GMER 1.0.15.15641 -
http://www.gmer.net
Rootkit scan 2011-10-25 19:14:16
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-1 ST3250820AS rev.3.ADG
Running: mf3q6bjw.exe; Driver: C:\Users\Hussains\AppData\Local\Temp\uxddykoc.sys
---- System - GMER 1.0.15 ----
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwAssignProcessToJobObject [0x8E30EFC0]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwCreateFile [0x8E30FA56]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwDeleteFile [0x8E30FBD4]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwDeleteKey [0x8E31327C]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwDeleteValueKey [0x8E3132AE]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwLoadKey [0x8E313410]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwOpenFile [0x8E30FB2C]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwOpenProcess [0x8E30F104]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwOpenThread [0x8E30F2F6]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwProtectVirtualMemory [0x8E30F428]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwQueryValueKey [0x8E313386]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwRenameKey [0x8E3132F0]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwReplaceKey [0x8E313322]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwRestoreKey [0x8E313354]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwSetContextThread [0x8E30EF66]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwSetInformationFile [0x8E30FC40]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwSetValueKey [0x8E313214]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwSuspendThread [0x8E30EF02]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwTerminateProcess [0x8E30EE56]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwTerminateThread [0x8E30EE9E]
SSDT \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\32029\RapportCerberus32_32029.sys ZwCreateThreadEx [0x8DD1F620]
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!KeSetEvent + 191 82AAE914 4 Bytes [C0, EF, 30, 8E]
.text ntkrnlpa.exe!KeSetEvent + 1D9 82AAE95C 4 Bytes [56, FA, 30, 8E]
.text ntkrnlpa.exe!KeSetEvent + 2D1 82AAEA54 8 Bytes [D4, FB, 30, 8E, 7C, 32, 31, ...] {AAM 0xfb; XOR [ESI-0x71cecd84], CL}
.text ntkrnlpa.exe!KeSetEvent + 2E1 82AAEA64 4 Bytes [AE, 32, 31, 8E]
.text ntkrnlpa.exe!KeSetEvent + 381 82AAEB04 4 Bytes [10, 34, 31, 8E]
.text ...
---- User code sections - GMER 1.0.15 ----
.text C:\Windows\System32\spoolsv.exe[528] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[528] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[528] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[528] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[528] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[528] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[528] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[528] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[528] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[528] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[528] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[528] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[596] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[596] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[596] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[596] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[596] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[596] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[596] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[596] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[596] RPCRT4.dll!RpcServerRegisterIfEx 7685929C 5 Bytes JMP 1001F040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[596] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[596] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[596] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[596] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!RegisterRawInputDevices 764F6161 5 Bytes JMP 10018E40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!SetWindowsHookExA 764F6322 5 Bytes JMP 1001CA60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!SystemParametersInfoA 764F82E1 7 Bytes JMP 1001C5D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!GetAsyncKeyState 764F863C 5 Bytes JMP 10019060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!SetWindowsHookExW 764F87AD 5 Bytes JMP 1001C7F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!SendNotifyMessageW 764F93D6 5 Bytes JMP 1001A0A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!MoveWindow 764F989F 5 Bytes JMP 10018B60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!SetWinEventHook 764F9F3A 5 Bytes JMP 1001C0A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!SetParent 764FA2AA 5 Bytes JMP 100188C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!PostThreadMessageA 764FBD34 5 Bytes JMP 1001B8C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!GetKeyboardState 764FBD7D 5 Bytes JMP 100195C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!RegisterHotKey 764FBDA5 5 Bytes JMP 10018080 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!EnableWindow 764FCD8B 5 Bytes JMP 10017DE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!PostMessageA 764FF8F8 5 Bytes JMP 1001BE00 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!SendMessageA 764FF956 5 Bytes JMP 1001B380 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!SendMessageTimeoutW 7650352D 5 Bytes JMP 1001AB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!SendMessageCallbackW 76504570 5 Bytes JMP 1001A5E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!PostThreadMessageW 76507C8E 5 Bytes JMP 1001B620 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!GetKeyState 76508CB1 5 Bytes JMP 10019310 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!PostMessageW 7650A175 5 Bytes JMP 1001BB60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!SendMessageW 76510AED 5 Bytes JMP 1001B0E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!SystemParametersInfoW 765111D8 7 Bytes JMP 1001C3B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!SendDlgItemMessageA 7651275B 5 Bytes JMP 10019DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!SetClipboardViewer 7651BA2D 5 Bytes JMP 100186C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!SendNotifyMessageA 7651DFCF 5 Bytes JMP 1001A340 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!BlockInput 7651FF0A 5 Bytes JMP 100184C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!SendMessageTimeoutA 76520006 5 Bytes JMP 1001AE20 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!mouse_event 7652044E 5 Bytes JMP 10029650 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!SendDlgItemMessageW 76520E38 5 Bytes JMP 10019B40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!SendInput 76522F75 5 Bytes JMP 10019870 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!GetClipboardData 7653715A 5 Bytes JMP 100182B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!ExitWindowsEx 7653B7C3 5 Bytes JMP 10017BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!keybd_event 7654D972 5 Bytes JMP 10029860 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] USER32.dll!SendMessageCallbackA 76552CA7 5 Bytes JMP 1001A8A0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] GDI32.dll!BitBlt 75DC70A6 5 Bytes JMP 100293C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] GDI32.dll!StretchBlt 75DC93D6 5 Bytes JMP 10028BE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] GDI32.dll!MaskBlt 75DCC5CB 5 Bytes JMP 10029110 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[664] GDI32.dll!PlgBlt 75DDEB50 5 Bytes JMP 10028E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[700] services.exe 00FD1628 4 Bytes [60, E1, 01, 10]
