Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot open exe files


  • This topic is locked This topic is locked
18 replies to this topic

#1 nnb2011

nnb2011

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 22 July 2011 - 09:34 PM

Hi,

After logon to the computer, "Spyware Protection" tool is opened which tries to scan the computer and reports a infection but I had to close in the middle of the scan. This reports infection Email-Work.Brontok in directory c:\3a06..2588\amd64\filterpipelineprintproc.dll. I tried to install Avira, malwarebytes but no luck as there was no response once double click on these files. There will be no response when any file is double clicked. Please help me.

- nnb2011

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:14 PM

Posted 22 July 2011 - 10:09 PM

Can you try running these tools in Safe Made via hitting F8 after the BIOS Post screen.

#3 Morgankevinj

Morgankevinj

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:01:14 PM

Posted 22 July 2011 - 11:22 PM

Try using Rkill to allow the programs to install but do not reboot your computer untill after you run the scan with the tools. If a black box pops up momentarily the program has run successfully.
http://download.bleepingcomputer.com/grinler/rkill.com

#4 nnb2011

nnb2011
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 23 July 2011 - 07:11 AM

Can you try running these tools in Safe Made via hitting F8 after the BIOS Post screen.


Can you tell what are the tools I should run.

nnb

#5 nnb2011

nnb2011
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 23 July 2011 - 07:21 AM

Try using Rkill to allow the programs to install but do not reboot your computer untill after you run the scan with the tools. If a black box pops up momentarily the program has run successfully.
http://download.bleepingcomputer.com/grinler/rkill.com

With one user, once clicked on the file, nothing happens and popup at the bottom says "rkill.com can not start" malicious program detected.

Another user on the same system, A WinRAR self-extracting archive is opened and shows installation progress..


nnb

#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:14 PM

Posted 23 July 2011 - 11:38 AM

Hello,

And welcome to BleepingComputer.com, before we can assist you with your question of: Am I infected? You will need to perform the following tasks and post the logs of each if you can.

Malwarebytes Anti-Malware

NOTEMalwarebytes is now offering a free trial of their program, if you want to accept it you will need to enter some billing information, so that at the end of the trial you would be charged the cost of the product. Please decline this offer, if you are unable to provide billing information. If you want to try it out, then provide the billing information.

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.


SUPERAntiSpyware:

Please download and scan with SUPERAntiSpyware Free

  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.

      Scan with SUPERAntiSpyware as follows:[list]
    • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    • On the left, make sure you check C:\Fixed Drive.
    • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes" and reboot normally.
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.[list]
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.

Instructions:

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now GMER

GMER does not work in 64bit Mode!!!!!!

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.


All scans above should be performed in regular boot mode, and if that is not possible then I will post instructions in a follow up reply on how to get into Safe Mode to perform the scans. Also all scans should be COMPLETE and not quick unless specifically instructed to do so.

#7 Morgankevinj

Morgankevinj

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:01:14 PM

Posted 23 July 2011 - 10:27 PM

nvermind

Edited by Morgankevinj, 23 July 2011 - 10:37 PM.


#8 nnb2011

nnb2011
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 25 July 2011 - 07:48 AM

Hi cryptodan,

Whenever system is selected for restart, on the windows menu out of the desktop - it stays with the message "Updates are being installed (2 of 2). Do not turn off or unplug your computer or turn off your computer"


It was there like that whole day, I had turn it off. Then continued with your suggested software installations and scanning process. All of them MBAM, Super, GMER scanning was done and their logs were captured. I have selected for restarted the system again am stuck with the following on Windows screen during logoff process.

"Updates are being installed (8 of 16). Do not turn off or unplug your computer or turn off your computer"

Please suggest me what should I do.

nnb

#9 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:14 PM

Posted 25 July 2011 - 11:47 AM

keep the updates installing, then upon reboot provide the logs.

#10 nnb2011

nnb2011
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 26 July 2011 - 08:02 AM

MBAM log:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7261

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

7/24/2011 10:52:54 AM
mbam-log-2011-07-24 (10-52-54).txt

Scan type: Full scan (C:\|)
Objects scanned: 298830
Time elapsed: 1 hour(s), 7 minute(s), 39 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 8
Registry Values Infected: 0
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 25

