Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Found trojans and PC now very slow

Started by Africanlion , Jun 26 2011 09:29 PM

This topic is locked

#1
Africanlion

Posted 26 June 2011 - 09:29 PM

Member

Member
108 posts

My Microsoft Security Essentials popped up and reported finding a trojan which i promptly deleted/removed. Sorry i forget the name now. I then ran super antispyware scan and it found 2 trojans which i again deleted. Since then the computer has been running very very slowly. Web pages take like forever to load, Internet Explorer keeps freezing when i try to open programs, view pics etc and even more annoying is that i cant watch any FLV movies or files on the net including youtube. They keep buffering and stopping. I have installed and run scans with different antispywares with no luck at all. I have tried

Microsoft Security Essentials
Anti Malwarebytes
Super Antispyware
A Squared

Please help as i am desperate

#2
maliprog

Posted 28 June 2011 - 12:20 AM

Trusted Helper

Malware Removal
6,172 posts

Hello Africanlion and welcome to G2G!

My nick is maliprog and I'll will be your technical support on this issue. Before we start please read my notes carefully:

NOTE:

Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
Absence of symptoms does not always mean the computer is clean
Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
Please DO NOT run any scans or fix on your own without my direction.
Please read all of my response through at least once before attempting to follow the procedures described.
If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply.
You must reply within 3 days or your topic will be closed

Step 1

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan
On the first tab select all elements down to Computer and then select start scan
Confirm deletion to all infection AVP finds
Once it has finished select report and post that.

Do not close AVPTool or it will self uninstall, if it does uninstall - then just rerun the setup file on your desktop

Step 2

Download OTL to your Desktop

Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator")
. Make sure all other windows are closed and to let it run uninterrupted.
Under the Custom Scan box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT

Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them if you need to start a new topic.

Step 3

Download GMER from Here. Note the file's name and save it to your root folder, such as C:.

Disconnect from the Internet and close all running programs.
Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.
Click on this link to see a list of programs that should be disabled.
Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")
Allow the driver to load if asked.
You may be prompted to scan immediately if it detects rootkit activity.
If you are prompted to scan your system click "No", save the log and post back the results.
If not prompted, click the "Rootkit/Malware" tab.
On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked.
Select all drives that are connected to your system to be scanned.
Click the Scan button to begin. (Please be patient as it can take some time to complete)
When the scan is finished, click Save to save the scan results to your Desktop.
Save the file as Results.log and copy/paste the contents in your next reply.
Exit the program and re-enable all active protection when done.

Step 4

Please don't forget to include these items in your reply:

OTL log
OTL Extras log
GMER log
AVPTool log

It would be helpful if you could post each log in separate post

#3
Africanlion

Posted 29 June 2011 - 03:44 AM

Member

Topic Starter
Member
108 posts

hi malipgrog

AVPSTool found and reported nothing so no log

OTL logfile created on: 29/06/2011 03:07:10 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Tendai\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.87 Gb Total Physical Memory | 0.63 Gb Available Physical Memory | 33.59% Memory free
3.98 Gb Paging File | 1.75 Gb Available in Paging File | 44.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 54.42 Gb Total Space | 17.87 Gb Free Space | 32.83% Space Free | Partition Type: NTFS

Computer Name: TENDAI-PC | User Name: Tendai | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/29 03:03:50 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Tendai\Desktop\OTL.scr
PRC - [2011/06/22 22:01:48 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/05/29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/05/09 23:17:34 | 002,552,648 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011/04/19 07:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/01/17 19:08:58 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 19:08:58 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/08/27 13:14:48 | 001,050,072 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TemproTray.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2006/12/15 18:11:46 | 000,577,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
PRC - [2006/12/14 20:09:48 | 000,493,688 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2006/12/14 20:07:26 | 000,411,768 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2006/12/13 10:33:24 | 000,094,208 | ---- | M] (TOSHIBA Inc.) -- C:\Program Files\TOSHIBA\Utilities\VolControl.exe
PRC - [2006/12/11 18:27:12 | 000,530,552 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2006/11/14 22:02:36 | 001,372,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2006/11/14 21:19:42 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2006/11/01 16:37:50 | 003,772,416 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006/04/28 10:14:44 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

========== Modules (SafeList) ==========

MOD - [2011/06/29 03:03:50 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Tendai\Desktop\OTL.scr
MOD - [2011/05/02 20:36:04 | 000,284,744 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll
MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/06/02 09:06:18 | 001,359,664 | ---- | M] () [Auto | Running] -- C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe -- (SynchronizationService.exe)
SRV - [2011/06/02 09:04:58 | 000,579,888 | ---- | M] () [Auto | Running] -- C:\Program Files\COMODO\COMODO BackUp\COSService.exe -- (COSService.exe)
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/05/26 04:43:20 | 000,154,424 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe -- (CLPSLS)
SRV - [2011/05/25 15:14:34 | 000,053,248 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2011/05/09 09:38:44 | 001,779,792 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011/04/19 07:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/04/19 07:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/11/11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/08/27 13:14:42 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/12/14 20:06:14 | 000,428,152 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2006/11/14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006/09/12 08:03:20 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 17:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/05/25 19:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)

========== Driver Services (SafeList) ==========

DRV - [2011/06/28 12:45:56 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0C24DB96-3426-4A19-92A7-505AC5A37FF9}\MpKsl31d572f3.sys -- (MpKsl31d572f3)
DRV - [2011/06/02 09:07:06 | 000,075,160 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\drivers\bdisk.sys -- (bdisk)
DRV - [2011/06/02 09:06:58 | 000,125,624 | ---- | M] (COMODO Security Solutions Inc.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\CBUFS.sys -- (CBUfs)
DRV - [2011/06/02 09:06:48 | 000,430,528 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\cbvd.sys -- (cbvd)
DRV - [2011/06/02 09:06:32 | 000,429,480 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\cbreparse.sys -- (reparse)
DRV - [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/05/07 16:17:36 | 000,082,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2011/05/02 20:36:34 | 000,036,568 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011/05/02 20:36:32 | 000,238,960 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011/04/14 21:28:18 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:12:38 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:30 | 000,028,624 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:28 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/10/24 21:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/10/24 21:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/09/01 09:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2009/10/22 13:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\00777662.sys -- (00777662)
DRV - [2009/10/09 23:31:02 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\0077766.sys -- (setup_9.0.0.722_24.06.2011_17-05drv)
DRV - [2009/09/25 17:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\38013711.sys -- (38013711)
DRV - [2009/09/25 17:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\00777661.sys -- (00777661)
DRV - [2007/11/09 05:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/07/14 04:30:00 | 000,742,400 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/07/13 08:18:20 | 000,050,688 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006/11/24 21:46:38 | 002,085,888 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/20 18:14:28 | 000,033,792 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\qkbfiltr.sys -- (qkbfiltr)
DRV - [2006/10/18 12:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/10/12 09:18:14 | 000,007,680 | ---- | M] (Quanta Computer Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BoiHwSetup.sys -- (BoiHwsetup)
DRV - [2006/08/31 06:53:00 | 001,161,152 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/02/14 18:50:52 | 000,216,320 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006/02/14 18:41:20 | 000,208,256 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.buzqo.com/?cfg=2-401-0-...
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7B 2C C1 B1 C7 2C CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {6778613D-616B-4A6C-9856-65DE943CF424} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/06/27 16:59:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/22 22:01:52 | 000,000,000 | ---D | M]