.text C:\Windows\system32\services.exe[700] services.exe 00FD1638 4 Bytes [40, DC, 01, 10]
.text C:\Windows\system32\services.exe[700] services.exe 00FD1658 4 Bytes [80, E4, 01, 10]
.text C:\Windows\system32\services.exe[700] services.exe 00FD1668 4 Bytes [C0, DE, 01, 10]
.text C:\Windows\system32\services.exe[700] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[700] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[700] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[700] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[700] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[700] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[700] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[700] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[700] RPCRT4.dll!RpcServerRegisterIfEx 7685929C 5 Bytes JMP 1001F040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[700] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[700] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[700] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[700] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[716] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[716] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[716] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[716] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[716] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[716] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[716] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[716] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[716] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[716] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[716] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[716] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[724] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[724] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[724] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[724] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[724] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[724] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[724] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[724] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[724] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[724] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[724] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[724] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[908] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[908] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[908] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[908] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[908] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[908] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[908] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[908] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[908] RPCRT4.dll!RpcServerRegisterIfEx 7685929C 5 Bytes JMP 1001F040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[908] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[908] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[908] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[908] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[952] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[952] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[952] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[952] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[952] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[952] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[952] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[952] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[980] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[980] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[980] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[980] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[980] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[980] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[980] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[980] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[980] RPCRT4.dll!RpcServerRegisterIfEx 7685929C 5 Bytes JMP 1001F040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[980] rpcss.dll!WhichService 74E23F84 8 Bytes JMP ED301001
.text C:\Windows\system32\svchost.exe[980] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[980] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[980] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[980] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1016] ntdll.dll!NtAllocateVirtualMemory 77753F84 5 Bytes JMP 00526240 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1016] ntdll.dll!NtCreateFile 77754224 5 Bytes JMP 0053F8A0 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1136] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1136] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1136] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1136] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1136] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1136] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1136] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1136] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1136] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1136] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1136] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1136] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1200] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1200] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1200] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1200] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1200] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1200] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1200] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1200] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1200] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1200] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1200] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1200] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[1260] ntdll.dll!KiUserApcDispatcher 77755B48 5 Bytes JMP 00414DC0 C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (RapportMgmtService/Trusteer Ltd.)