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{AFD4AD01-58C1-47DB-A404-FBE00A6C5486} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AFD4AD01-58C1-47DB-A404-FBE00A6C5486} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AFD4AD01-58C1-47DB-A404-FBE00A6C5486} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{D4BBE4C0-BD72-4A33-817C-2E7E16DE20BC} (Hacktool.KewlButtonz) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{D18BBD1F-82BB-4385-BED3-E9D31A3E361E} (Hacktool.KewlButtonz) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9DC243A5-EE33-4674-8563-89B48E779EB1} (Hacktool.KewlButtonz) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\KewlButtonz.KewlButtons (Hacktool.KewlButtonz) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amsint32 (Virus.Sality) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\program files\Shared\shared.dll (Trojan.BHO) -> Quarantined and deleted successfully.
c:\fnpv.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\documents and settings\recover\local settings\temp\winikcw.exe (Spyware.PWS) -> Delete on reboot.
c:\documents and settings\recover\local settings\temp\gnfj.exe (Backdoor.Agent) -> Delete on reboot.
c:\documents and settings\rescue\application data\defender.exe (Rogue.Installer.Gen) -> Quarantined and deleted successfully.
c:\documents and settings\rescue\Desktop\test.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\rescue\local settings\temporary internet files\Content.IE5\SI5ULBEX\setup[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\san\application data\defender.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\documents and settings\san\local settings\application data\Google\Chrome\application\chrome.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\san\local settings\temporary internet files\Content.IE5\O0OLL0PW\1p5iqjs[1] (Rogue.Installer) -> Quarantined and deleted successfully.
c:\program files\Dream\Yahaven!\ymsg12encrypt.dll (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{8250d7f2-0786-401c-aed0-587e8d2fb0b1}\RP300\A0173755.exe (Rogue.Installer.Gen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{8250d7f2-0786-401c-aed0-587e8d2fb0b1}\RP300\A0173756.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{8250d7f2-0786-401c-aed0-587e8d2fb0b1}\RP300\A0173866.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{8250d7f2-0786-401c-aed0-587e8d2fb0b1}\RP301\A0173925.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{8250d7f2-0786-401c-aed0-587e8d2fb0b1}\RP301\A0174193.exe (Rogue.Installer.Gen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{8250d7f2-0786-401c-aed0-587e8d2fb0b1}\RP301\A0174194.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\system volume information\_restore{8250d7f2-0786-401c-aed0-587e8d2fb0b1}\RP301\A0174221.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{8250d7f2-0786-401c-aed0-587e8d2fb0b1}\RP301\A0174237.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\fusionbuttons.ocx (Hacktool.KewlButtonz) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\kewlbuttonz.ocx (Hacktool.KewlButtonz) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\ymsg12encrypt.dll (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\Desktop\advanced virus remover.lnk (Rogue.AdvancedVirusRemover) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\start menu\advanced virus remover.lnk (Rogue.AdvancedVirusRemover) -> Quarantined and deleted successfully.
c:\documents and settings\san\local settings\temp\msfat32 (Adware.DeepDive.MS) -> Quarantined and deleted successfully.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/24/2011 at 01:52 PM

Application Version : 4.55.1000

Core Rules Database Version : 7451
Trace Rules Database Version: 5263

Scan type : Complete Scan
Total Scan Time : 00:46:39

Memory items scanned : 572
Memory threats detected : 0
Registry items scanned : 7796
Registry threats detected : 15
File items scanned : 27500
File threats detected : 402

