Skocz do zawartości

  2. Przeglądanie profilu: Posty: kuba206

kuba206

Rejestracja: 06 sty 2009
OFFLINE Ostatnio: 03 08 2010 23:13
-----

Moje posty

W temacie: Logi - Rootkit wykryty przez Combofix'a

17 05 2010 - 18:25

ok thx za wielką pomoc :P
to w takim razie pewnie od comodo te bo on filtruje wszystkie połączenia wiec moze dopisał B)
thx raz jeszcze
pozdro

W temacie: Logi - Rootkit wykryty przez Combofix'a

17 05 2010 - 17:27

a te podczepione wpisy mozna jakoś usunąć ? zrobie przed usunięciem kopie zapasową więc jak by sie coś popsuło to zgram i bd jak dawniej.
tylko jak usunąć te dodatkowe wpisy ?

W temacie: Logi - Rootkit wykryty przez Combofix'a

17 05 2010 - 00:47

ok to zamieszczam tu na fotum powinien byc cały ;>


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-16 23:17:18
Windows 5.1.2600 Dodatek Service Pack 3
Running: vy6gbm33.exe; Driver: C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\kxldqpow.sys


---- System - GMER 1.0.15 ----

SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwAdjustPrivilegesToken [0xB43FDBDA]
SSDT            8A639580                                                                                                                                    ZwAssignProcessToJobObject
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwConnectPort [0xB43FD1B8]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwCreateFile [0xB43FD840]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwCreateKey [0xB43FE35A]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwCreatePort [0xB43FD09A]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwCreateSection [0xB43FF06A]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwCreateSymbolicLinkObject [0xB43FF302]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwCreateThread [0xB43FCC60]
SSDT            8A63A100                                                                                                                                    ZwDebugActiveProcess
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwDeleteKey [0xB43FDFC4]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwDeleteValueKey [0xB43FE174]
SSDT            8A639B30                                                                                                                                    ZwDuplicateObject
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwLoadDriver [0xB43FECEC]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwMakeTemporaryObject [0xB43FD43C]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwOpenFile [0xB43FDA1C]
SSDT            8A638CC0                                                                                                                                    ZwOpenProcess
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwOpenSection [0xB43FD6CC]
SSDT            8A638FC0                                                                                                                                    ZwOpenThread
SSDT            8A6399C0                                                                                                                                    ZwProtectVirtualMemory
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwRenameKey [0xB43FE720]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwRequestWaitReplyPort [0xB43FF648]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwSecureConnectPort [0xB43FEA88]
SSDT            8A639860                                                                                                                                    ZwSetContextThread
SSDT            8A6396E0                                                                                                                                    ZwSetInformationThread
SSDT            8A636700                                                                                                                                    ZwSetSecurityObject
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwSetSystemInformation [0xB43FEE9A]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwSetValueKey [0xB43FE520]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwShutdownSystem [0xB43FD3D6]
SSDT            8A639420                                                                                                                                    ZwSuspendProcess
SSDT            8A6392C0                                                                                                                                    ZwSuspendThread
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                  ZwSystemDebugControl [0xB43FD5C0]
SSDT            8A638E50                                                                                                                                    ZwTerminateProcess
SSDT            8A639150                                                                                                                                    ZwTerminateThread
SSDT            8A639F50                                                                                                                                    ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!ZwCallbackReturn + 2F0C                                                                                                        80504798 4 Bytes  JMP 60E4B43F 
.text           ntkrnlpa.exe!ZwCallbackReturn + 2FB8                                                                                                        80504844 12 Bytes  [20, 94, 63, 8A, C0, 92, 63, ...]
.text           C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                                                                                    section is writeable [0xB6DD4360, 0x32E00D, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ntdll.dll!NtAllocateVirtualMemory                                               7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ntdll.dll!NtClose                                                               7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ntdll.dll!NtCreateFile                                                          7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ntdll.dll!NtCreateProcess                                                       7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ntdll.dll!NtCreateProcessEx                                                     7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ntdll.dll!NtDeleteFile                                                          7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ntdll.dll!NtFreeVirtualMemory                                                   7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ntdll.dll!NtLoadDriver                                                          7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ntdll.dll!NtOpenFile                                                            7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ntdll.dll!NtProtectVirtualMemory                                                7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ntdll.dll!NtSetInformationProcess                                               7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ntdll.dll!NtUnloadDriver                                                        7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ntdll.dll!NtWriteVirtualMemory                                                  7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ntdll.dll!RtlAllocateHeap                                                       7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ntdll.dll!LdrLoadDll                                                            7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ntdll.dll!LdrUnloadDll                                                          7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ntdll.dll!LdrGetProcedureAddress                                                7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!CreateFileA                                                        7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!VirtualProtect                                                     7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!LoadLibraryExW                                                     7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!LoadLibraryExA                                                     7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!LoadLibraryA                                                       7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!CreateProcessW                                                     7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!CreateProcessA                                                     7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!GetProcAddress                                                     7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!LoadLibraryW                                                       7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!GetModuleHandleA                                                   7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!GetModuleHandleW                                                   7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!CreateFileW                                                        7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!MoveFileWithProgressW                                              7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!MoveFileW                                                          7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!OpenFile                                                           7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!OpenFile + 3                                                       7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!CopyFileExW                                                        7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!CopyFileA                                                          7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!CopyFileW                                                          7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!DeleteFileA                                                        7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!DeleteFileW                                                        7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!MoveFileExW                                                        7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!MoveFileA                                                          7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!MoveFileWithProgressA                                              7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!MoveFileExA                                                        7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!CopyFileExA                                                        7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!WinExec                                                            7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] kernel32.dll!LoadModule                                                         7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] USER32.dll!EndTask                                                              7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ADVAPI32.dll!OpenServiceW                                                       77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ADVAPI32.dll!OpenServiceA                                                       77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ADVAPI32.dll!CreateServiceA                                                     77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] ADVAPI32.dll!CreateServiceW                                                     77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] SHELL32.dll!ShellExecuteExW                                                     7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] SHELL32.dll!ShellExecuteEx                                                      7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] SHELL32.dll!ShellExecuteA                                                       7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe[176] SHELL32.dll!ShellExecuteW                                                       7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ntdll.dll!NtAllocateVirtualMemory                                                                   7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ntdll.dll!NtClose                                                                                   7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ntdll.dll!NtCreateFile                                                                              7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ntdll.dll!NtCreateProcess                                                                           7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ntdll.dll!NtCreateProcessEx                                                                         7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ntdll.dll!NtDeleteFile                                                                              7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ntdll.dll!NtFreeVirtualMemory                                                                       7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ntdll.dll!NtLoadDriver                                                                              7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ntdll.dll!NtOpenFile                                                                                7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ntdll.dll!NtProtectVirtualMemory                                                                    7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ntdll.dll!NtSetInformationProcess                                                                   7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ntdll.dll!NtUnloadDriver                                                                            7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ntdll.dll!NtWriteVirtualMemory                                                                      7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ntdll.dll!RtlAllocateHeap                                                                           7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ntdll.dll!LdrLoadDll                                                                                7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ntdll.dll!LdrUnloadDll                                                                              7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ntdll.dll!LdrGetProcedureAddress                                                                    7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!CreateFileA                                                                            7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!VirtualProtect                                                                         7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!LoadLibraryExW                                                                         7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!LoadLibraryExA                                                                         7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!LoadLibraryA                                                                           7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!CreateProcessW                                                                         7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!CreateProcessA                                                                         7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!GetProcAddress                                                                         7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!LoadLibraryW                                                                           7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!GetModuleHandleA                                                                       7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!GetModuleHandleW                                                                       7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!CreateFileW                                                                            7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!MoveFileWithProgressW                                                                  7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!MoveFileW                                                                              7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!OpenFile                                                                               7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!OpenFile + 3                                                                           7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!CopyFileExW                                                                            7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!CopyFileA                                                                              7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!CopyFileW                                                                              7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!DeleteFileA                                                                            7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!DeleteFileW                                                                            7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!MoveFileExW                                                                            7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!MoveFileA                                                                              7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!MoveFileWithProgressA                                                                  7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!MoveFileExA                                                                            7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!CopyFileExA                                                                            7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!WinExec                                                                                7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] kernel32.dll!LoadModule                                                                             7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] USER32.dll!EndTask                                                                                  7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ADVAPI32.dll!OpenServiceW                                                                           77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ADVAPI32.dll!OpenServiceA                                                                           77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ADVAPI32.dll!CreateServiceA                                                                         77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ADVAPI32.dll!CreateServiceW                                                                         77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] SHELL32.dll!ShellExecuteExW                                                                         7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] SHELL32.dll!ShellExecuteEx                                                                          7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] SHELL32.dll!ShellExecuteA                                                                           7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] SHELL32.dll!ShellExecuteW                                                                           7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ole32.dll!CoCreateInstanceEx                                                                        774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Vtune\TBPanel.exe[212] ole32.dll!CoGetClassObject                                                                          775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ntdll.dll!NtAllocateVirtualMemory                                                  7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ntdll.dll!NtClose                                                                  7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ntdll.dll!NtCreateFile                                                             7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ntdll.dll!NtCreateProcess                                                          7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ntdll.dll!NtCreateProcessEx                                                        7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ntdll.dll!NtDeleteFile                                                             7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ntdll.dll!NtFreeVirtualMemory                                                      7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ntdll.dll!NtLoadDriver                                                             7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ntdll.dll!NtOpenFile                                                               7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ntdll.dll!NtProtectVirtualMemory                                                   7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ntdll.dll!NtSetInformationProcess                                                  7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ntdll.dll!NtUnloadDriver                                                           7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ntdll.dll!NtWriteVirtualMemory                                                     7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ntdll.dll!RtlAllocateHeap                                                          7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ntdll.dll!LdrLoadDll                                                               7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ntdll.dll!LdrUnloadDll                                                             7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ntdll.dll!LdrGetProcedureAddress                                                   7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!CreateFileA                                                           7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!VirtualProtect                                                        7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!LoadLibraryExW                                                        7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!LoadLibraryExA                                                        7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!LoadLibraryA                                                          7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!CreateProcessW                                                        7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!CreateProcessA                                                        7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!GetProcAddress                                                        7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!LoadLibraryW                                                          7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!GetModuleHandleA                                                      7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!GetModuleHandleW                                                      7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!CreateFileW                                                           7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!MoveFileWithProgressW                                                 7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!MoveFileW                                                             7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!OpenFile                                                              7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!OpenFile + 3                                                          7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!CopyFileExW                                                           7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!CopyFileA                                                             7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!CopyFileW                                                             7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!DeleteFileA                                                           7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!DeleteFileW                                                           7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!MoveFileExW                                                           7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!MoveFileA                                                             7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!MoveFileWithProgressA                                                 7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!SetUnhandledExceptionFilter                                           7C8449FD 4 Bytes  [C2, 04, 00, 00]