[2011/06/15 02:35:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tendai\AppData\Roaming\mozilla\Extensions
[2011/06/25 15:22:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tendai\AppData\Roaming\mozilla\Firefox\Profiles\rsun6w2c.default\extensions
[2011/06/21 23:02:51 | 000,001,735 | ---- | M] () -- C:\Users\Tendai\AppData\Roaming\Mozilla\Firefox\Profiles\rsun6w2c.default\searchplugins\ask.uk.xml
[2011/06/23 01:36:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/23 01:36:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/06/27 16:59:00 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011/06/22 22:01:49 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 09:00:00 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 09:00:00 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/01 09:00:00 | 000,001,180 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/01/01 09:00:00 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe (COMODO)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe (COMODO)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jaureg.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [TOSHIBA Volume Indicator] C:\Program Files\Toshiba\Utilities\VolControl.exe (TOSHIBA Inc.)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Tendai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Tendai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_24.06.2011_17-05.lnk = C:\Users\Tendai\Desktop\Virus Removal Tool\setup_9.0.0.722_24.06.2011_17-05\startup.exe ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - File not found
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Tendai\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Tendai\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ff4ccecc-a0ed-11e0-80cc-001636deac34}\Shell - "" = AutoRun
O33 - MountPoints2\{ff4ccecc-a0ed-11e0-80cc-001636deac34}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/06/29 03:03:29 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Tendai\Desktop\OTL.scr
[2011/06/29 02:01:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ATS
[2011/06/28 17:28:45 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\00777661.sys
[2011/06/28 17:28:45 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\00777662.sys
[2011/06/28 17:28:44 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\0077766.sys
[2011/06/28 17:28:36 | 000,000,000 | ---D | C] -- C:\Users\Tendai\Desktop\Virus Removal Tool
[2011/06/28 04:57:05 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/06/27 17:16:08 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Roaming\AVG10
[2011/06/27 17:06:52 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/06/27 17:05:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011
[2011/06/27 16:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2011/06/27 16:29:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2011/06/27 16:05:34 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/06/27 15:34:53 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/06/26 21:17:26 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2011/06/26 21:17:26 | 000,000,000 | ---D | C] -- C:\Users\Tendai\Documents\Anti-Malware
[2011/06/25 20:13:02 | 000,000,000 | ---D | C] -- C:\Users\Tendai\Backups
[2011/06/25 00:26:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO
[2011/06/24 15:12:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011/06/24 14:39:15 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\38013711.sys
[2011/06/24 14:22:39 | 099,725,416 | ---- | C] ( ) -- C:\Users\Tendai\Desktop\setup_9.0.0.722_24.06.2011_17-05.exe
[2011/06/23 23:06:09 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Roaming\Comodo
[2011/06/23 22:03:14 | 000,544,768 | ---- | C] (Stardock Corporation) -- C:\Windows\System32\wbocx.ocx
[2011/06/23 22:03:14 | 000,056,496 | ---- | C] (Stardock.Net, Inc) -- C:\Windows\System32\wbhelp2.dll
[2011/06/23 22:03:11 | 000,033,968 | ---- | C] (Neil Banfield) -- C:\Windows\System32\anim.dll
[2011/06/23 21:27:05 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/06/23 17:44:43 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Local\ElevatedDiagnostics
[2011/06/22 23:52:26 | 000,000,000 | ---D | C] -- C:\Users\Tendai\Desktop\gmer
[2011/06/22 22:28:52 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Roaming\AVS4YOU
[2011/06/22 22:20:04 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2011/06/22 22:12:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2011/06/22 22:09:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia
[2011/06/22 22:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2011/06/22 22:06:20 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2011/06/22 21:41:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2011/06/22 21:41:28 | 000,000,000 | ---D | C] -- C:\Program Files\NOS
[2011/06/22 17:59:05 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011/06/22 17:18:02 | 000,000,000 | ---D | C] -- C:\Users\Tendai\Documents\My Albums
[2011/06/22 17:12:59 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Roaming\ArcSoft
[2011/06/22 16:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Camera Suite
[2011/06/22 16:24:17 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft
[2011/06/22 16:24:15 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\pcdlib32.dll
[2011/06/22 03:27:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2011/06/22 03:24:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2011/06/22 03:22:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2011/06/22 03:15:15 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2011/06/22 02:12:39 | 000,000,000 | ---D | C] -- C:\Users\Tendai\Documents\dvd
[2011/06/22 00:50:48 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\Windows\System32\ssubtmr6.dll
[2011/06/22 00:50:47 | 000,036,864 | ---- | C] (Robdogg Inc.) -- C:\Windows\System32\trayicon_handler.ocx
[2011/06/21 23:01:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free YouTube Downloader
[2011/06/21 23:01:25 | 000,000,000 | ---D | C] -- C:\Program Files\Free YouTube Downloader
[2011/06/21 22:58:41 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/06/21 22:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/21 22:58:27 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/06/21 22:58:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/21 07:56:06 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/06/21 07:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/06/21 07:38:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/06/21 04:16:50 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Roaming\Malwarebytes
[2011/06/21 04:16:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/19 23:40:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2011/06/19 23:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/06/19 23:36:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011/06/19 23:05:07 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Local\WindowsUpdate
[2011/06/19 19:47:04 | 000,000,000 | ---D | C] -- C:\Users\Tendai\Documents\Hotmail-5
[2011/06/19 19:30:57 | 000,000,000 | ---D | C] -- C:\Users\Tendai\Documents\Hotmail-4
[2011/06/19 19:29:33 | 000,000,000 | ---D | C] -- C:\Users\Tendai\Documents\Hotmail-3
[2011/06/19 19:27:06 | 000,000,000 | ---D | C] -- C:\Users\Tendai\Documents\Hotmail-2
[2011/06/19 19:24:47 | 000,000,000 | ---D | C] -- C:\Users\Tendai\Documents\Farm pics
[2011/06/19 19:22:23 | 000,000,000 | ---D | C] -- C:\Users\Tendai\Documents\Hotmail
[2011/06/18 02:47:55 | 000,000,000 | ---D | C] -- C:\ProgramData\InterVideo
[2011/06/17 16:32:59 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2011/06/17 14:27:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011/06/17 11:10:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2011/06/17 11:10:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2011/06/17 11:10:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2011/06/17 10:00:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/06/16 22:51:19 | 000,307,200 | ---- | C] (FLV.com) -- C:\Windows\System32\TubeFinder.exe
[2011/06/16 22:51:00 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Roaming\FreeFLVConverter
[2011/06/16 22:07:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/06/16 18:08:30 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2011/06/16 01:52:08 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
[2011/06/16 01:51:54 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2011/06/16 00:50:38 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Roaming\OpenOffice.org
[2011/06/16 00:09:27 | 000,000,000 | ---D | C] -- C:\Users\Tendai\Documents\InterVideo
[2011/06/16 00:02:54 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Roaming\Ulead Systems
[2011/06/16 00:02:40 | 000,000,000 | ---D | C] -- C:\Users\Tendai\Documents\Ulead DVD MovieFactory