.text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[1260] kernel32.dll!LoadLibraryExW + 173 775193EF 4 Bytes JMP 71AA000A
.text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[1260] WS2_32.dll!getaddrinfo 778C418A 5 Bytes JMP 71A40022
.text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[1260] WS2_32.dll!gethostbyname 778D62D4 5 Bytes JMP 71AD0022
.text C:\Windows\System32\svchost.exe[1352] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1352] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1352] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1352] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1352] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1352] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1352] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1352] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1352] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1352] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1352] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1352] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1380] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1380] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1380] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1380] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1380] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1380] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1380] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1380] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1380] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1380] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1380] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1380] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1392] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1392] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1392] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1392] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1392] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1392] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1392] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1392] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1392] RPCRT4.dll!RpcServerRegisterIfEx 7685929C 5 Bytes JMP 1001F040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1392] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1392] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1392] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1392] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1504] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1504] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1504] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1504] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1504] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1504] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1504] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1504] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1504] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1504] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1504] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1504] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[1600] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[1600] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[1600] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[1600] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[1600] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[1600] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[1600] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[1600] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[1600] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[1600] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[1600] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[1600] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1608] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1608] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1608] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1608] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1608] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1608] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1608] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1608] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1608] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1608] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1608] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1608] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1672] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1672] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1672] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1672] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1672] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1672] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1672] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1672] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1672] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1672] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1672] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1672] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[1740] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[1740] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[1740] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[1740] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[1740] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[1740] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[1740] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[1740] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[1740] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[1740] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[1740] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\nvvsvc.exe[1740] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[1992] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[1992] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[1992] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[1992] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[1992] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[1992] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[1992] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[1992] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[1992] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[1992] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[1992] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[1992] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2188] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2188] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2188] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2188] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2188] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2188] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2188] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2188] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2188] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2188] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2188] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2188] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[2228] ntdll.dll!KiUserApcDispatcher 77755B48 5 Bytes JMP 00443F50 C:\Program Files\Trusteer\Rapport\bin\RapportService.exe (RapportService/Trusteer Ltd.)
.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[2228] kernel32.dll!LoadLibraryExW + 173 775193EF 4 Bytes JMP 71AC000A
.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[2228] USER32.dll!InSendMessageEx + 3B1 764FE6B0 6 Bytes JMP 71AE001E
.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[2228] WS2_32.dll!getaddrinfo 778C418A 5 Bytes JMP 71A20022
.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[2228] WS2_32.dll!gethostbyname 778D62D4 5 Bytes JMP 71A60022
.text C:\Windows\RtHDVCpl.exe[2312] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2312] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2312] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2312] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2312] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2312] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2312] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2312] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2312] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2312] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2312] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtHDVCpl.exe[2312] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2360] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2360] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2360] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2360] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2360] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2360] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2360] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2360] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2360] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2360] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2360] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[2360] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2412] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2412] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2412] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2412] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2412] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2412] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2412] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2412] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2412] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2412] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2412] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2412] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe[2416] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe[2416] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe[2416] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe[2416] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe[2416] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe[2416] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe[2416] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe[2416] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe[2416] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe[2416] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe[2416] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe[2416] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[2428] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[2428] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[2428] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[2428] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[2428] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[2428] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[2428] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[2428] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[2428] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[2428] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[2428] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[2428] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] ntdll.dll!NtAllocateVirtualMemory 