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!MoveFileExA                                                           7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!CopyFileExA                                                           7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!WinExec                                                               7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] kernel32.dll!LoadModule                                                            7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] WS2_32.dll!WSASocketW                                                              71A5404E 7 Bytes  JMP 10001E90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] WS2_32.dll!WSASocketA                                                              71A58B6A 5 Bytes  JMP 10001E70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ADVAPI32.dll!OpenServiceW                                                          77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ADVAPI32.dll!OpenServiceA                                                          77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ADVAPI32.dll!CreateServiceA                                                        77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ADVAPI32.dll!CreateServiceW                                                        77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] USER32.dll!EndTask                                                                 7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] SHELL32.dll!ShellExecuteExW                                                        7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] SHELL32.dll!ShellExecuteEx                                                         7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] SHELL32.dll!ShellExecuteA                                                          7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] SHELL32.dll!ShellExecuteW                                                          7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ole32.dll!CoCreateInstanceEx                                                       774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[408] ole32.dll!CoGetClassObject                                                         775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ntdll.dll!NtAllocateVirtualMemory                                                        7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ntdll.dll!NtClose                                                                        7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ntdll.dll!NtCreateFile                                                                   7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ntdll.dll!NtCreateProcess                                                                7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ntdll.dll!NtCreateProcessEx                                                              7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ntdll.dll!NtDeleteFile                                                                   7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ntdll.dll!NtFreeVirtualMemory                                                            7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ntdll.dll!NtLoadDriver                                                                   7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ntdll.dll!NtOpenFile                                                                     7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ntdll.dll!NtProtectVirtualMemory                                                         7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ntdll.dll!NtSetInformationProcess                                                        7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ntdll.dll!NtUnloadDriver                                                                 7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ntdll.dll!NtWriteVirtualMemory                                                           7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ntdll.dll!RtlAllocateHeap                                                                7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ntdll.dll!LdrLoadDll                                                                     7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ntdll.dll!LdrUnloadDll                                                                   7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ntdll.dll!LdrGetProcedureAddress                                                         7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!CreateFileA                                                                 7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!VirtualProtect                                                              7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!LoadLibraryExW                                                              7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!LoadLibraryExA                                                              7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!LoadLibraryA                                                                7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!CreateProcessW                                                              7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!CreateProcessA                                                              7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!GetProcAddress                                                              7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!LoadLibraryW                                                                7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!GetModuleHandleA                                                            7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!GetModuleHandleW                                                            7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!CreateFileW                                                                 7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!MoveFileWithProgressW                                                       7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!MoveFileW                                                                   7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!OpenFile                                                                    7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!OpenFile + 3                                                                7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!CopyFileExW                                                                 7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!CopyFileA                                                                   7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!CopyFileW                                                                   7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!DeleteFileA                                                                 7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!DeleteFileW                                                                 7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!MoveFileExW                                                                 7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!MoveFileA                                                                   7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!MoveFileWithProgressA                                                       7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!MoveFileExA                                                                 7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!CopyFileExA                                                                 7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!WinExec                                                                     7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] kernel32.dll!LoadModule                                                                  7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ADVAPI32.dll!OpenServiceW                                                                77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ADVAPI32.dll!OpenServiceA                                                                77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ADVAPI32.dll!CreateServiceA                                                              77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ADVAPI32.dll!CreateServiceW                                                              77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] USER32.dll!EndTask                                                                       7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ole32.dll!CoCreateInstanceEx                                                             774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[484] ole32.dll!CoGetClassObject                                                               775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ntdll.dll!NtAllocateVirtualMemory                                                               7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ntdll.dll!NtClose                                                                               7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ntdll.dll!NtCreateFile                                                                          7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ntdll.dll!NtCreateProcess                                                                       7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ntdll.dll!NtCreateProcessEx                                                                     7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ntdll.dll!NtDeleteFile                                                                          7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ntdll.dll!NtFreeVirtualMemory                                                                   7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ntdll.dll!NtLoadDriver                                                                          7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ntdll.dll!NtOpenFile                                                                            7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ntdll.dll!NtProtectVirtualMemory                                                                7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ntdll.dll!NtSetInformationProcess                                                               7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ntdll.dll!NtUnloadDriver                                                                        7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ntdll.dll!NtWriteVirtualMemory                                                                  7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ntdll.dll!RtlAllocateHeap                                                                       7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ntdll.dll!LdrLoadDll                                                                            7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ntdll.dll!LdrUnloadDll                                                                          7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ntdll.dll!LdrGetProcedureAddress                                                                7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!CreateFileA                                                                        7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!VirtualProtect                                                                     7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!LoadLibraryExW                                                                     7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!LoadLibraryExA                                                                     7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!LoadLibraryA                                                                       7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!CreateProcessW                                                                     7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!CreateProcessA                                                                     7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!GetProcAddress                                                                     7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!LoadLibraryW                                                                       7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!GetModuleHandleA                                                                   7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!GetModuleHandleW                                                                   7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!CreateFileW                                                                        7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!MoveFileWithProgressW                                                              7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!MoveFileW                                                                          7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!OpenFile                                                                           7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!OpenFile + 3                                                                       7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!CopyFileExW                                                                        7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!CopyFileA                                                                          7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!CopyFileW                                                                          7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!DeleteFileA                                                                        7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!DeleteFileW                                                                        7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!MoveFileExW                                                                        7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!MoveFileA                                                                          7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!MoveFileWithProgressA                                                              7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!MoveFileExA                                                                        7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!CopyFileExA                                                                        7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!WinExec                                                                            7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] kernel32.dll!LoadModule                                                                         7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] WS2_32.dll!WSASocketW                                                                           71A5404E 7 Bytes  JMP 10001E90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] WS2_32.dll!WSASocketA                                                                           71A58B6A 5 Bytes  JMP 10001E70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ADVAPI32.dll!OpenServiceW                                                                       77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ADVAPI32.dll!OpenServiceA                                                                       77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ADVAPI32.dll!CreateServiceA                                                                     77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ADVAPI32.dll!CreateServiceW                                                                     77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ole32.dll!CoCreateInstanceEx                                                                    774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] ole32.dll!CoGetClassObject                                                                      775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Java\jre6\bin\jqs.exe[516] USER32.dll!EndTask                                                                              7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ntdll.dll!NtAllocateVirtualMemory                                                                      7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ntdll.dll!NtClose                                                                                      7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ntdll.dll!NtCreateFile                                                                                 7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ntdll.dll!NtCreateProcess                                                                              7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ntdll.dll!NtCreateProcessEx                                                                            7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ntdll.dll!NtDeleteFile                                                                                 7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ntdll.dll!NtFreeVirtualMemory                                                                          7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ntdll.dll!NtLoadDriver                                                                                 7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ntdll.dll!NtOpenFile                                                                                   7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ntdll.dll!NtProtectVirtualMemory                                                                       7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ntdll.dll!NtSetInformationProcess                                                                      7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ntdll.dll!NtUnloadDriver                                                                               7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ntdll.dll!NtWriteVirtualMemory                                                                         7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ntdll.dll!RtlAllocateHeap                                                                              7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ntdll.dll!LdrLoadDll                                                                                   7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ntdll.dll!LdrUnloadDll                                                                                 7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ntdll.dll!LdrGetProcedureAddress                                                                       7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!CreateFileA                                                                               7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!VirtualProtect                                                                            7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!LoadLibraryExW                                                                            7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!LoadLibraryExA                                                                            7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!LoadLibraryA                                                                              7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!CreateProcessW                                                                            7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!CreateProcessA                                                                            7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!GetProcAddress                                                                            7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!LoadLibraryW                                                                              7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!GetModuleHandleA                                                                          7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!GetModuleHandleW                                                                          7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!CreateFileW                                                                               7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!MoveFileWithProgressW                                                                     7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!MoveFileW                                                                                 7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!OpenFile                                                                                  7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!OpenFile + 3                                                                              7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!CopyFileExW                                                                               7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!CopyFileA                                                                                 7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!CopyFileW                                                                                 7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!DeleteFileA                                                                               7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!DeleteFileW                                                                               7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!MoveFileExW                                                                               7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!MoveFileA                                                                                 7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!MoveFileWithProgressA                                                                     7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!MoveFileExA                                                                               7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!CopyFileExA                                                                               7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!WinExec                                                                                   7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] kernel32.dll!LoadModule                                                                                7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] USER32.dll!EndTask                                                                                     7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ADVAPI32.dll!OpenServiceW                                                                              77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ADVAPI32.dll!OpenServiceA                                                                              77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ADVAPI32.dll!CreateServiceA                                                                            77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\nvsvc32.exe[540] ADVAPI32.dll!CreateServiceW                                                                            77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ntdll.dll!NtAllocateVirtualMemory                                                                     7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ntdll.dll!NtClose                                                                                     7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ntdll.dll!NtCreateFile                                                                                7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ntdll.dll!NtCreateProcess                                                                             7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ntdll.dll!NtCreateProcessEx                                                                           7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ntdll.dll!NtDeleteFile                                                                                7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ntdll.dll!NtFreeVirtualMemory                                                                         7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ntdll.dll!NtLoadDriver                                                                                7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ntdll.dll!NtOpenFile                                                                                  7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ntdll.dll!NtProtectVirtualMemory                                                                      7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ntdll.dll!NtSetInformationProcess                                                                     7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ntdll.dll!NtUnloadDriver                                                                              7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ntdll.dll!NtWriteVirtualMemory                                                                        7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ntdll.dll!RtlAllocateHeap                                                                             7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ntdll.dll!LdrLoadDll                                                                                  7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ntdll.dll!LdrUnloadDll                                                                                7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ntdll.dll!LdrGetProcedureAddress                                                                      7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!CreateFileA                                                                              7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!VirtualProtect                                                                           7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!LoadLibraryExW                                                                           7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!LoadLibraryExA                                                                           7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!LoadLibraryA                                                                             7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!CreateProcessW                                                                           7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!CreateProcessA                                                                           7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!GetProcAddress                                                                           7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!LoadLibraryW                                                                             7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!GetModuleHandleA                                                                         7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!GetModuleHandleW                                                                         7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!CreateFileW                                                                              7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!MoveFileWithProgressW                                                                    