[2011/06/16 00:02:20 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Roaming\InterVideo
[2011/06/15 20:53:56 | 000,000,000 | ---D | C] -- C:\Users\Tendai\Documents\Vuze Downloads
[2011/06/15 20:40:52 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Roaming\Azureus
[2011/06/15 20:39:03 | 000,000,000 | ---D | C] -- C:\Program Files\Vuze
[2011/06/15 04:45:42 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/06/15 03:51:25 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Roaming\Toshiba
[2011/06/15 03:44:07 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/06/15 03:42:23 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/06/15 03:18:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InterVideo
[2011/06/15 03:17:06 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Roaming\InstallShield
[2011/06/15 02:53:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2011/06/15 02:49:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Scan
[2011/06/15 02:49:25 | 000,000,000 | ---D | C] -- C:\Program Files\epson
[2011/06/15 02:32:53 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Roaming\Mozilla
[2011/06/15 02:32:53 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Local\Mozilla
[2011/06/15 02:32:23 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/06/15 02:29:43 | 000,506,368 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys
[2011/06/15 02:29:43 | 000,000,000 | ---D | C] -- C:\Program Files\Atheros
[2011/06/15 02:29:28 | 000,000,000 | ---D | C] -- C:\temp
[2011/06/15 02:26:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/06/15 02:26:02 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/06/15 02:21:12 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/06/15 02:18:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/06/15 02:18:13 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Roaming\Macromedia
[2011/06/15 02:17:30 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Local\Google
[2011/06/15 02:15:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2011/06/15 02:15:46 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011/06/15 02:10:54 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2011/06/15 02:05:41 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2011/06/15 02:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/06/15 02:00:31 | 000,000,000 | ---D | C] -- C:\Users\Tendai\Desktop\OpenOffice.org 3.3 (en-GB) Installation Files
[2011/06/15 01:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\TOSHIBA Tempro
[2011/06/15 01:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2011/06/15 01:59:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 4.0
[2011/06/15 01:59:13 | 000,000,000 | ---D | C] -- C:\Windows\Profiles
[2011/06/15 01:58:12 | 000,000,000 | ---D | C] -- C:\My Music
[2011/06/15 01:57:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2011/06/15 01:57:47 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2011/06/15 01:57:46 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2011/06/15 01:57:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2011/06/15 01:57:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba TEMPRO
[2011/06/15 01:57:12 | 000,000,000 | ---D | C] -- C:\Program Files\Toshiba TEMPRO
[2011/06/15 01:56:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2011/06/15 01:55:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead VideoStudio 5.0
[2011/06/15 01:51:52 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Roaming\Adobe
[2011/06/15 01:51:52 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Local\Adobe
[2011/06/15 01:51:17 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Local\Secunia PSI
[2011/06/15 01:51:07 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2011/06/15 01:43:53 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Local\Toshiba
[2011/06/15 01:43:41 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Roaming\ATI
[2011/06/15 01:43:40 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Local\ATI
[2011/06/15 01:43:13 | 000,000,000 | R--D | C] -- C:\Users\Tendai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/06/15 01:43:13 | 000,000,000 | R--D | C] -- C:\Users\Tendai\Searches
[2011/06/15 01:43:13 | 000,000,000 | R--D | C] -- C:\Users\Tendai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/06/15 01:43:03 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Roaming\Identities
[2011/06/15 01:42:59 | 000,000,000 | R--D | C] -- C:\Users\Tendai\Contacts
[2011/06/15 01:42:58 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Local\VirtualStore
[2011/06/15 01:40:36 | 000,000,000 | ---D | C] -- C:\ProgramData\ToshibaEurope
[2011/06/15 01:40:24 | 000,000,000 | -HSD | C] -- C:\Users\Tendai\AppData\Local\Temporary Internet Files
[2011/06/15 01:40:24 | 000,000,000 | -HSD | C] -- C:\Users\Tendai\Templates
[2011/06/15 01:40:24 | 000,000,000 | -HSD | C] -- C:\Users\Tendai\Start Menu
[2011/06/15 01:40:24 | 000,000,000 | -HSD | C] -- C:\Users\Tendai\SendTo
[2011/06/15 01:40:24 | 000,000,000 | -HSD | C] -- C:\Users\Tendai\Recent
[2011/06/15 01:40:24 | 000,000,000 | -HSD | C] -- C:\Users\Tendai\PrintHood
[2011/06/15 01:40:24 | 000,000,000 | -HSD | C] -- C:\Users\Tendai\NetHood
[2011/06/15 01:40:24 | 000,000,000 | -HSD | C] -- C:\Users\Tendai\Documents\My Videos
[2011/06/15 01:40:24 | 000,000,000 | -HSD | C] -- C:\Users\Tendai\Documents\My Pictures
[2011/06/15 01:40:24 | 000,000,000 | -HSD | C] -- C:\Users\Tendai\Documents\My Music
[2011/06/15 01:40:24 | 000,000,000 | -HSD | C] -- C:\Users\Tendai\My Documents
[2011/06/15 01:40:24 | 000,000,000 | -HSD | C] -- C:\Users\Tendai\Local Settings
[2011/06/15 01:40:24 | 000,000,000 | -HSD | C] -- C:\Users\Tendai\AppData\Local\History
[2011/06/15 01:40:24 | 000,000,000 | -HSD | C] -- C:\Users\Tendai\Cookies
[2011/06/15 01:40:24 | 000,000,000 | -HSD | C] -- C:\Users\Tendai\Application Data
[2011/06/15 01:40:24 | 000,000,000 | -HSD | C] -- C:\Users\Tendai\AppData\Local\Application Data
[2011/06/15 01:40:21 | 000,000,000 | --SD | C] -- C:\Users\Tendai\AppData\Roaming\Microsoft
[2011/06/15 01:40:21 | 000,000,000 | R--D | C] -- C:\Users\Tendai\Videos
[2011/06/15 01:40:21 | 000,000,000 | R--D | C] -- C:\Users\Tendai\Saved Games
[2011/06/15 01:40:21 | 000,000,000 | R--D | C] -- C:\Users\Tendai\Pictures
[2011/06/15 01:40:21 | 000,000,000 | R--D | C] -- C:\Users\Tendai\Music
[2011/06/15 01:40:21 | 000,000,000 | R--D | C] -- C:\Users\Tendai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/06/15 01:40:21 | 000,000,000 | R--D | C] -- C:\Users\Tendai\Links
[2011/06/15 01:40:21 | 000,000,000 | R--D | C] -- C:\Users\Tendai\Favorites
[2011/06/15 01:40:21 | 000,000,000 | R--D | C] -- C:\Users\Tendai\Downloads
[2011/06/15 01:40:21 | 000,000,000 | R--D | C] -- C:\Users\Tendai\Documents
[2011/06/15 01:40:21 | 000,000,000 | R--D | C] -- C:\Users\Tendai\Desktop
[2011/06/15 01:40:21 | 000,000,000 | R--D | C] -- C:\Users\Tendai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/06/15 01:40:21 | 000,000,000 | -H-D | C] -- C:\Users\Tendai\AppData
[2011/06/15 01:40:21 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Local\Temp
[2011/06/15 01:40:21 | 000,000,000 | ---D | C] -- C:\Users\Tendai\AppData\Local\Microsoft
[2011/06/02 09:06:58 | 000,125,624 | ---- | C] (COMODO Security Solutions Inc.) -- C:\Windows\System32\drivers\cbufs.sys
[2011/06/02 09:06:38 | 000,570,584 | ---- | C] (COMODO Security Solutions Inc.) -- C:\Windows\System32\drivers\vdbus.sys
[2011/06/02 09:06:32 | 000,429,480 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\System32\drivers\cbreparse.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/29 03:23:08 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/29 03:03:50 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Tendai\Desktop\OTL.scr
[2011/06/29 02:45:36 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/29 02:45:35 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/29 02:22:34 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/28 17:40:25 | 000,002,165 | ---- | M] () -- C:\Users\Tendai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_24.06.2011_17-05.lnk
[2011/06/28 12:58:44 | 000,611,296 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/28 12:58:44 | 000,109,672 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/28 12:45:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/28 12:17:58 | 120,225,783 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/06/27 17:05:20 | 000,000,835 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/06/26 19:18:16 | 000,000,680 | ---- | M] () -- C:\Users\Tendai\AppData\Local\d3d9caps.dat
[2011/06/24 14:36:50 | 099,725,416 | ---- | M] ( ) -- C:\Users\Tendai\Desktop\setup_9.0.0.722_24.06.2011_17-05.exe
[2011/06/24 06:46:42 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2011/06/24 06:37:52 | 000,001,062 | ---- | M] () -- C:\Users\Tendai\Application Data\Microsoft\Internet Explorer\Quick Launch\COMODO GeekBuddy.lnk