77753F84 5 Bytes JMP 0076BD10 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[2448] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[2448] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[2448] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[2448] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[2448] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[2448] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[2448] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[2448] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[2448] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[2448] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[2448] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[2448] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2472] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2472] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2472] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2472] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2472] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2472] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2472] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2472] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2472] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2472] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2472] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iTunes\iTunesHelper.exe[2472] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2484] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2484] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2484] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2484] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2484] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2484] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2484] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2484] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2484] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2484] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2484] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[2484] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2564] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2564] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2564] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2564] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2564] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2564] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2564] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2564] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2564] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2564] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2564] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2564] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2620] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2620] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2620] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2620] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2620] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2620] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2620] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2620] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2620] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2620] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2620] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2620] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[2636] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[2636] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[2636] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[2636] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[2636] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[2636] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[2636] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[2636] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[2636] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[2636] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[2636] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[2636] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehtray.exe[2692] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehtray.exe[2692] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehtray.exe[2692] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehtray.exe[2692] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehtray.exe[2692] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehtray.exe[2692] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehtray.exe[2692] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehtray.exe[2692] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehtray.exe[2692] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehtray.exe[2692] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehtray.exe[2692] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehtray.exe[2692] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2720] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2720] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2720] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2720] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2720] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2720] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2720] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2720] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2720] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2720] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2720] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[2720] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2840] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2840] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2840] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2840] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2840] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2840] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2840] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2840] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2840] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2840] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2840] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2840] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3344] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3344] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3344] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3344] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3344] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3344] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3344] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3344] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3344] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3344] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3344] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3344] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[3364] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[3364] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[3364] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[3364] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[3364] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[3364] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[3364] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[3364] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[3364] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[3364] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[3364] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[3364] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3552] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3552] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3552] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3552] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3552] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3552] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3552] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3552] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3552] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3552] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3552] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[3552] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehmsas.exe[3816] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehmsas.exe[3816] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehmsas.exe[3816] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehmsas.exe[3816] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehmsas.exe[3816] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehmsas.exe[3816] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehmsas.exe[3816] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehmsas.exe[3816] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehmsas.exe[3816] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehmsas.exe[3816] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehmsas.exe[3816] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\ehome\ehmsas.exe[3816] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3992] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3992] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3992] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3992] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3992] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3992] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3992] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3992] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3992] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3992] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3992] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\iPod\bin\iPodService.exe[3992] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\WUDFHost.exe[4092] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\WUDFHost.exe[4092] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\WUDFHost.exe[4092] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\WUDFHost.exe[4092] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\WUDFHost.exe[4092] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\WUDFHost.exe[4092] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\WUDFHost.exe[4092] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\WUDFHost.exe[4092] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\WUDFHost.exe[4092] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\WUDFHost.exe[4092] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\WUDFHost.exe[4092] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\WUDFHost.exe[4092] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[4668] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[4668] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[4668] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[4668] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[4668] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[4668] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[4668] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[4668] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[4668] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[4668] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[4668] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[4668] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[4696] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[4696] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[4696] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[4696] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[4696] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[4696] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[4696] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[4696] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[4696] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[4696] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[4696] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[4696] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[4744] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[4744] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[4744] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[4744] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[4744] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[4744] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[4744] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[4744] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[4744] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[4744] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[4744] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[4744] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\mf3q6bjw.exe[5720] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\mf3q6bjw.exe[5720] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\mf3q6bjw.exe[5720] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\mf3q6bjw.exe[5720] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\mf3q6bjw.exe[5720] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\mf3q6bjw.exe[5720] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\mf3q6bjw.exe[5720] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\mf3q6bjw.exe[5720] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\mf3q6bjw.exe[5720] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\mf3q6bjw.exe[5720] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\mf3q6bjw.exe[5720] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\mf3q6bjw.exe[5720] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wbem\wmiprvse.exe[5772] ntdll.dll!LdrLoadDll 777193A8 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wbem\wmiprvse.exe[5772] ntdll.dll!LdrUnloadDll 7772B740 7 Bytes JMP 1001D180 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wbem\wmiprvse.exe[5772] ntdll.dll!NtAlpcSendWaitReceivePort 777540C4 5 Bytes JMP 1002B4C0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wbem\wmiprvse.exe[5772] ntdll.dll!NtClose 77754164 5 Bytes JMP 1001D060 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wbem\wmiprvse.exe[5772] kernel32.dll!CreateProcessW 774F1BF3 5 Bytes JMP 10024F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wbem\wmiprvse.exe[5772] kernel32.dll!CreateProcessA 774F1C28 5 Bytes JMP 10025AA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wbem\wmiprvse.exe[5772] ADVAPI32.dll!CreateProcessAsUserA 7742CEB9 5 Bytes JMP 10024370 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wbem\wmiprvse.exe[5772] ADVAPI32.dll!CreateProcessAsUserW 77441EE9 5 Bytes JMP 10023A40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wbem\wmiprvse.exe[5772] GDI32.dll!DeleteDC 75DC68CD 5 Bytes JMP 10028BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wbem\wmiprvse.exe[5772] GDI32.dll!CreateDCW 75DCA91D 5 Bytes JMP 10029BA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wbem\wmiprvse.exe[5772] GDI32.dll!CreateDCA 75DCAA49 5 Bytes JMP 10029CA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wbem\wmiprvse.exe[5772] GDI32.dll!GetPixel 75DCBE90 5 Bytes JMP 10028970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\IPHLPAPI.DLL [KERNEL32.dll!LoadLibraryA] [0064B9D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\IPHLPAPI.DLL [KERNEL32.dll!GetProcAddress] [0064BBA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [0064BBA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [0064B9D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] [0064BA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] [0064BB10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateThread] [0064B0F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [0064BBA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [0064B9D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] [0064BB10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [0064BA90] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] [0064B0F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [0064BA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [0064BBA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [0064B9D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [0064BA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] [0064B0F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleHandleA] [0064BB10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!CreateThread] [0064B0F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [0064BBA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [0064B9D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] [0064BA90] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryW] [0064BA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [0064B9D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [0064BA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [0064BBA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [0064BA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [0064B0F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] [0064BB10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [0064BA90] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [0064B9D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [0064BBA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHLWAPI.dll [GDI32.dll!DeleteObject] [0064A850] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [0064A7F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!RegisterClassW] [0064B240] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!RegisterClassA] [0064B180] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [0064ACE0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [0064AC50] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!GetSystemMetrics] [0064B300] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [0064BA90] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateThread] [0064B0F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [0064BBA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [0064BA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [0064B9D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!DeleteObject] [0064A850] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHELL32.dll [USER32.dll!AdjustWindowRectEx] [0064B5C0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHELL32.dll [USER32.dll!CallWindowProcW] [0064AB10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetScrollInfo] [0064AAA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHELL32.dll [USER32.dll!SystemParametersInfoW] [0064B480] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DrawEdge] [0064B780] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DrawFrameControl] [0064B7D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetSysColorBrush] [0064A8A0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetSysColor] [0064A7F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHELL32.dll [USER32.dll!RegisterClassW] [0064B240] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHELL32.dll [USER32.dll!FillRect] [0064B700] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [0064ACE0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetSystemMetrics] [0064B300] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\SHELL32.dll [USER32.dll!SetScrollInfo] [0064A990] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\ole32.dll [GDI32.dll!DeleteObject] [0064A850] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateThread] [0064B0F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [0064BA90] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [0064BA10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [0064B9D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [0064BBA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\ole32.dll [USER32.dll!SystemParametersInfoW] [0064B480] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\ole32.dll [USER32.dll!GetSystemMetrics] [0064B300] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\ole32.dll [USER32.dll!GetSysColor] [0064A7F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\ole32.dll [USER32.dll!CallWindowProcW] [0064AB10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\ole32.dll [USER32.dll!RegisterClassW] [0064B240] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\ole32.dll [USER32.dll!DefWindowProcW] [0064ACE0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!CreateThread] [0064B0F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [0064BBA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [0064B9D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [0064BBA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [0064B9D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] [0064B0F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [0064BA90] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2440] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] [0064BB10] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\tdx \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\tdx \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\tdx \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----