Adware.Tracking Cookie
C:\Documents and Settings\recover\Cookies\recover@msnportal.112.2o7[1].txt
C:\Documents and Settings\recover\Cookies\recover@dc.tremormedia[2].txt
C:\Documents and Settings\recover\Cookies\recover@ads.pointroll[1].txt
C:\Documents and Settings\recover\Cookies\recover@adserver.adtechus[1].txt
C:\Documents and Settings\recover\Cookies\recover@atdmt[2].txt
C:\Documents and Settings\recover\Cookies\recover@pointroll[1].txt
C:\Documents and Settings\recover\Cookies\recover@questionmarket[2].txt
C:\Documents and Settings\recover\Cookies\recover@content.yieldmanager[3].txt
C:\Documents and Settings\recover\Cookies\recover@doubleclick[2].txt
C:\Documents and Settings\recover\Cookies\recover@imrworldwide[2].txt
C:\Documents and Settings\recover\Cookies\recover@ads.quixsurf[2].txt
C:\Documents and Settings\recover\Cookies\recover@ads.mediaish[2].txt
C:\Documents and Settings\recover\Cookies\recover@search.321findit[1].txt
C:\Documents and Settings\recover\Cookies\recover@ads.mediaish[1].txt
C:\Documents and Settings\recover\Cookies\recover@educationcom.112.2o7[1].txt
C:\Documents and Settings\recover\Cookies\recover@revsci[1].txt
C:\Documents and Settings\recover\Cookies\recover@content.yieldmanager[2].txt
C:\Documents and Settings\recover\Cookies\recover@ad.wsod[2].txt
C:\Documents and Settings\recover\Cookies\recover@ad.yieldmanager[1].txt
secure-us.imrworldwide.com [ C:\Documents and Settings\recover\Application Data\Macromedia\Flash Player\#SharedObjects\6BKHE6JV ]
C:\Documents and Settings\rescue\Cookies\rescue@ad.yieldmanager[1].txt
C:\Documents and Settings\rescue\Cookies\rescue@adserving.localpages[2].txt
C:\Documents and Settings\rescue\Cookies\rescue@myroitracking[1].txt
C:\Documents and Settings\rescue\Cookies\rescue@ad.wsod[2].txt
247realmedia.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
a.ads1.msn.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
acvs.mediaonenetwork.net [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
adimages.scrippsnetworks.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
ads1.msn.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
advprotraffic.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
atdmt.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
bannerfarm.ace.advertising.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
c2.zedo.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
card.cricket.timesofindia.indiatimes.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
cdn.eyewonder.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
cdn4.specificclick.net [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
content.oddcast.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
convoad.technoratimedia.net [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
core.insightexpressai.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
crackle.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
ds.serving-sys.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
googleads.g.doubleclick.net [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
ia.media-imdb.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
imagec05.247realmedia.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
imagec17.247realmedia.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
indianpornvideos.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
interclick.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
m.uk.2mdn.net [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
m1.2mdn.net [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
media.resulthost.org [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
media.scanscout.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
media.tattomedia.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
media1.break.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
mediaplex.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
msntest.serving-sys.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
naiadsystems.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
objects.tremormedia.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
s0.2mdn.net [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
secure-us.imrworldwide.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
service.twistage.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
serving-sys.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
spe.atdmt.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
speed.pointroll.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
static.plymedia.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
timesofindia.indiatimes.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
tour.indiansexlounge.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
udn.specificclick.net [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
uk.2mdn.net [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
www.crackle.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
www.gobleepthat.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
www.oneclicktube.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
www.pornhub.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
www.traffic.com [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
yieldmanager.edgesuite.net [ C:\Documents and Settings\san\Application Data\Macromedia\Flash Player\#SharedObjects\PFRXKXPE ]
C:\Documents and Settings\san\Cookies\san@adxpose[1].txt
C:\Documents and Settings\san\Cookies\san@search.findxml[1].txt
C:\Documents and Settings\san\Cookies\san@adbrite[2].txt
C:\Documents and Settings\san\Cookies\san@ads.blogtalkradio[2].txt
C:\Documents and Settings\san\Cookies\san@ads.bluelithium[2].txt
C:\Documents and Settings\san\Cookies\san@trafficmp[1].txt
C:\Documents and Settings\san\Cookies\san@adecn[2].txt
C:\Documents and Settings\san\Cookies\san@www.etracker[1].txt
C:\Documents and Settings\san\Cookies\san@www.googleadservices[1].txt
C:\Documents and Settings\san\Cookies\san@adserver.adreactor[2].txt
C:\Documents and Settings\san\Cookies\san@search.clicksthis[1].txt
C:\Documents and Settings\san\Cookies\san@www.googleadservices[2].txt
C:\Documents and Settings\san\Cookies\san@www.googleadservices[4].txt
C:\Documents and Settings\san\Cookies\san@www.trackimizer[1].txt
C:\Documents and Settings\san\Cookies\san@ads.quixsurf[1].txt
C:\Documents and Settings\san\Cookies\san@ad.yieldmanager[1].txt
C:\Documents and Settings\san\Cookies\san@netspiderads2.indiatimes[2].txt
C:\Documents and Settings\san\Cookies\san@interclick[2].txt
C:\Documents and Settings\san\Cookies\san@netspiderads3.indiatimes[2].txt
C:\Documents and Settings\san\Cookies\san@ads.zeusclicks[1].txt
C:\Documents and Settings\san\Cookies\san@ads.mediaish[2].txt
C:\Documents and Settings\san\Cookies\san@ads.mediaish[1].txt
C:\Documents and Settings\san\Cookies\san@adinterax[2].txt
C:\Documents and Settings\san\Cookies\san@adcentriconline[2].txt
C:\Documents and Settings\san\Cookies\san@ads.roiserver[1].txt
C:\Documents and Settings\san\Cookies\san@ads.crakmedia[2].txt
C:\Documents and Settings\san\Cookies\san@ads.addynamix[1].txt
C:\Documents and Settings\san\Cookies\san@mediabrandsww[2].txt
C:\Documents and Settings\san\Cookies\san@adtech[1].txt
C:\Documents and Settings\san\Cookies\san@a.tribalfusion[1].txt
C:\Documents and Settings\san\Cookies\san@content.yieldmanager[1].txt
C:\Documents and Settings\san\Cookies\san@insightexpressai[1].txt
C:\Documents and Settings\san\Cookies\san@2o7[1].txt
C:\Documents and Settings\san\Cookies\san@ads.pointroll[1].txt
C:\Documents and Settings\san\Cookies\san@ads.react2media[2].txt
C:\Documents and Settings\san\Cookies\san@ads.indiatimes[1].txt
C:\Documents and Settings\san\Cookies\san@advertise[1].txt
C:\Documents and Settings\san\Cookies\san@search.clicksthe[1].txt
C:\Documents and Settings\san\Cookies\san@advertising[1].txt
C:\Documents and Settings\san\Cookies\san@247realmedia[1].txt
C:\Documents and Settings\san\Cookies\san@a1.interclick[1].txt
C:\Documents and Settings\san\Cookies\san@adserver.adtechus[1].txt
C:\Documents and Settings\san\Cookies\san@ad.wsod[2].txt
C:\Documents and Settings\san\Cookies\san@ads.undertone[1].txt
C:\Documents and Settings\san\Cookies\san@apmebf[2].txt
C:\Documents and Settings\san\Cookies\san@at.atwola[2].txt
C:\Documents and Settings\san\Cookies\san@atdmt[1].txt
C:\Documents and Settings\san\Cookies\san@banner.adchemy[2].txt
C:\Documents and Settings\san\Cookies\san@bs.serving-sys[1].txt
C:\Documents and Settings\san\Cookies\san@burstnet[2].txt
C:\Documents and Settings\san\Cookies\san@card.cricket.timesofindia.indiatimes[1].txt
C:\Documents and Settings\san\Cookies\san@casalemedia[2].txt
C:\Documents and Settings\san\Cookies\san@cdn1.trafficmp[1].txt
C:\Documents and Settings\san\Cookies\san@content.yieldmanager[3].txt
C:\Documents and Settings\san\Cookies\san@citi.bridgetrack[2].txt
C:\Documents and Settings\san\Cookies\san@clicks.fastgetonline[1].txt
C:\Documents and Settings\san\Cookies\san@clicksor[1].txt