7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!MoveFileW                                                                                7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!OpenFile                                                                                 7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!OpenFile + 3                                                                             7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!CopyFileExW                                                                              7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!CopyFileA                                                                                7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!CopyFileW                                                                                7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!DeleteFileA                                                                              7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!DeleteFileW                                                                              7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!MoveFileExW                                                                              7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!MoveFileA                                                                                7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!MoveFileWithProgressA                                                                    7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!MoveFileExA                                                                              7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!CopyFileExA                                                                              7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!WinExec                                                                                  7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] kernel32.dll!LoadModule                                                                               7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] WS2_32.dll!WSASocketW                                                                                 71A5404E 7 Bytes  JMP 10001E90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] WS2_32.dll!WSASocketA                                                                                 71A58B6A 5 Bytes  JMP 10001E70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ADVAPI32.dll!OpenServiceW                                                                             77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ADVAPI32.dll!OpenServiceA                                                                             77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ADVAPI32.dll!CreateServiceA                                                                           77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] ADVAPI32.dll!CreateServiceW                                                                           77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\HPZipm12.exe[552] USER32.dll!EndTask                                                                                    7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ntdll.dll!NtAllocateVirtualMemory                                                                     7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ntdll.dll!NtClose                                                                                     7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ntdll.dll!NtCreateFile                                                                                7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ntdll.dll!NtCreateProcess                                                                             7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ntdll.dll!NtCreateProcessEx                                                                           7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ntdll.dll!NtDeleteFile                                                                                7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ntdll.dll!NtFreeVirtualMemory                                                                         7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ntdll.dll!NtLoadDriver                                                                                7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ntdll.dll!NtOpenFile                                                                                  7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ntdll.dll!NtProtectVirtualMemory                                                                      7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ntdll.dll!NtSetInformationProcess                                                                     7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ntdll.dll!NtUnloadDriver                                                                              7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ntdll.dll!NtWriteVirtualMemory                                                                        7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ntdll.dll!RtlAllocateHeap                                                                             7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ntdll.dll!LdrLoadDll                                                                                  7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ntdll.dll!LdrUnloadDll                                                                                7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ntdll.dll!LdrGetProcedureAddress                                                                      7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!CreateFileA                                                                              7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!VirtualProtect                                                                           7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!LoadLibraryExW                                                                           7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!LoadLibraryExA                                                                           7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!LoadLibraryA                                                                             7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!CreateProcessW                                                                           7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!CreateProcessA                                                                           7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!GetProcAddress                                                                           7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!LoadLibraryW                                                                             7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!GetModuleHandleA                                                                         7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!GetModuleHandleW                                                                         7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!CreateFileW                                                                              7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!MoveFileWithProgressW                                                                    7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!MoveFileW                                                                                7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!OpenFile                                                                                 7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!OpenFile + 3                                                                             7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!CopyFileExW                                                                              7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!CopyFileA                                                                                7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!CopyFileW                                                                                7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!DeleteFileA                                                                              7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!DeleteFileW                                                                              7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!MoveFileExW                                                                              7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!MoveFileA                                                                                7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!MoveFileWithProgressA                                                                    7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!MoveFileExA                                                                              7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!CopyFileExA                                                                              7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!WinExec                                                                                  7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] kernel32.dll!LoadModule                                                                               7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] USER32.dll!EndTask                                                                                    7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ADVAPI32.dll!OpenServiceW                                                                             77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ADVAPI32.dll!OpenServiceA                                                                             77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ADVAPI32.dll!CreateServiceA                                                                           77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] ADVAPI32.dll!CreateServiceW                                                                           77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] SHELL32.dll!ShellExecuteExW                                                                           7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] SHELL32.dll!ShellExecuteEx                                                                            7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] SHELL32.dll!ShellExecuteA                                                                             7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] SHELL32.dll!ShellExecuteW                                                                             7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] WS2_32.dll!WSASocketW                                                                                 71A5404E 7 Bytes  JMP 10001E90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\PnkBstrA.exe[584] WS2_32.dll!WSASocketA                                                                                 71A58B6A 5 Bytes  JMP 10001E70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ntdll.dll!NtAllocateVirtualMemory                                                                     7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ntdll.dll!NtClose                                                                                     7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ntdll.dll!NtCreateFile                                                                                7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ntdll.dll!NtCreateProcess                                                                             7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ntdll.dll!NtCreateProcessEx                                                                           7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ntdll.dll!NtDeleteFile                                                                                7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ntdll.dll!NtFreeVirtualMemory                                                                         7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ntdll.dll!NtLoadDriver                                                                                7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ntdll.dll!NtOpenFile                                                                                  7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ntdll.dll!NtProtectVirtualMemory                                                                      7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ntdll.dll!NtSetInformationProcess                                                                     7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ntdll.dll!NtUnloadDriver                                                                              7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ntdll.dll!NtWriteVirtualMemory                                                                        7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ntdll.dll!RtlAllocateHeap                                                                             7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ntdll.dll!LdrLoadDll                                                                                  7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ntdll.dll!LdrUnloadDll                                                                                7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ntdll.dll!LdrGetProcedureAddress                                                                      7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!CreateFileA                                                                              7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!VirtualProtect                                                                           7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!LoadLibraryExW                                                                           7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!LoadLibraryExA                                                                           7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!LoadLibraryA                                                                             7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!CreateProcessW                                                                           7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!CreateProcessA                                                                           7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!GetProcAddress                                                                           7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!LoadLibraryW                                                                             7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!GetModuleHandleA                                                                         7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!GetModuleHandleW                                                                         7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!CreateFileW                                                                              7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!MoveFileWithProgressW                                                                    7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!MoveFileW                                                                                7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!OpenFile                                                                                 7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!OpenFile + 3                                                                             7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!CopyFileExW                                                                              7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!CopyFileA                                                                                7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!CopyFileW                                                                                7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!DeleteFileA                                                                              7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!DeleteFileW                                                                              7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!MoveFileExW                                                                              7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!MoveFileA                                                                                7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!MoveFileWithProgressA                                                                    7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!MoveFileExA                                                                              7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!CopyFileExA                                                                              7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!WinExec                                                                                  7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] kernel32.dll!LoadModule                                                                               7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ADVAPI32.dll!OpenServiceW                                                                             77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ADVAPI32.dll!OpenServiceA                                                                             77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ADVAPI32.dll!CreateServiceA                                                                           77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] ADVAPI32.dll!CreateServiceW                                                                           77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\services.exe[812] USER32.dll!EndTask                                                                                    7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ntdll.dll!NtAllocateVirtualMemory                                                                        7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ntdll.dll!NtClose                                                                                        7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ntdll.dll!NtCreateFile                                                                                   7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ntdll.dll!NtCreateProcess                                                                                7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ntdll.dll!NtCreateProcessEx                                                                              7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ntdll.dll!NtDeleteFile                                                                                   7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ntdll.dll!NtFreeVirtualMemory                                                                            7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ntdll.dll!NtLoadDriver                                                                                   7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ntdll.dll!NtOpenFile                                                                                     7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ntdll.dll!NtProtectVirtualMemory                                                                         7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ntdll.dll!NtSetInformationProcess                                                                        7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ntdll.dll!NtUnloadDriver                                                                                 7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ntdll.dll!NtWriteVirtualMemory                                                                           7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ntdll.dll!RtlAllocateHeap                                                                                7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ntdll.dll!LdrLoadDll                                                                                     7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ntdll.dll!LdrUnloadDll                                                                                   7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ntdll.dll!LdrGetProcedureAddress                                                                         7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!CreateFileA                                                                                 7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!VirtualProtect                                                                              7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!LoadLibraryExW                                                                              7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!LoadLibraryExA                                                                              7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!LoadLibraryA                                                                                7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!CreateProcessW                                                                              7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!CreateProcessA                                                                              7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!GetProcAddress                                                                              7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!LoadLibraryW                                                                                7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!GetModuleHandleA                                                                            7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!GetModuleHandleW                                                                            7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!CreateFileW                                                                                 7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!MoveFileWithProgressW                                                                       7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!MoveFileW                                                                                   7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!OpenFile                                                                                    7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!OpenFile + 3                                                                                7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!CopyFileExW                                                                                 7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!CopyFileA                                                                                   7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!CopyFileW                                                                                   7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!DeleteFileA                                                                                 7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!DeleteFileW                                                                                 7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!MoveFileExW                                                                                 7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!MoveFileA                                                                                   7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!MoveFileWithProgressA                                                                       7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!MoveFileExA                                                                                 7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!CopyFileExA                                                                                 7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!WinExec                                                                                     7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] kernel32.dll!LoadModule                                                                                  7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ADVAPI32.dll!OpenServiceW                                                                                77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ADVAPI32.dll!OpenServiceA                                                                                77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ADVAPI32.dll!CreateServiceA                                                                              77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ADVAPI32.dll!CreateServiceW                                                                              77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] USER32.dll!EndTask                                                                                       7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] WS2_32.dll!WSASocketW                                                                                    71A5404E 7 Bytes  JMP 10001E90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] WS2_32.dll!WSASocketA                                                                                    71A58B6A 5 Bytes  JMP 10001E70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ole32.dll!CoCreateInstanceEx                                                                             774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] ole32.dll!CoGetClassObject                                                                               775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] SHELL32.dll!ShellExecuteExW                                                                              7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] SHELL32.dll!ShellExecuteEx                                                                               