GMER 1.0.15.15565 - http://www.gmer.net Rootkit scan 2011-03-20 18:12:36 Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.11.0 Running: nz4p7519.exe; Driver: C:\Users\TUTU~1\AppData\Local\Temp\pxldipog.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAdjustPrivilegesToken [0x8F539C14] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAlpcConnectPort [0x8F53B1C4] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAlpcCreatePort [0x8F539E00] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwConnectPort [0x8F538F40] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateFile [0x8F53987A] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreatePort [0x8F538E1C] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSection [0x8F539626] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSymbolicLinkObject [0x8F53AE54] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThread [0x8F538808] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThreadEx [0x8F539F10] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwLoadDriver [0x8F53A864] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwMakeTemporaryObject [0x8F539208] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenFile [0x8F539A56] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenSection [0x8F5394AC] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRequestWaitReplyPort [0x8F53A2FC] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSecureConnectPort [0x8F53A5B0] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSystemInformation [0x8F53AB5C] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwShutdownSystem [0x8F539172] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSystemDebugControl [0x8F539398] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateProcess [0x8F538C1E] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateThread [0x8F538A0C] ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!ZwSaveKeyEx + 13BD 82C93589 1 Byte [06] .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82CB8092 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} .text ntkrnlpa.exe!RtlSidHashLookup + 220 82CBF830 4 Bytes [14, 9C, 53, 8F] .text ntkrnlpa.exe!RtlSidHashLookup + 248 82CBF858 8 Bytes [C4, B1, 53, 8F, 00, 9E, 53, ...] .text ntkrnlpa.exe!RtlSidHashLookup + 2DC 82CBF8EC 4 Bytes [40, 8F, 53, 8F] .text ntkrnlpa.exe!RtlSidHashLookup + 2F8 82CBF908 4 Bytes [7A, 98, 53, 8F] .text ntkrnlpa.exe!RtlSidHashLookup + 324 82CBF934 4 Bytes [1C, 8E, 53, 8F] .text ... .text C:\Windows\system32\DRIVERS\atipmdag.sys section is writeable [0x90C29000, 0x2DEC6C, 0xE8000020] .text advapi32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 .text user32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 .text sechost.dll!CreateServiceA 76E3567C 7 Bytes JMP 1002DD80 .text sechost.dll!CreateServiceW 76E3589F 7 Bytes JMP 1002DAA0 .text sechost.dll!OpenServiceW 76E3714B 7 Bytes JMP 1002D830 .text sechost.dll!OpenServiceA 76E37245 7 Bytes JMP 1002D590 .text ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 .text ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 .text shell32.dll!ShellExecuteW 76094250 5 Bytes JMP 1002C9E0 .text shell32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 1002C9A0 .text shell32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 1002C9C0 .text shell32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 1002CA00 .text kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 .text kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 .text kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 .text kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 .text kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 .text kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 .text kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 .text kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 .text kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 .text kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 .text kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 .text kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 .text kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 .text kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 .text kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 .text kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 .text kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 .text kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 .text kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 .text kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 .text kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 .text kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 .text kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 .text kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 .text kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 .text kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 .text kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 .text kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[344] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\wininit.exe[496] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[496] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\services.exe[604] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[604] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\lsass.exe[616] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[616] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\lsm.exe[624] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[624] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe[732] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\svchost.exe[736] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[736] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\svchost.exe[816] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[816] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\SearchFilterHost.exe[828] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchFilterHost.exe[828] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[856] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 0050ED30 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO) .text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[856] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 005266C0 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\svchost.exe[972] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[972] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\atiesrxx.exe[1044] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atiesrxx.exe[1044] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\System32\svchost.exe[1080] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1080] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\SearchProtocolHost.exe[1096] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[1096] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1128] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\svchost.exe[1160] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1160] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\svchost.exe[1280] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1280] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 0066CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ntdll.dll!NtClose 779B4770 5 Bytes JMP 0065CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 0066CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 0066CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 0066CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 0066CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 0066C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 0066CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 0066CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 0066C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 0066CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 0066CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 0066CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 0066C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 0065CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 0066CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 0066A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 00667790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 00668320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 0066CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 006662C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 0066CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 0066CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 0066CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 0066CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 0066CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 0066CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 0066CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 0066CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 0066CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 0066CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 0066CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 0066CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 0066CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 0066CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 0066CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 0066CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 0066CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 0066CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 0066CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 0066CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 0066CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 