C:\Documents and Settings\san\Cookies\san@collective-media[1].txt
C:\Documents and Settings\san\Cookies\san@dc.tremormedia[2].txt
C:\Documents and Settings\san\Cookies\san@dmtracker[1].txt
C:\Documents and Settings\san\Cookies\san@doubleclick[2].txt
C:\Documents and Settings\san\Cookies\san@edgeadx[1].txt
C:\Documents and Settings\san\Cookies\san@enhance[2].txt
C:\Documents and Settings\san\Cookies\san@fastclick[2].txt
C:\Documents and Settings\san\Cookies\san@findology[1].txt
C:\Documents and Settings\san\Cookies\san@findsavvy.findsavvy.information-seeking[1].txt
C:\Documents and Settings\san\Cookies\san@homestore.122.2o7[1].txt
C:\Documents and Settings\san\Cookies\san@imrworldwide[2].txt
C:\Documents and Settings\san\Cookies\san@invitemedia[2].txt
C:\Documents and Settings\san\Cookies\san@kontera[2].txt
C:\Documents and Settings\san\Cookies\san@legolas-media[1].txt
C:\Documents and Settings\san\Cookies\san@lucidmedia[1].txt
C:\Documents and Settings\san\Cookies\san@media6degrees[1].txt
C:\Documents and Settings\san\Cookies\san@mediaplex[1].txt
C:\Documents and Settings\san\Cookies\san@microsoftwindows.112.2o7[1].txt
C:\Documents and Settings\san\Cookies\san@mm.chitika[2].txt
C:\Documents and Settings\san\Cookies\san@myroitracking[2].txt
C:\Documents and Settings\san\Cookies\san@pointroll[2].txt
C:\Documents and Settings\san\Cookies\san@pro-market[1].txt
C:\Documents and Settings\san\Cookies\san@richmedia.yahoo[1].txt
C:\Documents and Settings\san\Cookies\san@questionmarket[1].txt
C:\Documents and Settings\san\Cookies\san@realmedia[1].txt
C:\Documents and Settings\san\Cookies\san@revsci[1].txt
C:\Documents and Settings\san\Cookies\san@ru4[1].txt
C:\Documents and Settings\san\Cookies\san@search.clicksclick[1].txt
C:\Documents and Settings\san\Cookies\san@serving-sys[2].txt
C:\Documents and Settings\san\Cookies\san@tacoda.at.atwola[1].txt
C:\Documents and Settings\san\Cookies\san@specificclick[2].txt
C:\Documents and Settings\san\Cookies\san@specificmedia[1].txt
C:\Documents and Settings\san\Cookies\san@statcounter[1].txt
C:\Documents and Settings\san\Cookies\san@tracking.realtor[1].txt
C:\Documents and Settings\san\Cookies\san@timesofindia.indiatimes[2].txt
C:\Documents and Settings\san\Cookies\san@tribalfusion[1].txt
C:\Documents and Settings\san\Cookies\san@user.lucidmedia[1].txt
C:\Documents and Settings\san\Cookies\san@www.burstnet[1].txt
C:\Documents and Settings\san\Cookies\san@yieldmanager[2].txt
C:\Documents and Settings\san\Cookies\san@zedo[1].txt
.doubleclick.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adtech.de [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bs.serving-sys.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.account.allvoi.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.account.allvoi.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.account.allvoi.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.clickindia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.clickindia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.clickindia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.click.in [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.apmebf.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.click.in [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tracking.keywordmax.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.click.in [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.hyderabad.click.in [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.hyderabad.click.in [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.hyderabad.click.in [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
sales.liveperson.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
media.adrevolver.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.247realmedia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
sales.liveperson.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
sales.liveperson.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
sales.liveperson.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.yatra.122.2o7.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificmedia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.findarticles.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
membership.findarticles.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.burstnet.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.iacas.adbureau.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.iacas.adbureau.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.iacas.adbureau.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.iacas.adbureau.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
server.iad.liveperson.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
server.iad.liveperson.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.iacas.adbureau.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.iacas.adbureau.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.iacas.adbureau.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.iacas.adbureau.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.dmtracker.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
media.adrevolver.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
media.adrevolver.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adrevolver.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adrevolver.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
media.adrevolver.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adrevolver.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adrevolver.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
cache.trafficmp.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
cache.trafficmp.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
accounts.pkr.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.toplist.eu [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.toplist.sk [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.myroitracking.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.clicksor.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.clicksor.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
primetrafficsite.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
2289945979.finditquickads.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
2289945979.finditquickads.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
clickthrough.kanoodle.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
kronos.bravenet.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.burstnet.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.burstbeacon.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.burstbeacon.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.burstnet.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bizrate.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bizrate.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bizrate.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bizrate.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bizrate.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bizrate.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.overture.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.overture.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.statcounter.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ads.lucidmedia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.gostats.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.gostats.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
findarticles.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
findarticles.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.findarticles.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.findarticles.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.findarticles.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.findarticles.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
counter.hitslink.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.kontera.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.technoratimedia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.statcounter.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.chitika.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
server.iad.liveperson.net [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.qnsr.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.qnsr.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.qnsr.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.kontera.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.kontera.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.kontera.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tribalfusion.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.oasn04.247realmedia.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.nextag.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.nextag.com [ C:\Documents and Settings\san\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

