GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-09-09 03:21:19 Windows 6.0.6002 Service Pack 2 Running: gmer.exe; Driver: C:\Users\Declan\AppData\Local\Temp\uxryrpod.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAdjustPrivilegesToken [0x8F60D510] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAlpcConnectPort [0x8F60E8D2] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAlpcCreatePort [0x8F60D6FC] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwConnectPort [0x8F60C832] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateFile [0x8F60D176] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreatePort [0x8F60C70E] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSection [0x8F60CEF4] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSymbolicLinkObject [0x8F60E562] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThread [0x8F60C0F6] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwLoadDriver [0x8F60E15A] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwMakeTemporaryObject [0x8F60CACE] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenFile [0x8F60D352] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenSection [0x8F60CD7E] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRequestWaitReplyPort [0x8F60DBEE] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSecureConnectPort [0x8F60DEA2] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSystemInformation [0x8F60E352] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwShutdownSystem [0x8F60CA68] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSystemDebugControl [0x8F60CC6A] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateProcess [0x8F60C50C] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateThread [0x8F60C2F6] SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThreadEx [0x8F60D80C] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!KeSetEvent + 119 81EBE87C 4 Bytes [10, D5, 60, 8F] .text ntkrnlpa.exe!KeSetEvent + 13D 81EBE8A0 8 Bytes CALL 58E87805 .text ntkrnlpa.exe!KeSetEvent + 1C1 81EBE924 4 Bytes [32, C8, 60, 8F] .text ntkrnlpa.exe!KeSetEvent + 1D9 81EBE93C 4 Bytes [76, D1, 60, 8F] .text ntkrnlpa.exe!KeSetEvent + 205 81EBE968 4 Bytes [0E, C7, 60, 8F] .text ... PAGE ntkrnlpa.exe!ObMakeTemporaryObject 81FE928F 5 Bytes JMP 8FA165D4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ObInsertObject 82042063 5 Bytes JMP 8FA17FFA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ---- User code sections - GMER 1.0.15 ---- .text C:\Windows\system32\wininit.exe[640] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] WS2_32.dll!WSASocketW 755434EB 7 Bytes JMP 10025840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wininit.exe[640] WS2_32.dll!WSASocketA 75548FA9 5 Bytes JMP 10025860 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[684] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] WS2_32.dll!WSASocketW 755434EB 7 Bytes JMP 10025840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[696] WS2_32.dll!WSASocketA 75548FA9 5 Bytes JMP 10025860 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[708] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] WS2_32.dll!WSASocketW 755434EB 7 Bytes JMP 10025840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] WS2_32.dll!WSASocketA 75548FA9 5 Bytes JMP 10025860 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[904] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[952] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[980] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1028] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 004F7CB0 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1076] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] wininet.dll!InternetConnectA 7558DEAE 5 Bytes JMP 100258A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1092] wininet.dll!InternetConnectW 7558F862 5 Bytes JMP 10025880 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ADVAPI32.DLL!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ADVAPI32.DLL!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ADVAPI32.DLL!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ADVAPI32.DLL!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ADVAPI32.DLL!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ADVAPI32.DLL!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] SHELL32.DLL!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] SHELL32.DLL!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] SHELL32.DLL!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] SHELL32.DLL!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] WS2_32.DLL!WSASocketW 755434EB 7 Bytes JMP 10025840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] WS2_32.DLL!WSASocketA 75548FA9 5 Bytes JMP 10025860 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] WININET.DLL!InternetConnectA 7558DEAE 5 Bytes JMP 100258A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\VideoLAN\VLC\vlc.exe[1152] WININET.DLL!InternetConnectW 7558F862 5 Bytes JMP 10025880 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] WS2_32.dll!WSASocketW 755434EB 7 Bytes JMP 10025840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] WS2_32.dll!WSASocketA 75548FA9 5 Bytes JMP 10025860 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] shell32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] shell32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] shell32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1156] shell32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1188] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1332] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] WS2_32.dll!WSASocketW 755434EB 7 Bytes JMP 10025840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[1344] WS2_32.dll!WSASocketA 75548FA9 5 Bytes JMP 10025860 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1348] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe[1376] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1536] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] shell32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] shell32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] shell32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] shell32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] WinInet.dll!InternetConnectA 7558DEAE 5 Bytes JMP 100258A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1588] WinInet.dll!InternetConnectW 7558F862 5 Bytes JMP 10025880 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\nvvsvc.exe[1664] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\ApMsgFwd.exe[1712] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\agrsmsvc.exe[1752] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] WININET.dll!InternetConnectA 7558DEAE 5 Bytes JMP 100258A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] WININET.dll!InternetConnectW 7558F862 5 Bytes JMP 10025880 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] WS2_32.dll!WSASocketW 755434EB 7 Bytes JMP 10025840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] WS2_32.dll!WSASocketA 75548FA9 5 Bytes JMP 10025860 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Hpservice.exe[1772] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!SetUnhandledExceptionFilter 76FDA84F 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP } .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] WS2_32.dll!WSASocketW 755434EB 7 Bytes JMP 10025840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] WS2_32.dll!WSASocketA 75548FA9 5 Bytes JMP 10025860 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] wininet.dll!InternetConnectA 7558DEAE 5 Bytes JMP 100258A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] wininet.dll!InternetConnectW 7558F862 5 Bytes JMP 10025880 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2060] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2092] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2108] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe[2284] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2316] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[2332] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\rundll32.exe[2364] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2396] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[2416] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2424] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2452] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2472] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe[2500] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 003934C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 0038CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 00395CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 00395D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ntdll.dll!NtClose 76E94314 5 Bytes JMP 0038CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 00395DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 00395E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 00395E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 00395D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 00395C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 00395D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 00395D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 00395D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 00395CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 00395CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 00395DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 00395C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 00395DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 00395E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 00395940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 00395BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 00395AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 00395B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 00395B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 00395A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 00395A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 00395A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 00395A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 00395BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 00395980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 00395C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 003959A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 00395C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 003959E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 003959C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 00395B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 00395BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 00395AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 00395A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 00395B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 00395AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 00395B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 00395960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 00395C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 00397420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 0038FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 0038F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 003965F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 00396890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 00396B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 00396DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 00397660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 003978A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 00395900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 003958C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 003958E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\SMINST\BLService.exe[2528] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 00395920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2552] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[2584] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[2612] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] WS2_32.dll!WSASocketW 755434EB 7 Bytes JMP 10025840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[2648] WS2_32.dll!WSASocketA 75548FA9 5 Bytes JMP 10025860 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] WININET.dll!InternetConnectA 7558DEAE 5 Bytes JMP 100258A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchProtocolHost.exe[2712] WININET.dll!InternetConnectW 7558F862 5 Bytes JMP 10025880 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3372] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3412] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3436] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apoint.exe[3584] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Defender\MSASCui.exe[3592] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe[3624] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] KERNEL32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] shell32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] shell32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] shell32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] shell32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[3652] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[3816] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 006ECF90 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] WS2_32.dll!WSASocketW 755434EB 7 Bytes JMP 10025840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] WS2_32.dll!WSASocketA 75548FA9 5 Bytes JMP 10025860 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] WININET.dll!InternetConnectA 7558DEAE 5 Bytes JMP 100258A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3832] WININET.dll!InternetConnectW 7558F862 5 Bytes JMP 10025880 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3844] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\WINDOWS\ehome\ehtray.exe[3852] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnscfg.exe[3860] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] WININET.dll!InternetConnectA 7558DEAE 5 Bytes JMP 100258A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3868] WININET.dll!InternetConnectW 7558F862 5 Bytes JMP 10025880 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] WS2_32.dll!WSASocketW 755434EB 