7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] SHELL32.dll!ShellExecuteA                                                                                7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\lsass.exe[824] SHELL32.dll!ShellExecuteW                                                                                7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ntdll.dll!NtAllocateVirtualMemory                                                                     7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ntdll.dll!NtClose                                                                                     7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ntdll.dll!NtCreateFile                                                                                7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ntdll.dll!NtCreateProcess                                                                             7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ntdll.dll!NtCreateProcessEx                                                                           7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ntdll.dll!NtDeleteFile                                                                                7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ntdll.dll!NtFreeVirtualMemory                                                                         7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ntdll.dll!NtLoadDriver                                                                                7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ntdll.dll!NtOpenFile                                                                                  7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ntdll.dll!NtProtectVirtualMemory                                                                      7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ntdll.dll!NtSetInformationProcess                                                                     7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ntdll.dll!NtUnloadDriver                                                                              7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ntdll.dll!NtWriteVirtualMemory                                                                        7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ntdll.dll!RtlAllocateHeap                                                                             7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ntdll.dll!LdrLoadDll                                                                                  7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ntdll.dll!LdrUnloadDll                                                                                7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ntdll.dll!LdrGetProcedureAddress                                                                      7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!CreateFileA                                                                              7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!VirtualProtect                                                                           7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!LoadLibraryExW                                                                           7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!LoadLibraryExA                                                                           7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!LoadLibraryA                                                                             7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!CreateProcessW                                                                           7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!CreateProcessA                                                                           7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!GetProcAddress                                                                           7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!LoadLibraryW                                                                             7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!GetModuleHandleA                                                                         7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!GetModuleHandleW                                                                         7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!CreateFileW                                                                              7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!MoveFileWithProgressW                                                                    7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!MoveFileW                                                                                7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!OpenFile                                                                                 7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!OpenFile + 3                                                                             7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!CopyFileExW                                                                              7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!CopyFileA                                                                                7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!CopyFileW                                                                                7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!DeleteFileA                                                                              7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!DeleteFileW                                                                              7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!MoveFileExW                                                                              7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!MoveFileA                                                                                7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!MoveFileWithProgressA                                                                    7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!MoveFileExA                                                                              7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!CopyFileExA                                                                              7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!WinExec                                                                                  7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] kernel32.dll!LoadModule                                                                               7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ADVAPI32.dll!OpenServiceW                                                                             77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ADVAPI32.dll!OpenServiceA                                                                             77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ADVAPI32.dll!CreateServiceA                                                                           77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ADVAPI32.dll!CreateServiceW                                                                           77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] USER32.dll!EndTask                                                                                    7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ole32.dll!CoCreateInstanceEx                                                                          774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] ole32.dll!CoGetClassObject                                                                            775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] SHELL32.dll!ShellExecuteExW                                                                           7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] SHELL32.dll!ShellExecuteEx                                                                            7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] SHELL32.dll!ShellExecuteA                                                                             7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1000] SHELL32.dll!ShellExecuteW                                                                             7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!NtAllocateVirtualMemory                                                                     7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!NtClose                                                                                     7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!NtCreateFile                                                                                7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!NtCreateProcess                                                                             7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!NtCreateProcessEx                                                                           7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!NtDeleteFile                                                                                7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!NtFreeVirtualMemory                                                                         7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!NtLoadDriver                                                                                7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!NtOpenFile                                                                                  7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!NtProtectVirtualMemory                                                                      7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!NtSetInformationProcess                                                                     7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!NtUnloadDriver                                                                              7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!NtWriteVirtualMemory                                                                        7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!RtlAllocateHeap                                                                             7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!LdrLoadDll                                                                                  7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!LdrUnloadDll                                                                                7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!LdrGetProcedureAddress                                                                      7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!CreateFileA                                                                              7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!VirtualProtect                                                                           7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!LoadLibraryExW                                                                           7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!LoadLibraryExA                                                                           7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!LoadLibraryA                                                                             7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!CreateProcessW                                                                           7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!CreateProcessA                                                                           7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!GetProcAddress                                                                           7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!LoadLibraryW                                                                             7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!GetModuleHandleA                                                                         7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!GetModuleHandleW                                                                         7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!CreateFileW                                                                              7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!MoveFileWithProgressW                                                                    7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!MoveFileW                                                                                7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!OpenFile                                                                                 7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!OpenFile + 3                                                                             7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!CopyFileExW                                                                              7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!CopyFileA                                                                                7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!CopyFileW                                                                                7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!DeleteFileA                                                                              7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!DeleteFileW                                                                              7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!MoveFileExW                                                                              7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!MoveFileA                                                                                7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!MoveFileWithProgressA                                                                    7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!MoveFileExA                                                                              7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!CopyFileExA                                                                              7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!WinExec                                                                                  7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] kernel32.dll!LoadModule                                                                               7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ADVAPI32.dll!OpenServiceW                                                                             77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ADVAPI32.dll!OpenServiceA                                                                             77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ADVAPI32.dll!CreateServiceA                                                                           77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ADVAPI32.dll!CreateServiceW                                                                           77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] USER32.dll!EndTask                                                                                    7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ole32.dll!CoCreateInstanceEx                                                                          774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] ole32.dll!CoGetClassObject                                                                            775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] SHELL32.dll!ShellExecuteExW                                                                           7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] SHELL32.dll!ShellExecuteEx                                                                            7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] SHELL32.dll!ShellExecuteA                                                                             7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1028] SHELL32.dll!ShellExecuteW                                                                             7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!NtAllocateVirtualMemory                                                                     7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!NtClose                                                                                     7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!NtCreateFile                                                                                7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!NtCreateProcess                                                                             7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!NtCreateProcessEx                                                                           7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!NtDeleteFile                                                                                7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!NtFreeVirtualMemory                                                                         7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!NtLoadDriver                                                                                7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!NtOpenFile                                                                                  7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!NtProtectVirtualMemory                                                                      7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!NtSetInformationProcess                                                                     7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!NtUnloadDriver                                                                              7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!NtWriteVirtualMemory                                                                        7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!RtlAllocateHeap                                                                             7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!LdrLoadDll                                                                                  7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!LdrUnloadDll                                                                                7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!LdrGetProcedureAddress                                                                      7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!CreateFileA                                                                              7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!VirtualProtect                                                                           7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!LoadLibraryExW                                                                           7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!LoadLibraryExA                                                                           7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!LoadLibraryA                                                                             7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!CreateProcessW                                                                           7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!CreateProcessA                                                                           7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!GetProcAddress                                                                           7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!LoadLibraryW                                                                             7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!GetModuleHandleA                                                                         7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!GetModuleHandleW                                                                         7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!CreateFileW                                                                              7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!MoveFileWithProgressW                                                                    7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!MoveFileW                                                                                7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!OpenFile                                                                                 7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!OpenFile + 3                                                                             7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!CopyFileExW                                                                              7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!CopyFileA                                                                                7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!CopyFileW                                                                                7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!DeleteFileA                                                                              7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!DeleteFileW                                                                              7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!MoveFileExW                                                                              7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!MoveFileA                                                                                7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!MoveFileWithProgressA                                                                    7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!MoveFileExA                                                                              7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!CopyFileExA                                                                              7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!WinExec                                                                                  7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!LoadModule                                                                               7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ADVAPI32.dll!OpenServiceW                                                                             77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ADVAPI32.dll!OpenServiceA                                                                             77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ADVAPI32.dll!CreateServiceA                                                                           77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ADVAPI32.dll!CreateServiceW                                                                           77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] USER32.dll!EndTask                                                                                    7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ole32.dll!CoCreateInstanceEx                                                                          774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] ole32.dll!CoGetClassObject                                                                            775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] SHELL32.dll!ShellExecuteExW                                                                           7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] SHELL32.dll!ShellExecuteEx                                                                            7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] SHELL32.dll!ShellExecuteA                                                                             7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1068] SHELL32.dll!ShellExecuteW                                                                             7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1164] ntdll.dll!NtAllocateVirtualMemory                                       7C90CF50 5 Bytes  JMP 0040FD50 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ntdll.dll!NtAllocateVirtualMemory                                                                     7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ntdll.dll!NtClose                                                                                     7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ntdll.dll!NtCreateFile                                                                                7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ntdll.dll!NtCreateProcess                                                                             7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ntdll.dll!NtCreateProcessEx                                                                           7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ntdll.dll!NtDeleteFile                                                                                7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ntdll.dll!NtFreeVirtualMemory                                                                         7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ntdll.dll!NtLoadDriver                                                                                7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ntdll.dll!NtOpenFile                                                                                  7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ntdll.dll!NtProtectVirtualMemory                                                                      7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ntdll.dll!NtSetInformationProcess                                                                     7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ntdll.dll!NtUnloadDriver                                                                              7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ntdll.dll!NtWriteVirtualMemory                                                                        7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ntdll.dll!RtlAllocateHeap                                                                             7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ntdll.dll!LdrLoadDll                                                                                  7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ntdll.dll!LdrUnloadDll                                                                                