0066CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 0066CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 0066CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 0066E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 0066C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 0066C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 0066C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 0066CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 00666BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 0066E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1424] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 0066E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ntdll.dll!KiUserExceptionDispatcher 779B6298 5 Bytes JMP 1002C750 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[1584] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\atieclxx.exe[1600] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\atieclxx.exe[1600] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\System32\spoolsv.exe[1684] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1684] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\svchost.exe[1768] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1768] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[1896] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 0039CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ntdll.dll!NtClose 779B4770 5 Bytes JMP 0038CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 0039CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 0039CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 0039CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 0039CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 0039C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 0039CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 0039CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 0039C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 0039CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 0039CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 0039CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 0039C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 0038CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 0039CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 0039A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 00397790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 00398320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 0039CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 003962C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 0039CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 0039CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 0039CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 0039CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 0039CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 0039CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 0039CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 0039CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 0039CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 0039CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 0039CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 0039CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 0039CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 0039CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 0039CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 0039CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 0039CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 0039CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 0039CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 0039CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 0039CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 0039CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 0039CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 0039CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 00396BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 0039E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 0039E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 0039E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 0039C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 0039C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 0039C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[1980] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 0039CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\svchost.exe[2000] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2000] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 0026CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ntdll.dll!NtClose 779B4770 5 Bytes JMP 0025CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 0026CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 0026CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 0026CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 0026CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 0026C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 0026CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 0026CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 0026C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 0026CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 0026CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 0026CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 0026C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 0025CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 0026CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 0026A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 00267790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 00268320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 0026CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 002662C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 0026CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 0026CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 0026CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 0026CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 0026CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 0026CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 0026CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 0026CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 0026CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 0026CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 0026CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 0026CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 0026CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 0026CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 0026CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 0026CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 0026CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 0026CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 0026CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 0026CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 0026CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 0026CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 0026CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 0026E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 00266BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 0026E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 0026E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 0026C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 0026C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 0026C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 0026CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\taskhost.exe[2112] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[2112] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\igfxsrvc.exe[2160] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2160] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\Explorer.EXE[2464] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[2464] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\wbem\unsecapp.exe[2524] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[2524] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\igfxext.exe[2576] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxext.exe[2576] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] USER32.dll!TrackPopupMenu 76EE4B3B 5 Bytes JMP 5D6D6373 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2612] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\SearchIndexer.exe[2720] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2720] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\System32\alg.exe[2788] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\alg.exe[2788] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\svchost.exe[2888] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2888] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[2940] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\uTorrent\uTorrent.exe[2968] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\uTorrent\uTorrent.exe[2968] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] KERNEL32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] shell32.dll!ShellExecuteW 76094250 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] shell32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] shell32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] shell32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[3144] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3224] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] KERNEL32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] shell32.dll!ShellExecuteW 