Disabled.SecurityCenterOption
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#ANTIVIRUSDISABLENOTIFY
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#FIREWALLDISABLENOTIFY
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#UPDATESDISABLENOTIFY

Malware.Sality
HKLM\SYSTEM\CurrentControlSet\Services\amsint32
HKLM\SYSTEM\CurrentControlSet\Services\amsint32#Type
HKLM\SYSTEM\CurrentControlSet\Services\amsint32#Start
HKLM\SYSTEM\CurrentControlSet\Services\amsint32#ErrorControl
HKLM\SYSTEM\CurrentControlSet\Services\amsint32#ImagePath
HKLM\SYSTEM\CurrentControlSet\Services\amsint32#DisplayName
HKLM\SYSTEM\CurrentControlSet\Services\amsint32\Security
HKLM\SYSTEM\CurrentControlSet\Services\amsint32\Security#Security
HKLM\SYSTEM\CurrentControlSet\Services\amsint32\Enum
HKLM\SYSTEM\CurrentControlSet\Services\amsint32\Enum#Count
HKLM\SYSTEM\CurrentControlSet\Services\amsint32\Enum#NextInstance
HKLM\SYSTEM\CurrentControlSet\Services\amsint32\Enum#INITSTARTFAILED

Trojan.Agent/Gen-CDesc[LordPE]
C:\FNPV.EXE

Trojan.Agent/Gen-Bot
C:\PROGRAM FILES\JZIP\UNWISE.EXE
C:\PROGRAM FILES\STYLEEASE\UNWISE.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{8250D7F2-0786-401C-AED0-587E8D2FB0B1}\RP301\A0174749.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{8250D7F2-0786-401C-AED0-587E8D2FB0B1}\RP301\A0174998.EXE

Trojan.Agent/Gen-Nullo[Short]
C:\SYSTEM VOLUME INFORMATION\_RESTORE{8250D7F2-0786-401C-AED0-587E8D2FB0B1}\RP302\A0176083.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{8250D7F2-0786-401C-AED0-587E8D2FB0B1}\RP302\A0176085.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{8250D7F2-0786-401C-AED0-587E8D2FB0B1}\RP302\A0176086.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{8250D7F2-0786-401C-AED0-587E8D2FB0B1}\RP302\A0176087.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{8250D7F2-0786-401C-AED0-587E8D2FB0B1}\RP302\A0176088.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{8250D7F2-0786-401C-AED0-587E8D2FB0B1}\RP302\A0176089.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{8250D7F2-0786-401C-AED0-587E8D2FB0B1}\RP302\A0176090.OCX
C:\SYSTEM VOLUME INFORMATION\_RESTORE{8250D7F2-0786-401C-AED0-587E8D2FB0B1}\RP302\A0176091.OCX
C:\SYSTEM VOLUME INFORMATION\_RESTORE{8250D7F2-0786-401C-AED0-587E8D2FB0B1}\RP302\A0176092.DLL

#11 nnb2011

nnb2011
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 26 July 2011 - 10:34 AM

I am unable paste remaining logs for Super and GMER as they are too big in this detail box.

- nnb

#12 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:14 PM

Posted 26 July 2011 - 11:12 AM

Can you upload them to say http://www.rapidshare.com and then post a link to them?

