????????????N??? ?????????????N???????????X?{4B9CC144-7BD7- Reg HKLM\SYSTEM\CurrentControlSet\Services\netbt\Linkage@Bind ???x??P??????x???????N0?6.0.6002.18005???????x???x???x?x?x???????????D???????????????????U???P@??????x???n??t? ?usb\composite? ??????????o???e8??????x???|??????Microsoft????x?xN? ??????????1???? ??????????P???P???x?x??p?USB\VID_046E&PID_52C0&REV_0110?USB\VID_046E&PID_52C0????USB\DevClass_00&SubClass_00&Prot_00?USB\DevClass_00&SubClass_00?USB\DevClass_00?USB\COMPOSITE????? ??????x???5???ex?6&3716b34d&0??X?{36fc9e60-c465-11cf-8056-444553540000}????H?USB??&8??x?x?x(????????????????s?5???????x???&??s????x(??????x???????????o????X??x???i???n??{36fc9e60-c465-11cf-8056-444553540000}\0011???0??????x???????????????x????r??x?????g??x?@usb.inf,%generic.mfg%;(Standardowy kontroler hosta USB)?a???x?x?x?x?x?x?x?x?x?x?x?x?5??\??\USB#VID_046E&PID_52C0#5&b365ee4&0&1#{a5dcbf10-6530-11d2-901f-00c04fb951ed} ??????????&???? ??????x??????????????????????? ~??x??????????????@usb.inf,%usb\composite.devicedesc%;Urz?dzenie kompozytowe USB?Y?Y????N??x???e????Dhid??usb.inf:Generic.Section.NTx86:Composite.Dev:6.0.6002.18005:usb\composit Reg HKLM\SYSTEM\CurrentControlSet\Services\netbt\Linkage@Route ?????????(N?????????????????????????????{00000000-0000-0000-0000-000000000000}???e??????????????????5???? ??????????????????????????????????????????????????{17CCA71B-ECD7-11D0-B908-00A0C9223196}??????? ????????????????????????"???????5? ???????o2????????????????????????H??????F??????02???????????????????????????)V???????????????????????????0?????????????????????? ??????????????????????????????P?????????????s??????????????!??????????? ??????????????&???????????????????? ????????????????????????"???????3?????????????????????? ????????????????????????"???????4??????????????????????i????? ??????????????????????????????????????????11??????? ??????????????????????????????????????????????????????????????*\Software\Microsoft\Windows\CurrentVersion\Control Panel\D Reg HKLM\SYSTEM\CurrentControlSet\Services\Smb\Linkage@Bind ???x?????????x???S???h(?6.0.6002.18005???????x?xDe ??????????D??ve`???6??x???H??.D@?Urz?dzenie kompozytowe USB???????x?x?? ??????????i??os8??????x???n??????usb.inf?t????x?x25 ?????????????? @??????x??????? ?Composite.Dev????x?xwe ??????????????h0??????x???o???h??.NT?t????x?x?? ??????????.???.@??????x???a???? ?usb\composite????x?xCo ??????????n??rk8??????x???s??t???Microsoft????x?x?h ??????????????? ??????????????????x?x?x??? l??x???e?????rivp?USB\VID_046E&PID_52C0&REV_0110?USB\VID_046E&PID_52C0????? ???x???u???????u??USB\DevClass_00&SubClass_00&Prot_00?USB\DevClass_00&SubClass_00?USB\DevClass_00?USB\COMPOSITE????u??usbccgp?BS??6&38b7e62d&0??????N??x????????D?N?h?{36fc9e60-c465-11cf-8056-444553540000}???????x?x?x???x ??????x???????????????x???5??s????????????i??os ??????x??????.N0?Port_#0001.Hub_#0004????? l??x????????????p?USB\VID_046E&PID_52C0&REV_0110?USB\VID_046E&PID_52C0????USB?N????x(?? ???x????????????????N??x???5????D-bfX?{36fc9e60-c465-11cf-8056-444553540000}?sas8??????x???????e??usbccgp??????x???x? Reg HKLM\SYSTEM\CurrentControlSet\Services\Smb\Linkage@Route ????????? ???????????????????????????????????????e????????$??????-???????0??Root\*6TO4MP\0154???????????????????Di??\\?\HDAUDIO#FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1000#5&1A4FE40E&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\eSlavedSpeakerSpeakerTopo????????????(N?????????????????????????????{00000000-0000-0000-0000-000000000000}???e??????????????????5???? ??????????????????????????????????????????????????{17CCA71B-ECD7-11D0-B908-00A0C9223196}??????? ????????????????????????"???????5? ???????o2????????????????????????H??????F??????02???????????????????????????)V???????????????????????????0?????????????????????? ??????????????????????????????P?????????????s??????????????!??????????? ??????????????&???????????????????? ????????????????????????"???????3?????????????????????? ????????????????????????"???????4?????????????????&???????????????????? ??? ??????????????????????????????????&???????????????????? ??? ????????????????????????????????@?&???????????????????????? ????? Reg HKLM\SYSTEM\ControlSet003\Services\LanmanServer\Linkage@Export ??????`???X?? ???????????????????s????????????????????????x???????????????????????????????????????????p???????????X?? ????????????????????????????????????????????????????????????X?? ???????????????????s??????????(???????????%SystemRoot%\system32\srvsvc.dll??????????????????n????Microsoft IPv6 Protocol Driver??????? ??????????????s???????????????????????C0??? ???????????????????????????????????????e??????????????e???????????????????????C2??????{5??????????? ?????????????????????*???????????? ???????????? ??????? ??????????? ?????????????????????+??L????????? ???????????? ?????????????????????+????????????&????????????????????3??? ???????8?????D}-???????????C?????ell??????????? ?????????????????????+????????????&????????????????????3??? ???????s?????,-3???????????M??????????? ?????????????????????+????????????&????????????????????3??? ???????8?????D}-?????????????????e6E??? ???????8?????D}-??? ?????????????????????+????????????&????????????????????}??? ???????}?????AGR???????????E?????e83??? ?????????????????????+????????????&????????????????????3??? ???????8?????D}-?????????????????e????? ???????8?????D}-??????????????? ?????????????????????+????????????&????????????????????3???????????8?????e}-??? ?????????????????????+????????????&?????????? Reg HKLM\SYSTEM\ControlSet003\Services\Tcpip6\Linkage@Export ????C2??????{5??????????? ?????????????????????*???????????? ???????????? ??????? ??????????? ?????????????????????+??L????????? ???????????? ?????????????????????+????????????&????????????????????3??? ???????8?????D}-???????????C?????ell??????????? ?????????????????????+????????????&????????????????????3??? ???????s?????,-3???????????M??????????? ?????????????????????+????????????&????????????????????3??? ???????8?????D}-?????????????????e6E??? ???????8?????D}-??? ?????????????????????+????????????&????????????????????}??? ???????}?????AGR???????????E?????e83??? ?????????????????????+????????????&????????????????????3??? ???????8?????D}-?????????????????e????? ???????8?????D}-??????????????? ?????????????????????+????????????&????????????????????3???????????8?????e}-??? ?????????????????????+????????????&????????????????????e??? ?????????????????????????????????e????? ?????????????????????+????????????&????????????????????3??? ???????8?????D}-?????????????????e????? ???????8?????D}-?????????????????eSy????? ---- Files - GMER 1.0.15 ---- File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\Temp 0 bytes File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\Temp\baseupd 0 bytes ---- EOF - GMER 1.0.15 ----