7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ntdll.dll!LdrGetProcedureAddress                                                                      7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!CreateFileA                                                                              7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!VirtualProtect                                                                           7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!LoadLibraryExW                                                                           7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!LoadLibraryExA                                                                           7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!LoadLibraryA                                                                             7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!CreateProcessW                                                                           7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!CreateProcessA                                                                           7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!GetProcAddress                                                                           7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!LoadLibraryW                                                                             7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!GetModuleHandleA                                                                         7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!GetModuleHandleW                                                                         7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!CreateFileW                                                                              7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!MoveFileWithProgressW                                                                    7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!MoveFileW                                                                                7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!OpenFile                                                                                 7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!OpenFile + 3                                                                             7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!CopyFileExW                                                                              7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!CopyFileA                                                                                7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!CopyFileW                                                                                7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!DeleteFileA                                                                              7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!DeleteFileW                                                                              7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!MoveFileExW                                                                              7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!MoveFileA                                                                                7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!MoveFileWithProgressA                                                                    7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!MoveFileExA                                                                              7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!CopyFileExA                                                                              7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!WinExec                                                                                  7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] kernel32.dll!LoadModule                                                                               7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ADVAPI32.dll!OpenServiceW                                                                             77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ADVAPI32.dll!OpenServiceA                                                                             77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ADVAPI32.dll!CreateServiceA                                                                           77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ADVAPI32.dll!CreateServiceW                                                                           77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] USER32.dll!EndTask                                                                                    7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ole32.dll!CoCreateInstanceEx                                                                          774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] ole32.dll!CoGetClassObject                                                                            775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] SHELL32.dll!ShellExecuteExW                                                                           7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] SHELL32.dll!ShellExecuteEx                                                                            7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] SHELL32.dll!ShellExecuteA                                                                             7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1188] SHELL32.dll!ShellExecuteW                                                                             7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!NtAllocateVirtualMemory                                                                     7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!NtClose                                                                                     7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!NtCreateFile                                                                                7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!NtCreateProcess                                                                             7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!NtCreateProcessEx                                                                           7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!NtDeleteFile                                                                                7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!NtFreeVirtualMemory                                                                         7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!NtLoadDriver                                                                                7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!NtOpenFile                                                                                  7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!NtProtectVirtualMemory                                                                      7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!NtSetInformationProcess                                                                     7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!NtUnloadDriver                                                                              7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!NtWriteVirtualMemory                                                                        7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!RtlAllocateHeap                                                                             7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!LdrLoadDll                                                                                  7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!LdrUnloadDll                                                                                7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ntdll.dll!LdrGetProcedureAddress                                                                      7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!CreateFileA                                                                              7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!VirtualProtect                                                                           7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!LoadLibraryExW                                                                           7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!LoadLibraryExA                                                                           7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!LoadLibraryA                                                                             7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!CreateProcessW                                                                           7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!CreateProcessA                                                                           7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!GetProcAddress                                                                           7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!LoadLibraryW                                                                             7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!GetModuleHandleA                                                                         7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!GetModuleHandleW                                                                         7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!CreateFileW                                                                              7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!MoveFileWithProgressW                                                                    7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!MoveFileW                                                                                7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!OpenFile                                                                                 7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!OpenFile + 3                                                                             7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!CopyFileExW                                                                              7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!CopyFileA                                                                                7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!CopyFileW                                                                                7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!DeleteFileA                                                                              7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!DeleteFileW                                                                              7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!MoveFileExW                                                                              7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!MoveFileA                                                                                7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!MoveFileWithProgressA                                                                    7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!MoveFileExA                                                                              7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!CopyFileExA                                                                              7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!WinExec                                                                                  7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] kernel32.dll!LoadModule                                                                               7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ADVAPI32.dll!OpenServiceW                                                                             77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ADVAPI32.dll!OpenServiceA                                                                             77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ADVAPI32.dll!CreateServiceA                                                                           77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ADVAPI32.dll!CreateServiceW                                                                           77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] USER32.dll!EndTask                                                                                    7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ole32.dll!CoCreateInstanceEx                                                                          774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] ole32.dll!CoGetClassObject                                                                            775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] SHELL32.dll!ShellExecuteExW                                                                           7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] SHELL32.dll!ShellExecuteEx                                                                            7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] SHELL32.dll!ShellExecuteA                                                                             7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1344] SHELL32.dll!ShellExecuteW                                                                             7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ntdll.dll!NtAllocateVirtualMemory                                                                     7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ntdll.dll!NtClose                                                                                     7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ntdll.dll!NtCreateFile                                                                                7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ntdll.dll!NtCreateProcess                                                                             7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ntdll.dll!NtCreateProcessEx                                                                           7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ntdll.dll!NtDeleteFile                                                                                7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ntdll.dll!NtFreeVirtualMemory                                                                         7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ntdll.dll!NtLoadDriver                                                                                7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ntdll.dll!NtOpenFile                                                                                  7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ntdll.dll!NtProtectVirtualMemory                                                                      7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ntdll.dll!NtSetInformationProcess                                                                     7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ntdll.dll!NtUnloadDriver                                                                              7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ntdll.dll!NtWriteVirtualMemory                                                                        7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ntdll.dll!RtlAllocateHeap                                                                             7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ntdll.dll!LdrLoadDll                                                                                  7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ntdll.dll!LdrUnloadDll                                                                                7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ntdll.dll!LdrGetProcedureAddress                                                                      7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!CreateFileA                                                                              7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!VirtualProtect                                                                           7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!LoadLibraryExW                                                                           7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!LoadLibraryExA                                                                           7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!LoadLibraryA                                                                             7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!CreateProcessW                                                                           7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!CreateProcessA                                                                           7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!GetProcAddress                                                                           7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!LoadLibraryW                                                                             7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!GetModuleHandleA                                                                         7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!GetModuleHandleW                                                                         7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!CreateFileW                                                                              7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!MoveFileWithProgressW                                                                    7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!MoveFileW                                                                                7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!OpenFile                                                                                 7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!OpenFile + 3                                                                             7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!CopyFileExW                                                                              7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!CopyFileA                                                                                7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!CopyFileW                                                                                7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!DeleteFileA                                                                              7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!DeleteFileW                                                                              7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!MoveFileExW                                                                              7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!MoveFileA                                                                                7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!MoveFileWithProgressA                                                                    7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!MoveFileExA                                                                              7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!CopyFileExA                                                                              7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!WinExec                                                                                  7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] kernel32.dll!LoadModule                                                                               7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ADVAPI32.dll!OpenServiceW                                                                             77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ADVAPI32.dll!OpenServiceA                                                                             77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ADVAPI32.dll!CreateServiceA                                                                           77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ADVAPI32.dll!CreateServiceW                                                                           77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] USER32.dll!EndTask                                                                                    7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ole32.dll!CoCreateInstanceEx                                                                          774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] ole32.dll!CoGetClassObject                                                                            775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] SHELL32.dll!ShellExecuteExW                                                                           7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] SHELL32.dll!ShellExecuteEx                                                                            7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] SHELL32.dll!ShellExecuteA                                                                             7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\svchost.exe[1412] SHELL32.dll!ShellExecuteW                                                                             7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ntdll.dll!NtAllocateVirtualMemory                                                                     7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ntdll.dll!NtClose                                                                                     7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ntdll.dll!NtCreateFile                                                                                7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ntdll.dll!NtCreateProcess                                                                             7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ntdll.dll!NtCreateProcessEx                                                                           7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ntdll.dll!NtDeleteFile                                                                                7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ntdll.dll!NtFreeVirtualMemory                                                                         7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ntdll.dll!NtLoadDriver                                                                                7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ntdll.dll!NtOpenFile                                                                                  7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ntdll.dll!NtProtectVirtualMemory                                                                      7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ntdll.dll!NtSetInformationProcess                                                                     7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ntdll.dll!NtUnloadDriver                                                                              7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ntdll.dll!NtWriteVirtualMemory                                                                        7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ntdll.dll!RtlAllocateHeap                                                                             7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ntdll.dll!LdrLoadDll                                                                                  7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ntdll.dll!LdrUnloadDll                                                                                7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ntdll.dll!LdrGetProcedureAddress                                                                      7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!CreateFileA                                                                              7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!VirtualProtect                                                                           7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!LoadLibraryExW                                                                           7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!LoadLibraryExA                                                                           7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!LoadLibraryA                                                                             7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!CreateProcessW                                                                           7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!CreateProcessA                                                                           7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!GetProcAddress                                                                           7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!LoadLibraryW                                                                             7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!GetModuleHandleA                                                                         7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!GetModuleHandleW                                                                         7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!CreateFileW                                                                              7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!MoveFileWithProgressW                                                                    7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!MoveFileW                                                                                7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!OpenFile                                                                                 7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!OpenFile + 3                                                                             7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!CopyFileExW                                                                              7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!CopyFileA                                                                                