#13 nnb2011

nnb2011
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 26 July 2011 - 05:37 PM

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-07-25 08:33:53
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e ST980813AS rev.3.ADB
Running: bddy9jg1.exe; Driver: C:\DOCUME~1\recover\LOCALS~1\Temp\pwtdypod.sys


---- System - GMER 1.0.15 ----

SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS ZwTerminateProcess [0xA7A19640]

---- Kernel code sections - GMER 1.0.15 ----

? C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS The system cannot find the file specified. !
? C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS The system cannot find the file specified. !
? C:\WINDOWS\system32\drivers\pppoor.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 10001E90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\inetinfo.exe[124] WS2_32.dll!WSASocketA 71AB8B6A 5 Bytes JMP 10001E70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] WININET.dll!InternetConnectA 3D94B0B2 5 Bytes JMP 10001E30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] WININET.dll!InternetConnectW 3D94C2A0 5 Bytes JMP 10001E50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\Explorer.EXE[264] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\spoolsv.exe[360] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\SCardSvr.exe[480] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ws2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 10001E90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lxdlcoms.exe[536] ws2_32.dll!WSASocketA 71AB8B6A 5 Bytes JMP 10001E70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\dllhost.exe[748] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[852] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[964] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 00B71950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 00B782B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 00B718D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 00B71890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 00B719B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 00B71910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 00B71A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 00B71970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 00B718F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00B71930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 00B719D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 00B71990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00B718B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 00B71A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 00B74550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 00B781E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 00B719F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00B71B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00B71D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 00B71AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00B71AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00B71D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00B71A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00B71A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 00B71A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 00B71D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 00B71CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 00B71D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 00B71B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 00B71C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 00B71C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 00B71B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [35, 84]
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 00B71BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 00B71B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 00B71B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 00B71CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 00B71CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 00B71C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 00B71BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 00B71C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 00B71C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 00B71BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00B71D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 00B71AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 00B71E90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] WS2_32.dll!WSASocketA 71AB8B6A 5 Bytes JMP 00B71E70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 00B71480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 00B71640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 00B71000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 00B71250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 00B77E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 00B77BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 00B77D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 00B71E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 00B71DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 00B71DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe[972] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 00B71DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[996] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] shell32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] shell32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] shell32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\DOIT\Phase1\Step3\bddy9jg1.exe[1012] shell32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

#14 nnb2011

nnb2011
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 26 July 2011 - 05:43 PM

.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe[1036] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1100] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 10001E90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] WS2_32.dll!WSASocketA 71AB8B6A 5 Bytes JMP 10001E70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1216] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] SHELL32.DLL!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] SHELL32.DLL!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] SHELL32.DLL!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CRYPTOCard EUS\bin\eus.exe[1240] SHELL32.DLL!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 10001E90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] WS2_32.dll!WSASocketA 71AB8B6A 5 Bytes JMP 10001E70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe[1252] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 00A61950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 00A682B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 00A618D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 00A61890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 00A619B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 00A61910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 00A61A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 00A61970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 00A618F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00A61930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 00A619D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 00A61990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00A618B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 00A61A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 00A64550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 00A681E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 00A619F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00A61B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00A61D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 00A61AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00A61AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00A61D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00A61A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00A61A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 00A61A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 00A61D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 00A61CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 00A61D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 00A61B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 00A61C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 00A61C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 00A61B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [24, 84] {AND AL, 0x84}
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 00A61BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 00A61B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 00A61B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 00A61CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 00A61CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 00A61C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 00A61BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 00A61C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 00A61C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 00A61BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00A61D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 00A61AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 00A61E90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] WS2_32.dll!WSASocketA 71AB8B6A 5 Bytes JMP 00A61E70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 00A61480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 00A61640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 00A61000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 00A61250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 00A67E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 00A61E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 00A61DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 00A61DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 00A61DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 00A67BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1272] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 00A67D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 10001E90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\winlogon.exe[1356] WS2_32.dll!WSASocketA 71AB8B6A 5 Bytes JMP 10001E70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}