[2011/06/24 06:37:52 | 000,001,038 | ---- | M] () -- C:\Users\Public\Desktop\COMODO GeekBuddy.lnk
[2011/06/23 22:35:02 | 000,000,045 | ---- | M] () -- C:\Windows\System32\_WKERNEL.FRE
[2011/06/23 18:55:45 | 000,015,872 | ---- | M] () -- C:\Users\Tendai\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/22 23:36:33 | 000,293,977 | ---- | M] () -- C:\Users\Tendai\Desktop\gmer.zip
[2011/06/22 22:22:28 | 000,001,091 | ---- | M] () -- C:\Users\Tendai\Desktop\AVS4YOU Software Navigator.lnk
[2011/06/22 22:12:52 | 000,001,035 | ---- | M] () -- C:\Users\Tendai\Desktop\AVS Video Converter.lnk
[2011/06/22 03:27:20 | 000,000,924 | ---- | M] () -- C:\Users\Public\Desktop\COMODO BackUp.lnk
[2011/06/22 01:19:38 | 011,415,552 | ---- | M] () -- C:\Users\Tendai\Documents\movie.7.flv
[2011/06/21 23:01:52 | 000,001,815 | ---- | M] () -- C:\Users\Tendai\Application Data\Microsoft\Internet Explorer\Quick Launch\Free YouTube Downloader.lnk
[2011/06/21 23:01:51 | 000,001,791 | ---- | M] () -- C:\Users\Public\Desktop\Free YouTube Downloader.lnk
[2011/06/21 22:58:52 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/21 08:00:24 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/06/20 23:21:39 | 000,008,284 | ---- | M] () -- C:\Windows\System32\eps_icon.avi
[2011/06/20 23:18:08 | 000,000,770 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2011/06/20 03:39:37 | 008,833,024 | ---- | M] () -- C:\Users\Tendai\Documents\Wonderful_World___Sam_Cooke___UPGRADED(1)_DVD_(128x96)__dvd_auto.mpg
[2011/06/20 03:37:24 | 008,974,336 | ---- | M] () -- C:\Users\Tendai\Documents\Tinchy_Stryder_Ft_Amelle_Berrabah___Never_Leave_You_DVD_(128x96)__dvd_auto.mpg
[2011/06/20 03:33:52 | 008,833,024 | ---- | M] () -- C:\Users\Tendai\Documents\Air_Supply_I_m_all_out_of_love_DVD_(128x96)__dvd_auto.mpg
[2011/06/20 03:28:26 | 008,869,888 | ---- | M] () -- C:\Users\Tendai\Documents\Smokey_Robinson___The_Tracks_Of_My_Tears_Live__1965(1)_DVD_(128x96)__dvd_auto.mpg
[2011/06/20 03:23:56 | 016,439,296 | ---- | M] () -- C:\Users\Tendai\Documents\Just_When_I_Needed_You_Most_with_lyrics_DVD_(128x96)__dvd_auto.mpg
[2011/06/20 03:11:38 | 011,190,272 | ---- | M] () -- C:\Users\Tendai\Documents\Adele___Someone_Like_You__Live_On_The_Brit_Awards_2011__15_02_11_DVD_(128x96)__dvd_auto.mpg
[2011/06/18 14:19:49 | 000,132,041 | ---- | M] () -- C:\Users\Tendai\Tindo.jpg
[2011/06/17 16:41:43 | 000,000,948 | ---- | M] () -- C:\Users\Tendai\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/17 16:32:27 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/06/17 16:00:41 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011/06/17 16:00:41 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011/06/17 16:00:21 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011/06/17 11:18:17 | 000,282,112 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/06/17 11:05:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2011/06/17 00:38:46 | 000,000,943 | ---- | M] () -- C:\Users\Tendai\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/06/16 22:19:47 | 000,000,309 | ---- | M] () -- C:\Users\Tendai\AppData\Local\HamsterVideoConverterSettings.cfg
[2011/06/16 17:44:52 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2011/06/16 17:44:47 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2011/06/16 01:52:08 | 000,000,835 | ---- | M] () -- C:\Users\Tendai\Desktop\JDownloader.lnk
[2011/06/16 00:52:42 | 000,001,033 | ---- | M] () -- C:\Users\Tendai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2011/06/15 20:40:23 | 000,001,638 | ---- | M] () -- C:\Users\Tendai\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2011/06/15 20:40:23 | 000,001,638 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2011/06/15 16:23:53 | 000,001,594 | ---- | M] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2011/06/15 15:52:54 | 000,001,820 | ---- | M] () -- C:\Windows\System32\rasctrnm.h
[2011/06/15 15:39:29 | 002,501,921 | ---- | M] () -- C:\Windows\System32\wlan.tmf
[2011/06/15 15:39:22 | 000,015,181 | ---- | M] () -- C:\Windows\System32\gatherWirelessInfo.vbs
[2011/06/15 13:27:24 | 021,495,808 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2011/06/15 13:27:24 | 000,131,072 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2011/06/15 13:27:24 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2011/06/15 03:08:56 | 000,000,751 | ---- | M] () -- C:\Windows\Ulead32.ini
[2011/06/15 02:55:53 | 000,183,446 | ---- | M] () -- C:\Windows\EPSTPLOG.BAK
[2011/06/15 02:48:31 | 000,000,027 | ---- | M] () -- C:\Windows\CDE RX640E.ini
[2011/06/15 02:33:03 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2011/06/15 02:32:47 | 000,000,835 | ---- | M] () -- C:\Users\Tendai\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/15 02:32:47 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/06/15 02:29:24 | 000,000,000 | RHS- | M] () -- C:\Windows\System32\drivers\TOSHIBA_Satellite L30_04822-EN_PSL33E-02902.MRK
[2011/06/15 02:26:16 | 000,001,691 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/06/15 02:22:10 | 000,001,857 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/06/15 02:10:55 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
[2011/06/15 02:06:32 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdFs_01_00_00.Wdf
[2011/06/15 01:59:16 | 000,001,005 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat Reader 4.0.lnk
[2011/06/15 01:58:11 | 000,001,774 | ---- | M] () -- C:\Users\Public\Desktop\Take5.lnk
[2011/06/15 01:58:11 | 000,000,836 | ---- | M] () -- C:\Users\Tendai\Application Data\Microsoft\Internet Explorer\Quick Launch\RealPlayer Basic.lnk
[2011/06/15 01:58:11 | 000,000,812 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer Basic.lnk
[2011/06/15 01:57:46 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2011/06/15 01:57:17 | 000,001,673 | ---- | M] () -- C:\Users\Public\Desktop\Toshiba TEMPRO Alerts.lnk
[2011/06/15 01:55:24 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2011/06/15 01:55:12 | 000,000,028 | ---- | M] () -- C:\Windows\Msdevctl.ini
[2011/06/15 01:55:05 | 000,000,877 | ---- | M] () -- C:\Users\Public\Desktop\Ulead VideoStudio 5.0 DV.lnk
[2011/06/15 01:51:11 | 000,000,864 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/06/02 09:07:06 | 000,075,160 | ---- | M] () -- C:\Windows\System32\drivers\bdisk.sys
[2011/06/02 09:06:58 | 000,125,624 | ---- | M] (COMODO Security Solutions Inc.) -- C:\Windows\System32\drivers\cbufs.sys
[2011/06/02 09:06:48 | 000,430,528 | ---- | M] () -- C:\Windows\System32\drivers\CBVD.sys
[2011/06/02 09:06:38 | 000,570,584 | ---- | M] (COMODO Security Solutions Inc.) -- C:\Windows\System32\drivers\vdbus.sys
[2011/06/02 09:06:32 | 000,429,480 | ---- | M] (Windows ® Win 7 DDK provider) -- C:\Windows\System32\drivers\cbreparse.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/28 17:40:25 | 000,002,165 | ---- | C] () -- C:\Users\Tendai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_24.06.2011_17-05.lnk
[2011/06/28 12:17:58 | 120,225,783 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/06/27 17:05:20 | 000,000,835 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/06/26 19:18:16 | 000,000,680 | ---- | C] () -- C:\Users\Tendai\AppData\Local\d3d9caps.dat
[2011/06/24 06:46:42 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2011/06/24 06:37:52 | 000,001,062 | ---- | C] () -- C:\Users\Tendai\Application Data\Microsoft\Internet Explorer\Quick Launch\COMODO GeekBuddy.lnk
[2011/06/24 06:37:52 | 000,001,038 | ---- | C] () -- C:\Users\Public\Desktop\COMODO GeekBuddy.lnk
[2011/06/23 22:10:33 | 000,000,045 | ---- | C] () -- C:\Windows\System32\_WKERNEL.FRE
[2011/06/23 22:03:03 | 000,000,439 | ---- | C] () -- C:\Windows\System32\shfolder.inf
[2011/06/22 23:36:30 | 000,293,977 | ---- | C] () -- C:\Users\Tendai\Desktop\gmer.zip
[2011/06/22 22:22:28 | 000,001,091 | ---- | C] () -- C:\Users\Tendai\Desktop\AVS4YOU Software Navigator.lnk
[2011/06/22 22:12:52 | 000,001,035 | ---- | C] () -- C:\Users\Tendai\Desktop\AVS Video Converter.lnk
[2011/06/22 03:27:20 | 000,000,924 | ---- | C] () -- C:\Users\Public\Desktop\COMODO BackUp.lnk
[2011/06/22 03:26:09 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2011/06/22 01:17:55 | 011,415,552 | ---- | C] () -- C:\Users\Tendai\Documents\movie.7.flv
[2011/06/21 23:01:52 | 000,001,815 | ---- | C] () -- C:\Users\Tendai\Application Data\Microsoft\Internet Explorer\Quick Launch\Free YouTube Downloader.lnk
[2011/06/21 23:01:51 | 000,001,791 | ---- | C] () -- C:\Users\Public\Desktop\Free YouTube Downloader.lnk
[2011/06/21 22:58:52 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/21 07:40:11 | 000,001,813 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/06/20 03:37:25 | 008,833,024 | ---- | C] () -- C:\Users\Tendai\Documents\Wonderful_World___Sam_Cooke___UPGRADED(1)_DVD_(128x96)__dvd_auto.mpg
[2011/06/20 03:33:52 | 008,974,336 | ---- | C] () -- C:\Users\Tendai\Documents\Tinchy_Stryder_Ft_Amelle_Berrabah___Never_Leave_You_DVD_(128x96)__dvd_auto.mpg