7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!CopyFileW                                                                                7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!DeleteFileA                                                                              7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!DeleteFileW                                                                              7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!MoveFileExW                                                                              7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!MoveFileA                                                                                7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!MoveFileWithProgressA                                                                    7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!MoveFileExA                                                                              7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!CopyFileExA                                                                              7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!WinExec                                                                                  7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] kernel32.dll!LoadModule                                                                               7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ADVAPI32.dll!OpenServiceW                                                                             77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ADVAPI32.dll!OpenServiceA                                                                             77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ADVAPI32.dll!CreateServiceA                                                                           77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ADVAPI32.dll!CreateServiceW                                                                           77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] USER32.dll!EndTask                                                                                    7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ole32.dll!CoCreateInstanceEx                                                                          774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] ole32.dll!CoGetClassObject                                                                            775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] SHELL32.dll!ShellExecuteExW                                                                           7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] SHELL32.dll!ShellExecuteEx                                                                            7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] SHELL32.dll!ShellExecuteA                                                                             7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\spoolsv.exe[1536] SHELL32.dll!ShellExecuteW                                                                             7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ntdll.dll!NtAllocateVirtualMemory                                                                             7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ntdll.dll!NtClose                                                                                             7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ntdll.dll!NtCreateFile                                                                                        7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ntdll.dll!NtCreateProcess                                                                                     7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ntdll.dll!NtCreateProcessEx                                                                                   7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ntdll.dll!NtDeleteFile                                                                                        7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ntdll.dll!NtFreeVirtualMemory                                                                                 7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ntdll.dll!NtLoadDriver                                                                                        7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ntdll.dll!NtOpenFile                                                                                          7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ntdll.dll!NtProtectVirtualMemory                                                                              7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ntdll.dll!NtSetInformationProcess                                                                             7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ntdll.dll!NtUnloadDriver                                                                                      7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ntdll.dll!NtWriteVirtualMemory                                                                                7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ntdll.dll!RtlAllocateHeap                                                                                     7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ntdll.dll!LdrLoadDll                                                                                          7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ntdll.dll!LdrUnloadDll                                                                                        7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ntdll.dll!LdrGetProcedureAddress                                                                              7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!CreateFileA                                                                                      7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!VirtualProtect                                                                                   7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!LoadLibraryExW                                                                                   7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!LoadLibraryExA                                                                                   7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!LoadLibraryA                                                                                     7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!CreateProcessW                                                                                   7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!CreateProcessA                                                                                   7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!LoadLibraryW                                                                                     7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!GetModuleHandleA                                                                                 7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!GetModuleHandleW                                                                                 7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!CreateFileW                                                                                      7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!MoveFileWithProgressW                                                                            7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!MoveFileW                                                                                        7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!OpenFile                                                                                         7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!OpenFile + 3                                                                                     7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!CopyFileExW                                                                                      7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!CopyFileA                                                                                        7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!CopyFileW                                                                                        7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!DeleteFileA                                                                                      7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!DeleteFileW                                                                                      7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!MoveFileExW                                                                                      7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!MoveFileA                                                                                        7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!MoveFileWithProgressA                                                                            7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!MoveFileExA                                                                                      7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!CopyFileExA                                                                                      7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!WinExec                                                                                          7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] kernel32.dll!LoadModule                                                                                       7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ADVAPI32.dll!OpenServiceW                                                                                     77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ADVAPI32.dll!OpenServiceA                                                                                     77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ADVAPI32.dll!CreateServiceA                                                                                   77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ADVAPI32.dll!CreateServiceW                                                                                   77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] USER32.dll!EndTask                                                                                            7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ole32.dll!CoCreateInstanceEx                                                                                  774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] ole32.dll!CoGetClassObject                                                                                    775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] WININET.dll!InternetConnectA                                                                                  771B3452 5 Bytes  JMP 10001E30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] WININET.dll!InternetConnectW                                                                                  771BEE00 5 Bytes  JMP 10001E50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] SHELL32.dll!ShellExecuteExW                                                                                   7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] SHELL32.dll!ShellExecuteEx                                                                                    7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] SHELL32.dll!ShellExecuteA                                                                                     7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\Explorer.EXE[1916] SHELL32.dll!ShellExecuteW                                                                                     7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ntdll.dll!NtAllocateVirtualMemory                                          7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ntdll.dll!NtClose                                                          7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ntdll.dll!NtCreateFile                                                     7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ntdll.dll!NtCreateProcess                                                  7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ntdll.dll!NtCreateProcessEx                                                7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ntdll.dll!NtDeleteFile                                                     7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ntdll.dll!NtFreeVirtualMemory                                              7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ntdll.dll!NtLoadDriver                                                     7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ntdll.dll!NtOpenFile                                                       7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ntdll.dll!NtProtectVirtualMemory                                           7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ntdll.dll!NtSetInformationProcess                                          7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ntdll.dll!NtUnloadDriver                                                   7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ntdll.dll!NtWriteVirtualMemory                                             7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ntdll.dll!RtlAllocateHeap                                                  7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ntdll.dll!LdrLoadDll                                                       7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ntdll.dll!LdrUnloadDll                                                     7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ntdll.dll!LdrGetProcedureAddress                                           7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!CreateFileA                                                   7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!VirtualProtect                                                7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!LoadLibraryExW                                                7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!LoadLibraryExA                                                7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!LoadLibraryA                                                  7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!CreateProcessW                                                7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!CreateProcessA                                                7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!GetProcAddress                                                7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!LoadLibraryW                                                  7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!GetModuleHandleA                                              7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!GetModuleHandleW                                              7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!CreateFileW                                                   7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!MoveFileWithProgressW                                         7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!MoveFileW                                                     7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!OpenFile                                                      7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!OpenFile + 3                                                  7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!CopyFileExW                                                   7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!CopyFileA                                                     7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!CopyFileW                                                     7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!DeleteFileA                                                   7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!DeleteFileW                                                   7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!MoveFileExW                                                   7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!MoveFileA                                                     7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!MoveFileWithProgressA                                         7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!MoveFileExA                                                   7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!CopyFileExA                                                   7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!WinExec                                                       7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] kernel32.dll!LoadModule                                                    7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ADVAPI32.dll!OpenServiceW                                                  77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ADVAPI32.dll!OpenServiceA                                                  77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ADVAPI32.dll!CreateServiceA                                                77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ADVAPI32.dll!CreateServiceW                                                77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] USER32.dll!EndTask                                                         7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] WININET.dll!InternetConnectA                                               771B3452 5 Bytes  JMP 10001E30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] WININET.dll!InternetConnectW                                               771BEE00 5 Bytes  JMP 10001E50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ole32.dll!CoCreateInstanceEx                                               774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] ole32.dll!CoGetClassObject                                                 775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] SHELL32.dll!ShellExecuteExW                                                7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] SHELL32.dll!ShellExecuteEx                                                 7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] SHELL32.dll!ShellExecuteA                                                  7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[1972] SHELL32.dll!ShellExecuteW                                                  7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!NtAllocateVirtualMemory                                                                              7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!NtClose                                                                                              7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!NtCreateFile                                                                                         7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!NtCreateProcess                                                                                      7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!NtCreateProcessEx                                                                                    7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!NtDeleteFile                                                                                         7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!NtFreeVirtualMemory                                                                                  7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!NtLoadDriver                                                                                         7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!NtOpenFile                                                                                           7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!NtProtectVirtualMemory                                                                               7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!NtSetInformationProcess                                                                              7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!NtUnloadDriver                                                                                       7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!NtWriteVirtualMemory                                                                                 7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!RtlAllocateHeap                                                                                      7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!LdrLoadDll                                                                                           7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!LdrUnloadDll                                                                                         7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!LdrGetProcedureAddress                                                                               7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!CreateFileA                                                                                       7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!VirtualProtect                                                                                    7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!LoadLibraryExW                                                                                    7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!LoadLibraryExA                                                                                    7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!LoadLibraryA                                                                                      7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!CreateProcessW                                                                                    7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!CreateProcessA                                                                                    7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!GetProcAddress                                                                                    7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!LoadLibraryW                                                                                      7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!GetModuleHandleA                                                                                  7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!GetModuleHandleW                                                                                  7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!CreateFileW                                                                                       7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!MoveFileWithProgressW                                                                             7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!MoveFileW                                                                                         7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!OpenFile                                                                                          7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!OpenFile + 3                                                                                      7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!CopyFileExW                                                                                       7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!CopyFileA                                                                                         7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!CopyFileW                                                                                         7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!DeleteFileA                                                                                       7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!DeleteFileW                                                                                       7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!MoveFileExW                                                                                       7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!MoveFileA                                                                                         7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!MoveFileWithProgressA                                                                             7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!MoveFileExA                                                                                       7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!CopyFileExA                                                                                       7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!WinExec                                                                                           7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!LoadModule                                                                                        7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ADVAPI32.dll!OpenServiceW                                                                                      77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ADVAPI32.dll!OpenServiceA                                                                                      77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ADVAPI32.dll!CreateServiceA                                                                                    77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ADVAPI32.dll!CreateServiceW                                                                                    77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ole32.dll!CoCreateInstanceEx                                                                                   774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] ole32.dll!CoGetClassObject                                                                                     775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] USER32.dll!EndTask                                                                                             7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] SHELL32.dll!ShellExecuteExW                                                                                    7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] SHELL32.dll!ShellExecuteEx                                                                                     