.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\services.exe[1400] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 10001E90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] WS2_32.dll!WSASocketA 71AB8B6A 5 Bytes JMP 10001E70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\lsass.exe[1412] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1580] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1668] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1708] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1772] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 00B11950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 00B182B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 00B118D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 00B11890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 00B119B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 00B11910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 00B11A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 00B11970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 00B118F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00B11930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 00B119D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 00B11990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00B118B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 00B11A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 00B14550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 00B181E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 00B119F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00B11B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00B11D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 00B11AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00B11AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00B11D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00B11A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00B11A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 00B11A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 00B11D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 00B11CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 00B11D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 00B11B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 00B11C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 00B11C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 00B11B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [2F, 84]
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 00B11BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 00B11B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 00B11B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 00B11CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 00B11CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 00B11C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 00B11BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 00B11C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 00B11C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 00B11BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00B11D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 00B11AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 00B11E90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] WS2_32.dll!WSASocketA 71AB8B6A 5 Bytes JMP 00B11E70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 00B11480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 00B11640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 00B11000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 00B11250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 00B17E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 00B11E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 00B11DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 00B11DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 00B11DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 00B17BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1808] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 00B17D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] WININET.dll!InternetConnectA 3D94B0B2 5 Bytes JMP 10001E30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] WININET.dll!InternetConnectW 3D94C2A0 5 Bytes JMP 10001E50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdlserv.exe[1828] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1832] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 10001E90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] WS2_32.dll!WSASocketA 71AB8B6A 5 Bytes JMP 10001E70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1876] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 00D41950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 00D482B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 00D418D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 00D41890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 00D419B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 00D41910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 00D41A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 00D41970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 00D418F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00D41930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 00D419D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 00D41990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00D418B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 00D41A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 00D44550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 00D481E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 00D419F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00D41B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00D41D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 00D41AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00D41AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00D41D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00D41A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00D41A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 00D41A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 00D41D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 00D41CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 00D41D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 00D41B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 00D41C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 00D41C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 00D41B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [52, 84]
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 00D41BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 00D41B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 00D41B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 00D41CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 00D41CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 00D41C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 00D41BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 00D41C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 00D41C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 00D41BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00D41D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 00D41AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 00D41E90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] WS2_32.dll!WSASocketA 71AB8B6A 5 Bytes JMP 00D41E70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 00D41480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 00D41640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 00D41000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 00D41250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 00D47E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 00D41E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 00D41DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 00D41DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 00D41DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 00D47BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe[1908] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 00D47D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1960] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[1960] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\svchost.exe[2016] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2208] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wuauclt.exe[2216] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 00371950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 003782B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 003718D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 00371890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 003719B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 00371910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 00371A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 00371970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 003718F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00371930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 003719D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 00371990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 003718B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 00371A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 00374550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003781E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 003719F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00371B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00371D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 00371AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00371AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00371D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00371A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00371A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 00371A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 00371D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 00371CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 00371D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 00371B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 00371C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 00371C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 00371B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [B5, 83] {MOV CH, 0x83}
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 00371BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 00371B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 00371B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 00371CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 00371CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 00371C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 00371BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 00371C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 00371C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 00371BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00371D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 00371AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 00377E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 00371480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 00371640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 00371000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 00371250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 00377BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 00377D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 00371E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 00371DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 00371DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] SHELL32.dll!ShellExecuteW 7CAB5D48 3 Bytes JMP 00371DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] SHELL32.dll!ShellExecuteW + 4 7CAB5D4C 1 Byte [83]
.text C:\WINDOWS\system32\hkcmd.exe[2288] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 00371E90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] WS2_32.dll!WSASocketA 71AB8B6A 3 Bytes JMP 00371E70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] WS2_32.dll!WSASocketA + 4 71AB8B6E 1 Byte [8E]
.text C:\WINDOWS\system32\hkcmd.exe[2288] WININET.DLL!InternetConnectA 3D94B0B2 5 Bytes JMP 00371E30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\hkcmd.exe[2288] WININET.DLL!InternetConnectW 3D94C2A0 5 Bytes JMP 00371E50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxpers.exe[2308] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 10001E90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] WS2_32.dll!WSASocketA 71AB8B6A 5 Bytes JMP 10001E70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] WININET.DLL!InternetConnectA 3D94B0B2 5 Bytes JMP 10001E30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apoint.exe[2328] WININET.DLL!InternetConnectW 3D94C2A0 5 Bytes JMP 10001E50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

#15 nnb2011

nnb2011
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 26 July 2011 - 05:45 PM