[2011/06/20 03:28:26 | 008,833,024 | ---- | C] () -- C:\Users\Tendai\Documents\Air_Supply_I_m_all_out_of_love_DVD_(128x96)__dvd_auto.mpg
[2011/06/20 03:23:56 | 008,869,888 | ---- | C] () -- C:\Users\Tendai\Documents\Smokey_Robinson___The_Tracks_Of_My_Tears_Live__1965(1)_DVD_(128x96)__dvd_auto.mpg
[2011/06/20 03:11:38 | 016,439,296 | ---- | C] () -- C:\Users\Tendai\Documents\Just_When_I_Needed_You_Most_with_lyrics_DVD_(128x96)__dvd_auto.mpg
[2011/06/20 02:55:38 | 011,190,272 | ---- | C] () -- C:\Users\Tendai\Documents\Adele___Someone_Like_You__Live_On_The_Brit_Awards_2011__15_02_11_DVD_(128x96)__dvd_auto.mpg
[2011/06/18 14:19:49 | 000,132,041 | ---- | C] () -- C:\Users\Tendai\Tindo.jpg
[2011/06/17 16:32:27 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/06/17 16:00:21 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/06/17 11:05:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2011/06/17 09:56:16 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011/06/17 09:56:13 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2011/06/17 09:56:01 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2011/06/17 09:55:58 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/06/17 09:55:57 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/06/17 09:55:52 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2011/06/17 09:55:45 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2011/06/17 09:55:23 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2011/06/17 09:55:20 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2011/06/17 09:54:22 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2011/06/17 09:54:15 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2011/06/17 00:38:46 | 000,000,943 | ---- | C] () -- C:\Users\Tendai\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/06/16 23:16:32 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/06/16 23:16:03 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2011/06/16 22:51:06 | 000,364,544 | ---- | C] () -- C:\Windows\System32\PropertyGrid.ocx
[2011/06/16 22:51:06 | 000,208,500 | ---- | C] () -- C:\Windows\System32\ReyXpBasics.tlb
[2011/06/16 22:51:01 | 000,024,576 | ---- | C] () -- C:\Windows\System32\ControlSubX.ocx
[2011/06/16 22:19:45 | 000,000,309 | ---- | C] () -- C:\Users\Tendai\AppData\Local\HamsterVideoConverterSettings.cfg
[2011/06/16 22:02:11 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/06/16 22:02:11 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/06/16 22:02:10 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/06/16 18:37:15 | 000,000,954 | ---- | C] () -- C:\Users\Tendai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/06/16 14:46:23 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs
[2011/06/16 14:46:21 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc
[2011/06/16 14:46:16 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc
[2011/06/16 01:52:08 | 000,000,835 | ---- | C] () -- C:\Users\Tendai\Desktop\JDownloader.lnk
[2011/06/16 00:52:42 | 000,001,033 | ---- | C] () -- C:\Users\Tendai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2011/06/15 20:40:23 | 000,001,638 | ---- | C] () -- C:\Users\Tendai\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2011/06/15 20:40:23 | 000,001,638 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk
[2011/06/15 20:40:23 | 000,001,638 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
[2011/06/15 16:23:53 | 000,001,594 | ---- | C] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2011/06/15 15:52:54 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h
[2011/06/15 15:39:29 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2011/06/15 15:39:22 | 000,015,181 | ---- | C] () -- C:\Windows\System32\gatherWirelessInfo.vbs
[2011/06/15 13:19:17 | 021,495,808 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2011/06/15 13:19:17 | 000,131,072 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2011/06/15 13:19:17 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2011/06/15 02:52:27 | 000,008,284 | ---- | C] () -- C:\Windows\System32\eps_icon.avi
[2011/06/15 02:52:26 | 000,183,446 | ---- | C] () -- C:\Windows\EPSTPLOG.BAK
[2011/06/15 02:49:59 | 000,000,770 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2011/06/15 02:48:31 | 000,000,027 | ---- | C] () -- C:\Windows\CDE RX640E.ini
[2011/06/15 02:33:03 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/06/15 02:32:47 | 000,000,835 | ---- | C] () -- C:\Users\Tendai\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/15 02:32:47 | 000,000,823 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/06/15 02:32:47 | 000,000,811 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/06/15 02:29:43 | 000,041,231 | ---- | C] () -- C:\Windows\System32\netathr.inf
[2011/06/15 02:29:43 | 000,020,860 | ---- | C] () -- C:\Windows\System32\athrext.cat
[2011/06/15 02:29:24 | 000,000,000 | RHS- | C] () -- C:\Windows\System32\drivers\TOSHIBA_Satellite L30_04822-EN_PSL33E-02902.MRK
[2011/06/15 02:26:16 | 000,001,691 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/06/15 02:22:10 | 000,001,857 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/06/15 02:22:09 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/06/15 02:18:02 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/15 02:17:59 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/15 02:10:55 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
[2011/06/15 01:59:49 | 000,015,872 | ---- | C] () -- C:\Users\Tendai\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/15 01:59:16 | 000,001,005 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat Reader 4.0.lnk
[2011/06/15 01:58:11 | 000,001,774 | ---- | C] () -- C:\Users\Public\Desktop\Take5.lnk
[2011/06/15 01:58:11 | 000,000,836 | ---- | C] () -- C:\Users\Tendai\Application Data\Microsoft\Internet Explorer\Quick Launch\RealPlayer Basic.lnk
[2011/06/15 01:58:11 | 000,000,812 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer Basic.lnk
[2011/06/15 01:57:33 | 000,001,673 | ---- | C] () -- C:\Users\Public\Desktop\Toshiba TEMPRO Alerts.lnk
[2011/06/15 01:55:12 | 000,000,751 | ---- | C] () -- C:\Windows\Ulead32.ini
[2011/06/15 01:55:12 | 000,000,028 | ---- | C] () -- C:\Windows\Msdevctl.ini
[2011/06/15 01:55:05 | 000,000,877 | ---- | C] () -- C:\Users\Public\Desktop\Ulead VideoStudio 5.0 DV.lnk
[2011/06/15 01:51:11 | 000,000,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/06/15 01:51:11 | 000,000,827 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2011/06/15 01:45:43 | 000,000,948 | ---- | C] () -- C:\Users\Tendai\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/15 01:43:12 | 000,000,949 | ---- | C] () -- C:\Users\Tendai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/06/15 01:42:59 | 000,000,880 | ---- | C] () -- C:\Users\Tendai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/06/15 01:40:22 | 000,000,258 | ---- | C] () -- C:\Users\Tendai\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/06/15 01:40:22 | 000,000,240 | ---- | C] () -- C:\Users\Tendai\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/06/02 09:07:06 | 000,075,160 | ---- | C] () -- C:\Windows\System32\drivers\bdisk.sys
[2011/06/02 09:06:48 | 000,430,528 | ---- | C] () -- C:\Windows\System32\drivers\CBVD.sys
[2006/12/20 13:47:38 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2006/12/20 13:47:38 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2006/12/20 13:47:38 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2006/12/20 13:47:38 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2006/12/20 13:47:38 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2006/12/20 13:47:38 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2006/12/20 13:33:16 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2006/12/20 13:19:59 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2006/12/20 13:19:59 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2006/12/20 13:19:59 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2006/12/20 13:19:59 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2006/12/20 13:15:15 | 000,049,152 | ---- | C] () -- C:\Windows\System32\ChCfg.exe
[2006/12/20 12:50:23 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2006/12/20 12:49:23 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2006/12/20 12:49:23 | 000,138,101 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/02 13:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:44:53 | 000,282,112 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 11:33:01 | 000,611,296 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,109,672 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/06/29 06:16:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL
[1995/10/21 10:37:52 | 000,035,328 | ---- | C] () -- C:\Windows\System32\INETWH32.DLL
[1995/10/21 10:37:52 | 000,035,328 | ---- | C] () -- C:\Windows\INETWH32.DLL