7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] SHELL32.dll!ShellExecuteA                                                                                      7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\RTHDCPL.EXE[1980] SHELL32.dll!ShellExecuteW                                                                                      7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ntdll.dll!NtAllocateVirtualMemory                                                                    7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ntdll.dll!NtClose                                                                                    7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ntdll.dll!NtCreateFile                                                                               7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ntdll.dll!NtCreateProcess                                                                            7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ntdll.dll!NtCreateProcessEx                                                                          7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ntdll.dll!NtDeleteFile                                                                               7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ntdll.dll!NtFreeVirtualMemory                                                                        7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ntdll.dll!NtLoadDriver                                                                               7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ntdll.dll!NtOpenFile                                                                                 7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ntdll.dll!NtProtectVirtualMemory                                                                     7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ntdll.dll!NtSetInformationProcess                                                                    7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ntdll.dll!NtUnloadDriver                                                                             7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ntdll.dll!NtWriteVirtualMemory                                                                       7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ntdll.dll!RtlAllocateHeap                                                                            7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ntdll.dll!LdrLoadDll                                                                                 7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ntdll.dll!LdrUnloadDll                                                                               7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ntdll.dll!LdrGetProcedureAddress                                                                     7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!CreateFileA                                                                             7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!VirtualProtect                                                                          7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!LoadLibraryExW                                                                          7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!LoadLibraryExA                                                                          7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!LoadLibraryA                                                                            7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!CreateProcessW                                                                          7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!CreateProcessA                                                                          7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!GetProcAddress                                                                          7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!LoadLibraryW                                                                            7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!GetModuleHandleA                                                                        7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!GetModuleHandleW                                                                        7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!CreateFileW                                                                             7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!MoveFileWithProgressW                                                                   7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!MoveFileW                                                                               7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!OpenFile                                                                                7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!OpenFile + 3                                                                            7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!CopyFileExW                                                                             7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!CopyFileA                                                                               7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!CopyFileW                                                                               7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!DeleteFileA                                                                             7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!DeleteFileW                                                                             7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!MoveFileExW                                                                             7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!MoveFileA                                                                               7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!MoveFileWithProgressA                                                                   7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!MoveFileExA                                                                             7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!CopyFileExA                                                                             7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!WinExec                                                                                 7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] kernel32.dll!LoadModule                                                                              7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] USER32.dll!EndTask                                                                                   7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ADVAPI32.dll!OpenServiceW                                                                            77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ADVAPI32.dll!OpenServiceA                                                                            77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ADVAPI32.dll!CreateServiceA                                                                          77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ADVAPI32.dll!CreateServiceW                                                                          77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ole32.dll!CoCreateInstanceEx                                                                         774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] ole32.dll!CoGetClassObject                                                                           775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] SHELL32.dll!ShellExecuteExW                                                                          7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] SHELL32.dll!ShellExecuteEx                                                                           7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] SHELL32.dll!ShellExecuteA                                                                            7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[2016] SHELL32.dll!ShellExecuteW                                                                            7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ntdll.dll!NtAllocateVirtualMemory                                                 7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ntdll.dll!NtClose                                                                 7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ntdll.dll!NtCreateFile                                                            7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ntdll.dll!NtCreateProcess                                                         7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ntdll.dll!NtCreateProcessEx                                                       7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ntdll.dll!NtDeleteFile                                                            7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ntdll.dll!NtFreeVirtualMemory                                                     7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ntdll.dll!NtLoadDriver                                                            7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ntdll.dll!NtOpenFile                                                              7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ntdll.dll!NtProtectVirtualMemory                                                  7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ntdll.dll!NtSetInformationProcess                                                 7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ntdll.dll!NtUnloadDriver                                                          7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ntdll.dll!NtWriteVirtualMemory                                                    7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ntdll.dll!RtlAllocateHeap                                                         7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ntdll.dll!LdrLoadDll                                                              7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ntdll.dll!LdrUnloadDll                                                            7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ntdll.dll!LdrGetProcedureAddress                                                  7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!CreateFileA                                                          7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!VirtualProtect                                                       7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!LoadLibraryExW                                                       7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!LoadLibraryExA                                                       7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!LoadLibraryA                                                         7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!CreateProcessW                                                       7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!CreateProcessA                                                       7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!GetProcAddress                                                       7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!LoadLibraryW                                                         7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!GetModuleHandleA                                                     7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!GetModuleHandleW                                                     7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!CreateFileW                                                          7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!MoveFileWithProgressW                                                7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!MoveFileW                                                            7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!OpenFile                                                             7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!OpenFile + 3                                                         7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!CopyFileExW                                                          7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!CopyFileA                                                            7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!CopyFileW                                                            7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!DeleteFileA                                                          7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!DeleteFileW                                                          7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!MoveFileExW                                                          7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!MoveFileA                                                            7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!MoveFileWithProgressA                                                7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!MoveFileExA                                                          7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!CopyFileExA                                                          7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!WinExec                                                              7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] kernel32.dll!LoadModule                                                           7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] USER32.dll!EndTask                                                                7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ADVAPI32.dll!OpenServiceW                                                         77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ADVAPI32.dll!OpenServiceA                                                         77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ADVAPI32.dll!CreateServiceA                                                       77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ADVAPI32.dll!CreateServiceW                                                       77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] SHELL32.dll!ShellExecuteExW                                                       7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] SHELL32.dll!ShellExecuteEx                                                        7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] SHELL32.dll!ShellExecuteA                                                         7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] SHELL32.dll!ShellExecuteW                                                         7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ole32.dll!CoCreateInstanceEx                                                      774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe[2028] ole32.dll!CoGetClassObject                                                        775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] ntdll.dll!NtAllocateVirtualMemory                                            7C90CF50 5 Bytes  JMP 0050E060 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ntdll.dll!NtAllocateVirtualMemory                                                               7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ntdll.dll!NtClose                                                                               7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ntdll.dll!NtCreateFile                                                                          7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ntdll.dll!NtCreateProcess                                                                       7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ntdll.dll!NtCreateProcessEx                                                                     7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ntdll.dll!NtDeleteFile                                                                          7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ntdll.dll!NtFreeVirtualMemory                                                                   7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ntdll.dll!NtLoadDriver                                                                          7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ntdll.dll!NtOpenFile                                                                            7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ntdll.dll!NtProtectVirtualMemory                                                                7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ntdll.dll!NtSetInformationProcess                                                               7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ntdll.dll!NtUnloadDriver                                                                        7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ntdll.dll!NtWriteVirtualMemory                                                                  7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ntdll.dll!RtlAllocateHeap                                                                       7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ntdll.dll!LdrLoadDll                                                                            7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ntdll.dll!LdrUnloadDll                                                                          7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ntdll.dll!LdrGetProcedureAddress                                                                7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!CreateFileA                                                                        7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!VirtualProtect                                                                     7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!LoadLibraryExW                                                                     7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!LoadLibraryExA                                                                     7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!LoadLibraryA                                                                       7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!CreateProcessW                                                                     7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!CreateProcessA                                                                     7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!GetProcAddress                                                                     7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!LoadLibraryW                                                                       7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!GetModuleHandleA                                                                   7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!GetModuleHandleW                                                                   7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!CreateFileW                                                                        7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!MoveFileWithProgressW                                                              7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!MoveFileW                                                                          7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!OpenFile                                                                           7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!OpenFile + 3                                                                       7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!CopyFileExW                                                                        7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!CopyFileA                                                                          7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!CopyFileW                                                                          7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!DeleteFileA                                                                        7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!DeleteFileW                                                                        7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!MoveFileExW                                                                        7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!MoveFileA                                                                          7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!MoveFileWithProgressA                                                              7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!MoveFileExA                                                                        7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!CopyFileExA                                                                        7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!WinExec                                                                            7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] kernel32.dll!LoadModule                                                                         7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ADVAPI32.dll!OpenServiceW                                                                       77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ADVAPI32.dll!OpenServiceA                                                                       77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ADVAPI32.dll!CreateServiceA                                                                     77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ADVAPI32.dll!CreateServiceW                                                                     77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] USER32.dll!EndTask                                                                              7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ole32.dll!CoCreateInstanceEx                                                                    774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] ole32.dll!CoGetClassObject                                                                      775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] SHELL32.dll!ShellExecuteExW                                                                     7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] SHELL32.dll!ShellExecuteEx                                                                      7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] SHELL32.dll!ShellExecuteA                                                                       7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiapsrv.exe[2368] SHELL32.dll!ShellExecuteW                                                                       7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ntdll.dll!NtAllocateVirtualMemory                                                                     7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ntdll.dll!NtClose                                                                                     7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ntdll.dll!NtCreateFile                                                                                7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ntdll.dll!NtCreateProcess                                                                             7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ntdll.dll!NtCreateProcessEx                                                                           7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ntdll.dll!NtDeleteFile                                                                                7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ntdll.dll!NtFreeVirtualMemory                                                                         7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ntdll.dll!NtLoadDriver                                                                                7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ntdll.dll!NtOpenFile                                                                                  7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ntdll.dll!NtProtectVirtualMemory                                                                      7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ntdll.dll!NtSetInformationProcess                                                                     7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ntdll.dll!NtUnloadDriver                                                                              7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ntdll.dll!NtWriteVirtualMemory                                                                        7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ntdll.dll!RtlAllocateHeap                                                                             7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ntdll.dll!LdrLoadDll                                                                                  7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ntdll.dll!LdrUnloadDll                                                                                7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ntdll.dll!LdrGetProcedureAddress                                                                      7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!CreateFileA                                                                              7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!VirtualProtect                                                                           7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!LoadLibraryExW                                                                           7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!LoadLibraryExA                                                                           7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!LoadLibraryA                                                                             7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!CreateProcessW                                                                           7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!CreateProcessA                                                                           