.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\inetsrv\DavCData.exe[2352] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 00371950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 003782B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 003718D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 00371890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 003719B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 00371910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 00371A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 00371970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 003718F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00371930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 003719D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 00371990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 003718B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 00371A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 00374550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003781E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 003719F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00371B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00371D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 00371AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00371AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00371D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00371A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00371A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 00371A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 00371D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 00371CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 00371D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 00371B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 00371C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 00371C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 00371B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [B5, 83] {MOV CH, 0x83}
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 00371BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 00371B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 00371B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 00371CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 00371CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 00371C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 00371BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 00371C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 00371C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 00371BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00371D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 00371AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 00377E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 00371480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 00371640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 00371000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 00371250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 00371E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 00371DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 00371DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] SHELL32.dll!ShellExecuteW 7CAB5D48 3 Bytes JMP 00371DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] SHELL32.dll!ShellExecuteW + 4 7CAB5D4C 1 Byte [83]
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 00377BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[2356] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 00377D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 00D11950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 00D182B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 00D118D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 00D11890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 00D119B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 00D11910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 00D11A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 00D11970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 00D118F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00D11930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 00D119D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 00D11990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00D118B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 00D11A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 00D14550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 00D181E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 00D119F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00D11B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00D11D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 00D11AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00D11AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00D11D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00D11A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00D11A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 00D11A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 00D11D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 00D11CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 00D11D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 00D11B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 00D11C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 00D11C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 00D11B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [4F, 84]
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 00D11BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 00D11B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 00D11B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 00D11CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 00D11CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 00D11C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 00D11BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 00D11C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 00D11C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 00D11BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00D11D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 00D11AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 00D11E90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] WS2_32.dll!WSASocketA 71AB8B6A 5 Bytes JMP 00D11E70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 00D11480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 00D11640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 00D11000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 00D11250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] USER32.dll!EndTask 7E45A0A5 3 Bytes JMP 00D17E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] USER32.dll!EndTask + 4 7E45A0A9 1 Byte [82]
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 00D11E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 00D11DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 00D11DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 00D11DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 00D17BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2376] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 00D17D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\igfxsrvc.exe[2412] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 00BF1950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 00BF82B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 00BF18D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 00BF1890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 00BF19B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 00BF1910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 00BF1A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 00BF1970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 00BF18F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00BF1930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 00BF19D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 00BF1990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00BF18B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 00BF1A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 00BF4550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 00BF81E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 00BF19F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00BF1B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00BF1D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 00BF1AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00BF1AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00BF1D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00BF1A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00BF1A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 00BF1A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 00BF1D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 00BF1CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 00BF1D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 00BF1B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 00BF1C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 00BF1C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 00BF1B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [3D, 84]
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 00BF1BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 00BF1B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 00BF1B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 00BF1CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 00BF1CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 00BF1C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 00BF1BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 00BF1C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 00BF1C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 00BF1BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00BF1D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 00BF1AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 00BF1480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 00BF1640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 00BF1000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 00BF1250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 00BF7E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 00BF1E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 00BF1DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 00BF1DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 00BF1DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 00BF7BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 00BF7D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 00BF1E90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2560] WS2_32.dll!WSASocketA 71AB8B6A 5 Bytes JMP 00BF1E70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] WININET.dll!InternetConnectA 3D94B0B2 5 Bytes JMP 10001E30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2576] WININET.dll!InternetConnectW 3D94C2A0 5 Bytes JMP 10001E50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] WININET.dll!InternetConnectA 3D94B0B2 5 Bytes JMP 10001E30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] WININET.dll!InternetConnectW 3D94C2A0 5 Bytes JMP 10001E50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2584] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2672] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2680] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 10001E90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] WS2_32.dll!WSASocketA 71AB8B6A 5 Bytes JMP 10001E70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] WININET.dll!InternetConnectA 3D94B0B2 5 Bytes JMP 10001E30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2736] WININET.dll!InternetConnectW 3D94C2A0 5 Bytes JMP 10001E50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] WININET.dll!InternetConnectA 3D94B0B2 5 Bytes JMP 10001E30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[2848] WININET.dll!InternetConnectW 3D94C2A0 5 Bytes JMP 10001E50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] WININET.DLL!InternetConnectA 3D94B0B2 5 Bytes JMP 10001E30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2884] WININET.DLL!InternetConnectW 3D94C2A0 5 Bytes JMP 10001E50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\ctfmon.exe[2920] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\HidFind.exe[2968] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\DellTPad\Apntex.exe[3012] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3148] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3328] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 10001E90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] WS2_32.dll!WSASocketA 71AB8B6A 5 Bytes JMP 10001E70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3360] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 10001950 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 100082B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 100018D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 10001890 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 100019B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 10001910 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 10001A30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 10001970 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 100018F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 10001930 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 100019D0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 10001990 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 100018B0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 10001A10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10004550 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 100081E0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ntdll.dll!LdrGetProcedureAddress 7C917CF0 5 Bytes JMP 100019F0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 10001B30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 10001D90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 10001AF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 10001AD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10001D30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10001A70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10001A50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 10001A90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 10001D50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 10001CF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 10001D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001B50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 10001C90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 10001C10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!OpenFile 7C821982 2 Bytes JMP 10001B10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!OpenFile + 3 7C821985 2 Bytes [7E, 93] {JLE 0xffffffffffffff95}
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 10001BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 10001B70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 10001B90 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 10001CB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 10001CD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 10001C50 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 10001BF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 10001C70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 10001C30 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 10001BB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 10001D70 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 10001AB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ADVAPI32.dll!OpenServiceW 77DE6FFD 7 Bytes JMP 10001480 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 10001640 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 10001000 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 10001250 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 10007E80 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 10007BD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 10007D10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] SHELL32.dll!ShellExecuteExW 7CA098CB 5 Bytes JMP 10001E10 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] SHELL32.dll!ShellExecuteEx 7CA40E45 5 Bytes JMP 10001DF0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] SHELL32.dll!ShellExecuteA 7CA41170 5 Bytes JMP 10001DB0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\msiexec.exe[3932] SHELL32.dll!ShellExecuteW 7CAB5D48 5 Bytes JMP 10001DD0 c:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] [B9DFF6E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] [B9DFF7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] [B9DFF780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [B9DFF740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [B9DFF740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [B9DFF7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [B9DFF6E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [B9DFF780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [B9DFF780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [B9DFF740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [B9DFF7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [B9DFF6E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [B9DFF740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [B9DFF780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [B9DFF6E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [B9DFF7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [B9DFF6E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [B9DFF7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [B9DFF740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [B9DFF780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [B9DFF740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [B9DFF7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [B9DFF6E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter] [B9DFF6E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter] [B9DFF7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol] [B9DFF780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol] [B9DFF740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [B9DFF740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [B9DFF780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [B9DFF6E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [B9DFF7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
---- Processes - GMER 1.0.15 ----

Library C:\Program (*** hidden *** ) @ C:\WINDOWS\Explorer.EXE [264] 0x017F0000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\Explorer.EXE [264] 0x02440000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\system32\winlogon.exe [1356] 0x011E0000

---- EOF - GMER 1.0.15 ----




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users