========== LOP Check ==========

[2011/06/27 17:16:08 | 000,000,000 | ---D | M] -- C:\Users\Tendai\AppData\Roaming\AVG10
[2011/06/24 03:34:22 | 000,000,000 | ---D | M] -- C:\Users\Tendai\AppData\Roaming\Azureus
[2011/06/16 22:52:10 | 000,000,000 | ---D | M] -- C:\Users\Tendai\AppData\Roaming\FreeFLVConverter
[2011/06/16 00:02:20 | 000,000,000 | ---D | M] -- C:\Users\Tendai\AppData\Roaming\InterVideo
[2011/06/16 00:50:38 | 000,000,000 | ---D | M] -- C:\Users\Tendai\AppData\Roaming\OpenOffice.org
[2011/06/15 03:51:25 | 000,000,000 | ---D | M] -- C:\Users\Tendai\AppData\Roaming\Toshiba
[2011/06/16 17:07:22 | 000,000,000 | ---D | M] -- C:\Users\Tendai\AppData\Roaming\Ulead Systems
[2011/06/28 12:43:16 | 000,021,756 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/06/15 14:40:09 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2011/06/15 14:40:08 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2011/06/15 14:40:08 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2011/06/15 15:43:09 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2011/06/15 15:43:08 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2011/06/15 14:40:09 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SVCHOST.EXE >
[2006/11/02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008/01/19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006/11/02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/06/22 22:01:40 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/06/22 22:01:40 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/06/22 22:01:40 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/06/22 22:01:48 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/06/22 22:01:48 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/06/22 22:01:48 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/06/17 16:00:21 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/06/17 16:00:21 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/06/17 16:00:21 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/06/17 16:00:22 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/06/17 16:00:22 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/06/22 22:01:40 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/06/22 22:01:40 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/06/22 22:01:40 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/06/22 22:01:48 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/06/22 22:01:48 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/06/22 22:01:48 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/06/17 16:00:21 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/06/17 16:00:21 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/06/17 16:00:21 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/06/17 16:00:22 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/06/17 16:00:22 | 000,748,336 | ---- | M] (Microsoft Corporation)

< End of report >

OTL Extras logfile created on: 29/06/2011 03:07:10 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Tendai\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.87 Gb Total Physical Memory | 0.63 Gb Available Physical Memory | 33.59% Memory free
3.98 Gb Paging File | 1.75 Gb Available in Paging File | 44.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 54.42 Gb Total Space | 17.87 Gb Free Space | 32.83% Space Free | Partition Type: NTFS

Computer Name: TENDAI-PC | User Name: Tendai | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08E57A90-6E20-4305-9D96-D89F1685332A}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{24EAFC99-BAAF-4C68-8943-FF3A5BB52FA1}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{4BEC0022-D37F-4A2E-815D-149B2320E537}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{76390BE3-E10C-44B8-9826-CA471CA256FF}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{94384CFC-DCAD-417D-9F01-1014C8409622}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{A54DEE76-EEAF-4973-B404-FA8C4721C2C7}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{A9E9E514-59A7-43F8-AA08-142C269FD5B2}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{CB139A5A-F873-4E00-9D86-EAD8D5EB13AE}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"TCP Query User{3C966334-DCDA-48F9-A136-0CE4117D060E}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{4AC01A88-0E24-4731-85F6-826309808EE7}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{74DCE256-EA8D-4EEE-B700-C936F110A340}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{A7931ECE-D7F7-42F6-B274-704C9541590F}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0F4F4815-76AD-4B26-8763-72F3344041C2}" = TOSHIBA Manuals
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for TOSHIBA
"{228814B2-6A64-4AD5-8D2D-4E2188DEB191}" = AVG 2011
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{27113CA3-36B8-48AB-A419-79CF1FC0ECED}" = Ulead VideoStudio 5.0 DV
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{2BA8A909-F17C-4AE5-85C1-9107B7A60D26}" = Toshiba TEMPRO
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{44FEBA8C-2C89-E2A9-1423-AE5E5A42F472}" = ATI Catalyst Control Center Ex
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{82AF3E91-57E1-4754-84D0-40A46E2479AB}" = OpenOffice.org 3.3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{98708E86-46E1-479D-B897-9802E591E762}" = TOSHIBA Volume Indicator
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1" = Free YouTube Downloader 3.2.79
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{AD13BFB0-FDD2-4AFA-A8AF-9F4A950D56B7}" = ArcSoft Camera Suite 1.3
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}" = COMODO BackUp
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{BE998F99-4CEB-4E64-B717-493A2E9797F4}" = TOSHIBA Supervisor Password
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DB90FF25-9932-48F2-B643-1802F1864FAF}" = AVG 2011
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{EB0B41B1-E84F-483C-91FF-BB83019EE127}" = TOSHIBA Hardware Setup
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"8461-7759-5462-8226" = Vuze
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = TOSHIBA Software Modem
"AVG" = AVG 2011
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"COMODO GeekBuddy" = COMODO GeekBuddy
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for TOSHIBA
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{98708E86-46E1-479D-B897-9802E591E762}" = TOSHIBA Volume Indicator
"InstallShield_{BE998F99-4CEB-4E64-B717-493A2E9797F4}" = TOSHIBA Supervisor Password
"InstallShield_{EB0B41B1-E84F-483C-91FF-BB83019EE127}" = TOSHIBA Hardware Setup
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 5.0 (x86 en-GB)" = Mozilla Firefox 5.0 (x86 en-GB)
"RealPlayer 6.0" = RealPlayer Basic
"Secunia PSI" = Secunia PSI (2.0.0.3003)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Windows Media Encoder 9" = Windows Media Encoder 9 Series

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 22/06/2011 19:16:19 | Computer Name = Tendai-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 22/06/2011 19:28:47 | Computer Name = Tendai-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 22/06/2011 19:35:04 | Computer Name = Tendai-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 22/06/2011 19:56:01 | Computer Name = Tendai-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 5.0.0.4183 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 46c Start Time: 01cc311f9cf1736c Termination Time: 5393

Error - 22/06/2011 20:40:08 | Computer Name = Tendai-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 22/06/2011 20:40:08 | Computer Name = Tendai-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 22/06/2011 20:40:10 | Computer Name = Tendai-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 23/06/2011 05:31:27 | Computer Name = Tendai-PC | Source = Application Error | ID = 1000
Description = Faulting application wmplayer.exe, version 11.0.6002.18311, time stamp
0x4c8e2d72, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0xaa000080, process id 0x15f8, application start time
0x01cc31884d5f8d52.

Error - 23/06/2011 05:32:29 | Computer Name = Tendai-PC | Source = Application Error | ID = 1000
Description = Faulting application wmplayer.exe, version 11.0.6002.18311, time stamp
0x4c8e2d72, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0xaa000080, process id 0x17f8, application start time
0x01cc3188756c163a.

Error - 23/06/2011 12:57:33 | Computer Name = Tendai-PC | Source = Application Error | ID = 1000
Description = Faulting application DVDMF.exe, version 5.0.0.0, time stamp 0x455bd7f1,
faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code
0xc0000005, fault offset 0x5c8ebb89, process id 0x9f4, application start time 0x01cc31c584d0c818.

[ System Events ]
Error - 16/06/2011 13:24:20 | Computer Name = Tendai-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 16/06/2011 13:24:20 | Computer Name = Tendai-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 16/06/2011 13:24:21 | Computer Name = Tendai-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 16/06/2011 13:24:21 | Computer Name = Tendai-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 16/06/2011 13:24:22 | Computer Name = Tendai-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 16/06/2011 13:24:22 | Computer Name = Tendai-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 16/06/2011 13:24:22 | Computer Name = Tendai-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 16/06/2011 13:24:22 | Computer Name = Tendai-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 16/06/2011 13:26:56 | Computer Name = Tendai-PC | Source = DCOM | ID = 10010
Description =

Error - 16/06/2011 13:30:33 | Computer Name = Tendai-PC | Source = Microsoft-Windows-Eventlog | ID = 30
Description =

< End of report >

#4
maliprog

Posted 29 June 2011 - 12:28 PM

Trusted Helper

Malware Removal
6,172 posts

OK. Post GMER log when it finish the scan.