7 Bytes JMP 10025840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3900] WS2_32.dll!WSASocketA 75548FA9 5 Bytes JMP 10025860 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[3936] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Apoint2K\Apntex.exe[3984] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[4120] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[4368] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4404] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4432] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ntdll.dll!KiUserExceptionDispatcher 76E95DC8 5 Bytes JMP 10025660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] WS2_32.dll!WSASocketW 755434EB 7 Bytes JMP 10025840 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] WS2_32.dll!WSASocketA 75548FA9 5 Bytes JMP 10025860 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] SHELL32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] SHELL32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] SHELL32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Mozilla Firefox\firefox.exe[4636] SHELL32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ntdll.dll!LdrLoadDll 76E59390 5 Bytes JMP 100234C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ntdll.dll!LdrUnloadDll 76E6BA50 7 Bytes JMP 1001CFE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ntdll.dll!LdrGetProcedureAddress 76E75A88 5 Bytes JMP 10025CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ntdll.dll!NtAllocateVirtualMemory 76E94134 5 Bytes JMP 10025D20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ntdll.dll!NtClose 76E94314 5 Bytes JMP 1001CEC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ntdll.dll!NtCreateFile 76E943D4 5 Bytes JMP 10025DA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ntdll.dll!NtCreateProcess 76E94494 5 Bytes JMP 10025E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ntdll.dll!NtCreateProcessEx 76E944A4 5 Bytes JMP 10025E20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ntdll.dll!NtDeleteFile 76E947B4 5 Bytes JMP 10025D60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ntdll.dll!NtFreeVirtualMemory 76E94944 5 Bytes JMP 10025C60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ntdll.dll!NtLoadDriver 76E94A64 5 Bytes JMP 10025D00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ntdll.dll!NtOpenFile 76E94BB4 5 Bytes JMP 10025D80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ntdll.dll!NtProtectVirtualMemory 76E94D34 5 Bytes JMP 10025D40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ntdll.dll!NtSetInformationProcess 76E95324 5 Bytes JMP 10025CC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ntdll.dll!NtUnloadDriver 76E95574 5 Bytes JMP 10025CE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ntdll.dll!NtWriteVirtualMemory 76E95674 5 Bytes JMP 10025DC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ntdll.dll!RtlAllocateHeap 76E96570 5 Bytes JMP 10025C80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!CreateProcessW 76FB1BF3 5 Bytes JMP 10025DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!CreateProcessA 76FB1C28 5 Bytes JMP 10025E00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!VirtualProtect 76FB1DC3 5 Bytes JMP 10025940 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!OpenFile 76FB355A 5 Bytes JMP 10025BC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!MoveFileW 76FBA2F2 5 Bytes JMP 10025AC0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!CopyFileExW 76FC0211 7 Bytes JMP 10025B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!CopyFileW 76FC0299 5 Bytes JMP 10025B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!DeleteFileW 76FCF4B6 5 Bytes JMP 10025A00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!DeleteFileA 76FCF5D2 5 Bytes JMP 10025A20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!MoveFileWithProgressW 76FD10A4 5 Bytes JMP 10025A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!MoveFileExW 76FD10C8 5 Bytes JMP 10025A80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!LoadLibraryExW 76FD9109 7 Bytes JMP 10025BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!LoadLibraryW 76FD9362 5 Bytes JMP 10025980 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!LoadLibraryExA 76FD94B4 5 Bytes JMP 10025C00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!LoadLibraryA 76FD94DC 5 Bytes JMP 100259A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!GetProcAddress 76FF903B 5 Bytes JMP 10025C40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!GetModuleHandleA 76FF92A5 5 Bytes JMP 100259E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!GetModuleHandleW 76FFA804 5 Bytes JMP 100259C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!CreateFileW 76FFAECB 5 Bytes JMP 10025B80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!CreateFileA 76FFCE5F 5 Bytes JMP 10025BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!MoveFileExA 77000F0A 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!MoveFileWithProgressA 77000F2A 5 Bytes JMP 10025A60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!CopyFileA 77002433 5 Bytes JMP 10025B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!MoveFileA 7703F641 5 Bytes JMP 10025AE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!CopyFileExA 770419F9 5 Bytes JMP 10025B20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!WinExec 77045CF7 5 Bytes JMP 10025960 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] kernel32.dll!LoadModule 77045E4F 5 Bytes JMP 10025C20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ADVAPI32.dll!CreateProcessAsUserA 76C5CEB9 5 Bytes JMP 1001FF40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ADVAPI32.dll!CreateProcessAsUserW 76C71EE9 5 Bytes JMP 1001F730 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ADVAPI32.dll!OpenServiceA 76C72EBD 7 Bytes JMP 100265F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ADVAPI32.dll!OpenServiceW 76C78354 7 Bytes JMP 10026890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ADVAPI32.dll!CreateServiceW 76C99EB4 7 Bytes JMP 10026B00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ADVAPI32.dll!CreateServiceA 76CD72A1 7 Bytes JMP 10026DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] USER32.dll!EndTask 76ACAD32 5 Bytes JMP 10027420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] shell32.dll!ShellExecuteW 75F89725 5 Bytes JMP 10025900 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] shell32.dll!ShellExecuteExW 75FDC155 5 Bytes JMP 100258C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] shell32.dll!ShellExecuteEx 7618A27A 5 Bytes JMP 100258E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] shell32.dll!ShellExecuteA 7618A315 5 Bytes JMP 10025920 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ole32.dll!CoGetClassObject 7569FABC 5 Bytes JMP 10027660 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\Declan\Desktop\gmer.exe[5196] ole32.dll!CoCreateInstanceEx 756B9EE9 5 Bytes JMP 100278A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software) AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\tdx \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002186312a97 Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\002186312a97 (not active ControlSet) ---- EOF - GMER 1.0.15 ----