GMER 1.0.15.15640 -
http://www.gmer.net
Rootkit scan 2011-06-29 21:12:39
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 FUJITSU_MHV2060BH_PL rev.0000002A
Running: gmer.exe; Driver: C:\Users\Tendai\AppData\Local\Temp\kgliipob.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAdjustPrivilegesToken [0x8CD6AE02]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAlpcConnectPort [0x8CD6C3AA]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAlpcCreatePort [0x8CD6AFEE]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwConnectPort [0x8CD6A12C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateFile [0x8CD6AA68]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreatePort [0x8CD6A00C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSection [0x8CD6A7FC]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSymbolicLinkObject [0x8CD6C03C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThread [0x8CD699F8]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwLoadDriver [0x8CD6BA4C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwMakeTemporaryObject [0x8CD6A3F4]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenFile [0x8CD6AC44]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenSection [0x8CD6A698]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRequestWaitReplyPort [0x8CD6B4E8]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSecureConnectPort [0x8CD6B79C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSystemInformation [0x8CD6BD44]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwShutdownSystem [0x8CD6A35E]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSystemDebugControl [0x8CD6A584]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateProcess [0x8CD69E0E]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateThread [0x8CD69BFC]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThreadEx [0x8CD6B0FC]
---- Kernel code sections - GMER 1.0.15 ----
.text ntoskrnl.exe!KeInsertQueue + 309 81C74900 4 Bytes [02, AE, D6, 8C]
.text ntoskrnl.exe!KeInsertQueue + 32D 81C74924 8 Bytes [AA, C3, D6, 8C, EE, AF, D6, ...]
.text ntoskrnl.exe!KeInsertQueue + 3B1 81C749A8 4 Bytes [2C, A1, D6, 8C]
.text ntoskrnl.exe!KeInsertQueue + 3C9 81C749C0 4 Bytes [68, AA, D6, 8C]
.text ntoskrnl.exe!KeInsertQueue + 3F5 81C749EC 4 Bytes [0C, A0, D6, 8C]
.text ...
---- User code sections - GMER 1.0.15 ----
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[12] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\agrsmsvc.exe[408] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] KERNEL32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] shell32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] shell32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] shell32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] shell32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Toshiba TEMPRO\TemproTray.exe[412] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] WS2_32.dll!WSASocketW 755634EB 7 Bytes JMP 10027970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] WS2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 10027990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[556] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Secunia\PSI\psi_tray.exe[580] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] WS2_32.dll!WSASocketW 755634EB 7 Bytes JMP 10027970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[688] WS2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 10027990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtAlpcSendWaitReceivePort 76E240C4 5 Bytes JMP 100285E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[772] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] WS2_32.dll!WSASocketW 755634EB 7 Bytes JMP 10027970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[784] WS2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 10027990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[796] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[820] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[952] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe[996] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1020] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] WS2_32.dll!WSASocketW 755634EB 7 Bytes JMP 10027970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] WS2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 10027990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[1032] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1056] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 005166A0 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1056] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 0052E5C0 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] WININET.dll!InternetConnectA 76C05456 5 Bytes JMP 100279D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] WININET.dll!InternetConnectW 76C05AD2 5 Bytes JMP 100279B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[1136] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1188] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1216] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Ati2evxx.exe[1304] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] WS2_32.dll!WSASocketW 755634EB 7 Bytes JMP 10027970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] WS2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 10027990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] shell32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] shell32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] shell32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1324] shell32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1404] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1424] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1512] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1536] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 10027D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 10027E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtClose 76E24164 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 10027E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 10027ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 10027EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 10027E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 100274E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 10027E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 10027DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 10027490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 10027DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 10027DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 10027E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 10027530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 10027A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 10027CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 10027BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 10027C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 10027C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 10027B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 