#5
Africanlion

Posted 29 June 2011 - 02:18 PM

Member

Topic Starter
Member
108 posts

Hi maliprog, tried to post my GMER log but its being refused as being too long/too big for one post

#6
Africanlion

Posted 29 June 2011 - 04:05 PM

Member

Topic Starter
Member
108 posts

GMER 1.0.15.15640 - http://www.gmer.net
Rootkit scan 2011-06-29 21:12:39
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 FUJITSU_MHV2060BH_PL rev.0000002A
Running: gmer.exe; Driver: C:\Users\Tendai\AppData\Local\Temp\kgliipob.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAdjustPrivilegesToken [0x8CD6AE02]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAlpcConnectPort [0x8CD6C3AA]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAlpcCreatePort [0x8CD6AFEE]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwConnectPort [0x8CD6A12C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateFile [0x8CD6AA68]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreatePort [0x8CD6A00C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSection [0x8CD6A7FC]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSymbolicLinkObject [0x8CD6C03C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThread [0x8CD699F8]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwLoadDriver [0x8CD6BA4C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwMakeTemporaryObject [0x8CD6A3F4]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenFile [0x8CD6AC44]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenSection [0x8CD6A698]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRequestWaitReplyPort [0x8CD6B4E8]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSecureConnectPort [0x8CD6B79C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSystemInformation [0x8CD6BD44]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwShutdownSystem [0x8CD6A35E]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSystemDebugControl [0x8CD6A584]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateProcess [0x8CD69E0E]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateThread [0x8CD69BFC]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThreadEx [0x8CD6B0FC]

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!KeInsertQueue + 309 81C74900 4 Bytes [02, AE, D6, 8C]
.text ntoskrnl.exe!KeInsertQueue + 32D 81C74924 8 Bytes [AA, C3, D6, 8C, EE, AF, D6, ...]
.text ntoskrnl.exe!KeInsertQueue + 3B1 81C749A8 4 Bytes [2C, A1, D6, 8C]
.text ntoskrnl.exe!KeInsertQueue + 3C9 81C749C0 4 Bytes [68, AA, D6, 8C]
.text ntoskrnl.exe!KeInsertQueue + 3F5 81C749EC 4 Bytes [0C, A0, D6, 8C]
.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] shell32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] shell32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] shell32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] shell32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] WS2_32.dll!WSASocketW 755634EB 7 Bytes JMP 10027970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] WS2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 10027990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] WS2_32.dll!WSASocketW 755634EB 7 Bytes JMP 10027970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] WS2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 10027990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtAlpcSendWaitReceivePort 76E240C4 5 Bytes JMP 100285E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] WS2_32.dll!WSASocketW 755634EB 7 Bytes JMP 10027970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] WS2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 10027990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] WS2_32.dll!WSASocketW 755634EB 7 Bytes JMP 10027970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] WS2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 10027990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1056] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 005166A0 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1056] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 0052E5C0 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] WININET.dll!InternetConnectA 76C05456 5 Bytes JMP 100279D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] WININET.dll!InternetConnectW 76C05AD2 5 Bytes JMP 100279B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] WS2_32.dll!WSASocketW 755634EB 7 Bytes JMP 10027970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] WS2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 10027990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] shell32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] shell32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] shell32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] shell32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 003D5680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 003CCF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 003D7D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 003D7E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtClose 76E24164 5 Bytes JMP 003CCE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 003D7E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 003D7ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 003D7EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 003D7E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 003D74E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 003D7E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 003D7DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 003D7490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 003D7DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 003D7DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 003D7E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 003D7530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 003D26F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 003D3280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 003D7A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 003D7CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 003D7BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 003D7C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 003D7C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 003D7B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 003D7B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 003D7B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 003D7BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 003D7D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 003D7AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 003D7D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 003D7AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 003D7D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 003D7B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 003D7AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 003D7CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 003D7CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 003D7BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 003D7B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 003D7C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 003D7C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 003D7C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 003D7A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 003D7D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] USER32.dll!EndTask 7550AD32 5 Bytes JMP 003DDFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 003D1B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 003D1220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 003DE1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 003DE420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] WS2_32.dll!WSASocketW 755634EB 7 Bytes JMP 003D7970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] WS2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 003D7990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 003D7A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 003D79F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 003D7A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 003D7A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] WININET.dll!InternetConnectA 76C05456 5 Bytes JMP 003D79D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)

#7
Africanlion

Posted 29 June 2011 - 04:06 PM

Member

Topic Starter
Member
108 posts

.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] WININET.dll!InternetConnectW 76C05AD2 5 Bytes JMP 003D79B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] shell32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] shell32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] shell32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1664] shell32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1728] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1776] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1784] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] KERNEL32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] shell32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] shell32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] shell32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] shell32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] WS2_32.dll!WSASocketW 755634EB 7 Bytes JMP 10027970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe[1824] WS2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 10027990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 00465680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 0045CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 00467D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 00467E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ntdll.dll!NtClose 76E24164 5 Bytes JMP 0045CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 00467E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 00467ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 00467EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 00467E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 004674E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 00467E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 00467DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 00467490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 00467DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 00467DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 00467E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 00467530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 004626F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 00463280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 00467A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 00467CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 00467BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 00467C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 00467C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 00467B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 00467B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 00467B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 00467BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 00467D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 00467AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 00467D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 00467AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 00467D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 00467B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 00467AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 00467CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 00467CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 00467BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 00467B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 00467C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 00467C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 00467C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 00467A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 00467D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] USER32.dll!EndTask 7550AD32 5 Bytes JMP 0046DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 00461B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 00461220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 0046E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 0046E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] WS2_32.dll!WSASocketW 755634EB 7 Bytes JMP 00467970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] WS2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 00467990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 00467A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 004679F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 00467A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 00467A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] WININET.dll!InternetConnectA 76C05456 5 Bytes JMP 004679D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2076] WININET.dll!InternetConnectW 76C05AD2 5 Bytes JMP 004679B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] WININET.dll!InternetConnectA 76C05456 5 Bytes JMP 100279D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\COSService.exe[2100] WININET.dll!InternetConnectW 76C05AD2 5 Bytes JMP 100279B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2136] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2172] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)

#8
Africanlion

Posted 29 June 2011 - 04:11 PM

Member

Topic Starter
Member
108 posts

.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2220] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2244] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] WININET.dll!InternetConnectA 76C05456 5 Bytes JMP 100279D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] WININET.dll!InternetConnectW 76C05AD2 5 Bytes JMP 100279B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\PSIA.exe[2264] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 003C5680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 003BCF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 003C7D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 003C7E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ntdll.dll!NtClose 76E24164 5 Bytes JMP 003BCE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 003C7E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 003C7ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 003C7EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 003C7E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 003C74E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 003C7E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 003C7DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 003C7490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 003C7DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 003C7DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 003C7E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 003C7530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 003C26F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 003C3280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 003C7A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 003C7CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 003C7BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 003C7C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 003C7C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 003C7B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 003C7B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 003C7B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 003C7BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 003C7D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 003C7AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 003C7D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 003C7AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 003C7D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 003C7B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 003C7AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 003C7CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 003C7CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 003C7BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 003C7B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 003C7C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 003C7C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 003C7C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 003C7A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 003C7D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] USER32.dll!EndTask 7550AD32 5 Bytes JMP 003CDFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 003C1B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 003C1220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 003CE1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Utilities\VolControl.exe[2312] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 003CE420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2368] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] WININET.dll!InternetConnectA 76C05456 5 Bytes JMP 100279D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe[2408] WININET.dll!InternetConnectW 76C05AD2 5 Bytes JMP 100279B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] KERNEL32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] shell32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] shell32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] shell32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] shell32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproSvc.exe[2456] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2492] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2528] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[2696] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2728] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\TODDSrv.exe[2904] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 00285680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 0027CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 00287D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 00287E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ntdll.dll!NtClose 76E24164 5 Bytes JMP 0027CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 00287E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 00287ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 00287EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 00287E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 002874E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 00287E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 00287DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 00287490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 00287DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 00287DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 00287E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 00287530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 002826F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 00283280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 00287A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 00287CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 00287BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 00287C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 00287C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 00287B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 00287B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 00287B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 00287BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 00287D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 00287AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 00287D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 00287AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 00287D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 00287B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 00287AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 00287CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 00287CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 00287BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 00287B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 00287C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 00287C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 00287C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 00287A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 00287D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 00281B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 00281220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] USER32.dll!EndTask 7550AD32 5 Bytes JMP 0028DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 00287A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 002879F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 00287A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 00287A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 0028E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2924] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 0028E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ntdll.dll!NtCreateFile 76E24224 5