76094250 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] shell32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] shell32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] shell32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3256] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[3408] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 00744760 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 0118CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ntdll.dll!NtClose 779B4770 5 Bytes JMP 0117CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 0118CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 0118CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 0118CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 0118CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 0118C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 0118CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 0118CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 0118C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 0118CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 0118CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 0118CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 0118C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 0117CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 0118CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 0118A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 01187790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 01188320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 0118CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 011862C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 0118CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 0118CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 0118CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 0118CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 0118CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 0118CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 0118CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 0118CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 0118CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 0118CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 0118CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 0118CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 0118CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 0118CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 0118CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 0118CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 0118CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 0118CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 0118CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 0118CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 0118CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 0118CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 0118CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 0118CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 0118E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 0118C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 0118C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 0118C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 0118CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 01186BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 0118E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3416] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 0118E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3468] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 0054CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ntdll.dll!NtClose 779B4770 5 Bytes JMP 0053CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 0054CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 0054CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 0054CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 0054CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 0054C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 0054CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 0054CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 0054C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 0054CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\Launch Manager\LManager.exe[3476] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 0054CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 0054CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 0054C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 0053CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 0054CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 0054A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 00547790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 00548320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 0054CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 005462C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 0054CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 0054CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 0054CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 0054CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 0054CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 0054CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 0054CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 0054CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 0054CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 0054CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 0054CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 0054CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 0054CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 0054CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 0054CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 0054CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 0054CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 0054CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 0054CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 0054CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 0054CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 0054CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 0054CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 0054CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 0054E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 00546BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 0054E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 0054E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 0054C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 0054C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 0054C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Launch Manager\LManager.exe[3476] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 0054CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[3496] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3548] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\PLFSetI.exe[3584] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\PLFSetI.exe[3584] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\wbem\unsecapp.exe[3656] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\unsecapp.exe[3656] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3720] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\System32\igfxpers.exe[3736] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3736] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 0059CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ntdll.dll!NtClose 779B4770 5 Bytes JMP 0058CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 0059CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 0059CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 0059CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 0059CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 0059C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 0059CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 0059CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 0059C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 0059CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 0059CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 0059CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 0059C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 0058CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 0059CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 0059A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 00597790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 00598320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 0059CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 005962C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 0059CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 0059CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 0059CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 0059CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 0059CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 0059CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 0059CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 0059CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 0059CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 0059CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 0059CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 0059CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 0059CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 0059CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 