10027B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 10027B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 10027BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 10027D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 10027AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 10027D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 10027AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 10027D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 10027B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 10027AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 10027CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 10027CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 10027BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 10027B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 10027C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 10027C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 10027C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 10027A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 10027D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] USER32.dll!EndTask 7550AD32 5 Bytes JMP 1002DFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 10027A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 100279F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 10027A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 10027A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 1002E1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\taskeng.exe[1644] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 1002E420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!LdrLoadDll 76DE93A8 5 Bytes JMP 003D5680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!LdrUnloadDll 76DFB740 7 Bytes JMP 003CCF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!LdrGetProcedureAddress 76E057A0 5 Bytes JMP 003D7D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtAllocateVirtualMemory 76E23F84 5 Bytes JMP 003D7E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtClose 76E24164 5 Bytes JMP 003CCE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtCreateFile 76E24224 5 Bytes JMP 003D7E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtCreateProcess 76E242E4 5 Bytes JMP 003D7ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtCreateProcessEx 76E242F4 5 Bytes JMP 003D7EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtDeleteFile 76E24604 5 Bytes JMP 003D7E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtFreeVirtualMemory 76E24794 5 Bytes JMP 003D74E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtLoadDriver 76E248B4 5 Bytes JMP 003D7E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtOpenFile 76E24A04 5 Bytes JMP 003D7DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtProtectVirtualMemory 76E24B84 5 Bytes JMP 003D7490 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtSetInformationProcess 76E25174 5 Bytes JMP 003D7DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtUnloadDriver 76E253C4 5 Bytes JMP 003D7DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!NtWriteVirtualMemory 76E254C4 5 Bytes JMP 003D7E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ntdll.dll!RtlAllocateHeap 76E263B0 5 Bytes JMP 003D7530 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!CreateProcessW 75591BF3 5 Bytes JMP 003D26F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!CreateProcessA 75591C28 5 Bytes JMP 003D3280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!VirtualProtect 75591DC3 5 Bytes JMP 003D7A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!OpenFile 7559355A 5 Bytes JMP 003D7CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!MoveFileW 7559A2F2 5 Bytes JMP 003D7BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!CopyFileExW 755A0211 7 Bytes JMP 003D7C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!CopyFileW 755A0299 5 Bytes JMP 003D7C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!DeleteFileW 755AF4B6 5 Bytes JMP 003D7B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!DeleteFileA 755AF5D2 5 Bytes JMP 003D7B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!MoveFileWithProgressW 755B10A4 5 Bytes JMP 003D7B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!MoveFileExW 755B10C8 5 Bytes JMP 003D7BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!LoadLibraryExW 755B9109 7 Bytes JMP 003D7D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!LoadLibraryW 755B9362 5 Bytes JMP 003D7AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!LoadLibraryExA 755B94B4 5 Bytes JMP 003D7D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!LoadLibraryA 755B94DC 5 Bytes JMP 003D7AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!GetProcAddress 755D903B 5 Bytes JMP 003D7D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!GetModuleHandleA 755D92A5 5 Bytes JMP 003D7B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!GetModuleHandleW 755DA804 5 Bytes JMP 003D7AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!CreateFileW 755DAECB 5 Bytes JMP 003D7CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!CreateFileA 755DCE5F 5 Bytes JMP 003D7CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!MoveFileExA 755E0F0A 5 Bytes JMP 003D7BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!MoveFileWithProgressA 755E0F2A 5 Bytes JMP 003D7B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!CopyFileA 755E2433 5 Bytes JMP 003D7C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!MoveFileA 7561F641 5 Bytes JMP 003D7C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!CopyFileExA 756219F9 5 Bytes JMP 003D7C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!WinExec 75625CF7 5 Bytes JMP 003D7A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] kernel32.dll!LoadModule 75625E4F 5 Bytes JMP 003D7D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] USER32.dll!EndTask 7550AD32 5 Bytes JMP 003DDFA0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ADVAPI32.dll!CreateProcessAsUserA 76F5CEB9 5 Bytes JMP 003D1B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ADVAPI32.dll!CreateProcessAsUserW 76F71EE9 5 Bytes JMP 003D1220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ole32.dll!CoGetClassObject 7586FAE8 5 Bytes JMP 003DE1E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] ole32.dll!CoCreateInstanceEx 75889F81 5 Bytes JMP 003DE420 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] WS2_32.dll!WSASocketW 755634EB 7 Bytes JMP 003D7970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] WS2_32.dll!WSASocketA 75568FA9 5 Bytes JMP 003D7990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] SHELL32.dll!ShellExecuteW 75E59725 5 Bytes JMP 003D7A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] SHELL32.dll!ShellExecuteExW 75EAC155 5 Bytes JMP 003D79F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] SHELL32.dll!ShellExecuteEx 7605A292 5 Bytes JMP 003D7A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] SHELL32.dll!ShellExecuteA 7605A32D 5 Bytes JMP 003D7A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1656] WININET.dll!InternetConnectA 76C05456 5 Bytes JMP 003D79D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)