#9
Africanlion

Posted 29 June 2011 - 04:12 PM

Member

Topic Starter
Member
108 posts

Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] shell32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] shell32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] shell32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wuauclt.exe[2944] shell32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[2992] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[3016] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] WS2_32.dll!WSASocketW 755634EB 7 Bytes JMP 10027970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3036] WS2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 10027990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] KERNEL32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] shell32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] shell32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] shell32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] shell32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe[3160] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[3488] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 0074A730 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\sua.exe[3528] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] KERNEL32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] shell32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] shell32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] shell32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] shell32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ws2_32.dll!WSASocketW 755634EB 7 Bytes JMP 10027970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE[3556] ws2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 10027990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[3756] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 003C5680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 003BCF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 003C7D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 003C7E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] ntdll.dll!NtClose 76E24164 5 Bytes JMP 003BCE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 003C7E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 003C7ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 003C7EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 003C7E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 003C74E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 003C7E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 003C7DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 003C7490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 003C7DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 003C7DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 003C7E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 003C7530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 003C26F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 003C3280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 003C7A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 003C7CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 003C7BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 003C7C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 003C7C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 003C7B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 003C7B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 003C7B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 003C7BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 003C7D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 003C7AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 003C7D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 003C7AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 003C7D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 003C7B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 003C7AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 003C7CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 003C7CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 003C7BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 003C7B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 003C7C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 003C7C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 003C7C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 003C7A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 003C7D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 003C1B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 003C1220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] USER32.dll!EndTask 7550AD32 5 Bytes JMP 003CDFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 003C7A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 003C79F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 003C7A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[4000] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 003C7A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe[4016] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] KERNEL32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] shell32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] shell32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] shell32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] shell32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[4024] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] WININET.dll!InternetConnectA 76C05456 5 Bytes JMP 100279D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] WININET.dll!InternetConnectW 76C05AD2 5 Bytes JMP 100279B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] WS2_32.dll!WSASocketW 755634EB 7 Bytes JMP 10027970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe[4060] WS2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 10027990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] shell32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] shell32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] shell32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] shell32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Tendai\Desktop\gmer\gmer.exe[4284] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 00375680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 0036CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 00377D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 00377E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ntdll.dll!NtClose 76E24164 5 Bytes JMP 0036CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 00377E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 00377ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 00377EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 00377E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 003774E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 00377E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 00377DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 00377490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 00377DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 00377DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 00377E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 00377530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 003726F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 00373280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 00377A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 00377CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 00377BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 00377C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 00377C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 00377B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 00377B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 00377B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 00377BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 00377D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 00377AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 00377D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 00377AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 00377D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 00377B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 00377AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 00377CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 00377CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 00377BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 00377B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 00377C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 00377C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 00377C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 00377A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 00377D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 00377A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 003779F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 00377A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 00377A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] USER32.dll!EndTask 7550AD32 5 Bytes JMP 0037DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 00371B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 00371220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 0037E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 0037E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] WS2_32.dll!WSASocketW 755634EB 7 Bytes JMP 00377970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] WS2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 00377990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] WININET.dll!InternetConnectA 76C05456 5 Bytes JMP 003779D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe[4296] WININET.dll!InternetConnectW 76C05AD2 5 Bytes JMP 003779B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] KERNEL32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] shell32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] shell32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] shell32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] shell32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ws2_32.dll!WSASocketW 755634EB 7 Bytes JMP 10027970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4824] ws2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 10027990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] KERNEL32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] shell32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] shell32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] shell32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] shell32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ws2_32.dll!WSASocketW 755634EB 7 Bytes JMP 10027970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[4840] ws2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 10027990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 03C55680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 03C4CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 03C57D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 03C57E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ntdll.dll!NtClose 76E24164 5 Bytes JMP 03C4CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 03C57E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 03C57ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 03C57EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 03C57E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 03C574E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 03C57E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 03C57DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 03C57490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 03C57DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 03C57DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 03C57E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 03C57530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 03C526F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 03C53280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 03C57A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 03C57CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 03C57BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 03C57C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 03C57C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 03C57B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 03C57B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 03C57B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 03C57BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 03C57D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 03C57AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 03C57D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 03C57AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 03C57D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 03C57B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 03C57AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 03C57CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 03C57CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 03C57BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 03C57B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 03C57C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 03C57C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 03C57C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 03C57A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 03C57D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] USER32.dll!EndTask 7550AD32 5 Bytes JMP 03C5DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 03C51B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 03C51220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] WS2_32.dll!WSASocketW 755634EB 7 Bytes JMP 03C57970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] WS2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 03C57990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 03C5E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 03C5E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 03C57A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 03C579F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 03C57A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[5828] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 03C57A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[820] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73D27817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[820] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73D7A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[820] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73D2BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[820] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73D1F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[820] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73D275E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[820] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73D1E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[820] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73D58395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[820] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [73D2DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[820] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73D1FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[820] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73D1FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[820] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73D171CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[820] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [73DACAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[820] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [73D4C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[820] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73D1D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[820] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73D16853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[820] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73D1687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[820] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73D22AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs CBUFS.sys (COMODO Safe Backup/COMODO Security Solutions Inc.)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\tdx \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\tdx \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)

---- EOF - GMER 1.0.15 ----

#10
maliprog

Posted 29 June 2011 - 11:31 PM

Trusted Helper

Malware Removal
6,172 posts

Hi Africanlion,

Step 1

You have more than one antivirus programs on your PC.

COMODO Internet Security and AVG

Please leave only one antivirus protection on your system and remove all other.

Anti-Virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash.

Step 2

Please remove Microsoft Defender

Click Start, Control Panel.
Click Add or Remove Programs.
Click Windows Defender, and click Remove.

Step 3

Please close all running programs and Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {6778613D-616B-4A6C-9856-65DE943CF424} - Reg Error: Key error. File not found
O33 - MountPoints2\{ff4ccecc-a0ed-11e0-80cc-001636deac34}\Shell - "" = AutoRun
O33 - MountPoints2\{ff4ccecc-a0ed-11e0-80cc-001636deac34}\Shell\AutoRun\command - "" = D:\AutoRun.exe

:Commands
[purity]
[Reboot]
Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles

#11
Africanlion

Posted 30 June 2011 - 11:13 AM

Member

Topic Starter
Member
108 posts

========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{6778613D-616B-4A6C-9856-65DE943CF424} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6778613D-616B-4A6C-9856-65DE943CF424}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ff4ccecc-a0ed-11e0-80cc-001636deac34}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ff4ccecc-a0ed-11e0-80cc-001636deac34}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ff4ccecc-a0ed-11e0-80cc-001636deac34}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ff4ccecc-a0ed-11e0-80cc-001636deac34}\ not found.
File D:\AutoRun.exe not found.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.24.1 log created on 06302011_175428

#12
maliprog

Posted 30 June 2011 - 11:43 AM

Trusted Helper

Malware Removal
6,172 posts

Please test your system and report here after this two steps.

Step 1

Go to Start -> My Computer
Right click on C: disk and clik on Properties
Click on tab Tools and click on Check now... button
Check Automatically fix system errors and Scan for and attempt recovery of bad sectors
Click Start button
Confirm schedule disk check next time computer starts with Yes button
Restart your system and wait while system checks your disk for errors

Step 2

Download and run Puran Disc Defragmenter
For the first run I would recommend a boot defrag and disk check

Posted Image

#13
Africanlion

Posted 30 June 2011 - 11:51 AM

Member

Topic Starter
Member
108 posts

Cool. How do i do a boot defrag please

#14
maliprog

Posted 30 June 2011 - 01:54 PM

Trusted Helper

Malware Removal
6,172 posts

See on attached picture. Press Boot Time Defrag button and choose Restart-Defrag-Restart option.

#15
Africanlion

Posted 30 June 2011 - 02:36 PM

Member

Topic Starter
Member
108 posts

Hi there wasnt an attached picture on your last post but i will try to see if i can do the defrag as you describe

In meantime Windows Explorer keeps crashing/freezing. Windows Media Player keeps stopping working everytime i try to use it