0059CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 0059CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 0059CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 0059CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 0059CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 0059CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 0059CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 0059CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 0059CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 0059CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 00596BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 0059E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 0059E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 0059E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 0059C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 0059C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 0059C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 0059C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 0059C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3768] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 0059CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\System32\svchost.exe[3864] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[3864] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\igfxsrvc.exe[3872] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[3872] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[4028] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\AUDIODG.EXE[4216] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\AUDIODG.EXE[4216] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Program Files\K2T\WTW\wtw.exe[4968] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] WININET.dll!InternetConnectW 777C0452 5 Bytes JMP 1002C960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] WININET.dll!InternetConnectA 777C050F 5 Bytes JMP 1002C980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] SHELL32.dll!ShellExecuteW 76094250 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] SHELL32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] SHELL32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] SHELL32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\K2T\WTW\wtw.exe[4968] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\Dwm.exe[5136] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[5136] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Windows\system32\taskhost.exe[5144] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] WS2_32.dll!WSASocketW 76043D1B 7 Bytes JMP 1002C920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskhost.exe[5144] WS2_32.dll!WSASocketA 7604B7FC 5 Bytes JMP 1002C940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ntdll.dll!NtAllocateVirtualMemory 779B4580 5 Bytes JMP 1002CE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ntdll.dll!NtClose 779B4770 5 Bytes JMP 1001CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ntdll.dll!NtCreateFile 779B4870 5 Bytes JMP 1002CDC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ntdll.dll!NtCreateProcess 779B4940 5 Bytes JMP 1002CE80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ntdll.dll!NtCreateProcessEx 779B4950 5 Bytes JMP 1002CE60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ntdll.dll!NtDeleteFile 779B4AB0 5 Bytes JMP 1002CE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ntdll.dll!NtFreeVirtualMemory 779B4C80 5 Bytes JMP 1002C490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ntdll.dll!NtLoadDriver 779B4E00 5 Bytes JMP 1002CDE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ntdll.dll!NtOpenFile 779B4F80 5 Bytes JMP 1002CDA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ntdll.dll!NtProtectVirtualMemory 779B51C0 5 Bytes JMP 1002C440 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ntdll.dll!NtSetInformationProcess 779B5920 5 Bytes JMP 1002CD60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ntdll.dll!NtUnloadDriver 779B5C00 1 Byte [E9] .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ntdll.dll!NtUnloadDriver 779B5C00 5 Bytes JMP 1002CD80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ntdll.dll!NtWriteVirtualMemory 779B5D40 5 Bytes JMP 1002CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ntdll.dll!RtlAllocateHeap 779C20B5 5 Bytes JMP 1002C4E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ntdll.dll!LdrUnloadDll 779CBEAF 7 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ntdll.dll!LdrGetProcedureAddress 779CEE57 5 Bytes JMP 1002CD40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ntdll.dll!LdrLoadDll 779CF5B5 5 Bytes JMP 1002A630 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!CreateProcessW 75E1202D 5 Bytes JMP 10027790 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!CreateProcessA 75E12062 5 Bytes JMP 10028320 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!OpenFile 75E4410F 5 Bytes JMP 1002CCA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!CreateProcessAsUserW 75E479B4 5 Bytes JMP 100262C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!CopyFileW 75E48C8F 5 Bytes JMP 1002CC20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!MoveFileW 75E4A173 5 Bytes JMP 1002CBA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!CopyFileExW 75E507BB 7 Bytes JMP 1002CBE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!VirtualProtect 75E550AB 5 Bytes JMP 1002CA20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!DeleteFileW 75E5656B 5 Bytes JMP 1002CAE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!DeleteFileA 75E58BB6 5 Bytes JMP 1002CB00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!LoadLibraryExW 75E5B6BF 5 Bytes JMP 1002CCC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!LoadLibraryExA 75E5BC8B 5 Bytes JMP 1002CCE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!MoveFileWithProgressW 75E5BF04 5 Bytes JMP 1002CB20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!MoveFileExW 75E5BF28 5 Bytes JMP 1002CB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!CreateFileW 75E60B7D 5 Bytes JMP 1002CC60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!GetProcAddress 75E61857 5 Bytes JMP 1002CD20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!GetModuleHandleW 75E619C1 5 Bytes JMP 1002CAA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!LoadLibraryA 75E62884 5 Bytes JMP 1002CA80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!LoadLibraryW 75E628D2 5 Bytes JMP 1002CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!GetModuleHandleA 75E628F7 5 Bytes JMP 1002CAC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!CreateFileA 75E6291C 5 Bytes JMP 1002CC80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!MoveFileExA 75E73013 5 Bytes JMP 1002CB80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!MoveFileWithProgressA 75E73033 5 Bytes JMP 1002CB40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!CopyFileA 75E77D1C 5 Bytes JMP 1002CC40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!MoveFileA 75E9AD89 5 Bytes JMP 1002CBC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!CopyFileExA 75E9BBE1 5 Bytes JMP 1002CC00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!WinExec 75E9E76D 5 Bytes JMP 1002CA40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] kernel32.dll!LoadModule 75E9EC86 5 Bytes JMP 1002CD00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] USER32.dll!EndTask 76EFFD8E 5 Bytes JMP 1002E3C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ADVAPI32.dll!CreateProcessAsUserA 777314FD 5 Bytes JMP 10026BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] shell32.dll!ShellExecuteW 76094250 5 Bytes JMP 1002C9E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] shell32.dll!ShellExecuteExW 760A1BCC 5 Bytes JMP 1002C9A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] shell32.dll!ShellExecuteEx 762C9B12 5 Bytes JMP 1002C9C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] shell32.dll!ShellExecuteA 762C9BAD 5 Bytes JMP 1002CA00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ole32.dll!CoGetClassObject 76D0A394 5 Bytes JMP 1002E600 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Tutuœ\Downloads\nz4p7519.exe[5956] ole32.dll!CoCreateInstanceEx 76D2594F 5 Bytes JMP 1002E840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [759C5E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodnoœci aplikacji/Microsoft Corporation) IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [759C5E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodnoœci aplikacji/Microsoft Corporation) IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [759C5E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodnoœci aplikacji/Microsoft Corporation) IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[2068] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [759C5E25] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodnoœci aplikacji/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Aparat wykonawczy struktury sterowników trybu j¹dra/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Aparat wykonawczy struktury sterowników trybu j¹dra/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) Device \Driver\ACPI_HAL \Device\00000057 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) AttachedDevice \Driver\tdx \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Mened¿er filtrów systemu plików firmy Microsoft/Microsoft Corporation) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00242cc67895 Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00242cc67895 (not active ControlSet) ---- Files - GMER 1.0.15 ---- File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\Temp 0 bytes File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\Temp\baseupd 0 bytes ---- EOF - GMER 1.0.15 ----