7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!GetProcAddress                                                                           7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!LoadLibraryW                                                                             7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!GetModuleHandleA                                                                         7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!GetModuleHandleW                                                                         7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!CreateFileW                                                                              7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!MoveFileWithProgressW                                                                    7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!MoveFileW                                                                                7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!OpenFile                                                                                 7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!OpenFile + 3                                                                             7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!CopyFileExW                                                                              7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!CopyFileA                                                                                7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!CopyFileW                                                                                7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!DeleteFileA                                                                              7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!DeleteFileW                                                                              7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!MoveFileExW                                                                              7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!MoveFileA                                                                                7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!MoveFileWithProgressA                                                                    7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!MoveFileExA                                                                              7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!CopyFileExA                                                                              7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!WinExec                                                                                  7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] kernel32.dll!LoadModule                                                                               7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] USER32.dll!EndTask                                                                                    7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] SHELL32.dll!ShellExecuteExW                                                                           7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] SHELL32.dll!ShellExecuteEx                                                                            7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] SHELL32.dll!ShellExecuteA                                                                             7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] SHELL32.dll!ShellExecuteW                                                                             7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ADVAPI32.dll!OpenServiceW                                                                             77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ADVAPI32.dll!OpenServiceA                                                                             77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ADVAPI32.dll!CreateServiceA                                                                           77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wscntfy.exe[2432] ADVAPI32.dll!CreateServiceW                                                                           77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ntdll.dll!NtAllocateVirtualMemory                      7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ntdll.dll!NtClose                                      7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ntdll.dll!NtCreateFile                                 7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ntdll.dll!NtCreateProcess                              7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ntdll.dll!NtCreateProcessEx                            7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ntdll.dll!NtDeleteFile                                 7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ntdll.dll!NtFreeVirtualMemory                          7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ntdll.dll!NtLoadDriver                                 7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ntdll.dll!NtOpenFile                                   7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ntdll.dll!NtProtectVirtualMemory                       7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ntdll.dll!NtSetInformationProcess                      7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ntdll.dll!NtUnloadDriver                               7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ntdll.dll!NtWriteVirtualMemory                         7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ntdll.dll!RtlAllocateHeap                              7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ntdll.dll!LdrLoadDll                                   7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ntdll.dll!LdrUnloadDll                                 7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ntdll.dll!LdrGetProcedureAddress                       7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!CreateFileA                               7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!VirtualProtect                            7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!LoadLibraryExW                            7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!LoadLibraryExA                            7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!LoadLibraryA                              7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!CreateProcessW                            7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!CreateProcessA                            7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!GetProcAddress                            7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!LoadLibraryW                              7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!GetModuleHandleA                          7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!GetModuleHandleW                          7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!CreateFileW                               7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!MoveFileWithProgressW                     7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!MoveFileW                                 7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!OpenFile                                  7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!OpenFile + 3                              7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!CopyFileExW                               7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!CopyFileA                                 7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!CopyFileW                                 7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!DeleteFileA                               7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!DeleteFileW                               7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!MoveFileExW                               7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!MoveFileA                                 7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!MoveFileWithProgressA                     7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!MoveFileExA                               7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!CopyFileExA                               7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!WinExec                                   7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] kernel32.dll!LoadModule                                7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ADVAPI32.dll!OpenServiceW                              77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ADVAPI32.dll!OpenServiceA                              77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ADVAPI32.dll!CreateServiceA                            77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] ADVAPI32.dll!CreateServiceW                            77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] USER32.dll!EndTask                                     7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] shell32.dll!ShellExecuteExW                            7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] shell32.dll!ShellExecuteEx                             7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] shell32.dll!ShellExecuteA                              7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\vy6gbm33.exe[2496] shell32.dll!ShellExecuteW                              7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ntdll.dll!NtAllocateVirtualMemory                                                                         7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ntdll.dll!NtClose                                                                                         7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ntdll.dll!NtCreateFile                                                                                    7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ntdll.dll!NtCreateProcess                                                                                 7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ntdll.dll!NtCreateProcessEx                                                                               7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ntdll.dll!NtDeleteFile                                                                                    7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ntdll.dll!NtFreeVirtualMemory                                                                             7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ntdll.dll!NtLoadDriver                                                                                    7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ntdll.dll!NtOpenFile                                                                                      7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ntdll.dll!NtProtectVirtualMemory                                                                          7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ntdll.dll!NtSetInformationProcess                                                                         7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ntdll.dll!NtUnloadDriver                                                                                  7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ntdll.dll!NtWriteVirtualMemory                                                                            7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ntdll.dll!RtlAllocateHeap                                                                                 7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ntdll.dll!LdrLoadDll                                                                                      7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ntdll.dll!LdrUnloadDll                                                                                    7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ntdll.dll!LdrGetProcedureAddress                                                                          7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!CreateFileA                                                                                  7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!VirtualProtect                                                                               7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!LoadLibraryExW                                                                               7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!LoadLibraryExA                                                                               7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!LoadLibraryA                                                                                 7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!CreateProcessW                                                                               7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!CreateProcessA                                                                               7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!GetProcAddress                                                                               7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!LoadLibraryW                                                                                 7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!GetModuleHandleA                                                                             7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!GetModuleHandleW                                                                             7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!CreateFileW                                                                                  7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!MoveFileWithProgressW                                                                        7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!MoveFileW                                                                                    7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!OpenFile                                                                                     7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!OpenFile + 3                                                                                 7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!CopyFileExW                                                                                  7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!CopyFileA                                                                                    7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!CopyFileW                                                                                    7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!DeleteFileA                                                                                  7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!DeleteFileW                                                                                  7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!MoveFileExW                                                                                  7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!MoveFileA                                                                                    7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!MoveFileWithProgressA                                                                        7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!MoveFileExA                                                                                  7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!CopyFileExA                                                                                  7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!WinExec                                                                                      7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!LoadModule                                                                                   7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] USER32.dll!EndTask                                                                                        7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ADVAPI32.dll!OpenServiceW                                                                                 77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ADVAPI32.dll!OpenServiceA                                                                                 77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ADVAPI32.dll!CreateServiceA                                                                               77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ADVAPI32.dll!CreateServiceW                                                                               77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ole32.dll!CoCreateInstanceEx                                                                              774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] ole32.dll!CoGetClassObject                                                                                775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] WS2_32.dll!WSASocketW                                                                                     71A5404E 7 Bytes  JMP 10001E90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] WS2_32.dll!WSASocketA                                                                                     71A58B6A 5 Bytes  JMP 10001E70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] SHELL32.dll!ShellExecuteExW                                                                               7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] SHELL32.dll!ShellExecuteEx                                                                                7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] SHELL32.dll!ShellExecuteA                                                                                 7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\System32\alg.exe[2556] SHELL32.dll!ShellExecuteW                                                                                 7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ntdll.dll!NtAllocateVirtualMemory                                                               7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ntdll.dll!NtClose                                                                               7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ntdll.dll!NtCreateFile                                                                          7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ntdll.dll!NtCreateProcess                                                                       7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ntdll.dll!NtCreateProcessEx                                                                     7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ntdll.dll!NtDeleteFile                                                                          7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ntdll.dll!NtFreeVirtualMemory                                                                   7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ntdll.dll!NtLoadDriver                                                                          7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ntdll.dll!NtOpenFile                                                                            7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ntdll.dll!NtProtectVirtualMemory                                                                7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ntdll.dll!NtSetInformationProcess                                                               7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ntdll.dll!NtUnloadDriver                                                                        7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ntdll.dll!NtWriteVirtualMemory                                                                  7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ntdll.dll!RtlAllocateHeap                                                                       7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ntdll.dll!LdrLoadDll                                                                            7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ntdll.dll!LdrUnloadDll                                                                          7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ntdll.dll!LdrGetProcedureAddress                                                                7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!CreateFileA                                                                        7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!VirtualProtect                                                                     7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!LoadLibraryExW                                                                     7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!LoadLibraryExA                                                                     7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!LoadLibraryA                                                                       7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!CreateProcessW                                                                     7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!CreateProcessA                                                                     7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!GetProcAddress                                                                     7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!LoadLibraryW                                                                       7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!GetModuleHandleA                                                                   7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!GetModuleHandleW                                                                   7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!CreateFileW                                                                        7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!MoveFileWithProgressW                                                              7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!MoveFileW                                                                          7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!OpenFile                                                                           7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!OpenFile + 3                                                                       7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!CopyFileExW                                                                        7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!CopyFileA                                                                          7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!CopyFileW                                                                          7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!DeleteFileA                                                                        7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!DeleteFileW                                                                        7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!MoveFileExW                                                                        7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!MoveFileA                                                                          7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!MoveFileWithProgressA                                                              7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!MoveFileExA                                                                        7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!CopyFileExA                                                                        7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!WinExec                                                                            7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] kernel32.dll!LoadModule                                                                         7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ADVAPI32.dll!OpenServiceW                                                                       77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ADVAPI32.dll!OpenServiceA                                                                       77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ADVAPI32.dll!CreateServiceA                                                                     77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ADVAPI32.dll!CreateServiceW                                                                     77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] USER32.dll!EndTask                                                                              7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ole32.dll!CoCreateInstanceEx                                                                    774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] ole32.dll!CoGetClassObject                                                                      775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] WS2_32.dll!WSASocketW                                                                           71A5404E 7 Bytes  JMP 10001E90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] WS2_32.dll!WSASocketA                                                                           71A58B6A 5 Bytes  JMP 10001E70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] SHELL32.dll!ShellExecuteExW                                                                     7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] SHELL32.dll!ShellExecuteEx                                                                      7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] SHELL32.dll!ShellExecuteA                                                                       7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] SHELL32.dll!ShellExecuteW                                                                       7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ntdll.dll!NtAllocateVirtualMemory                                                        7C90CF50 5 Bytes  JMP 00DF1950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ntdll.dll!NtClose                                                                        7C90CFD0 5 Bytes  JMP 00DF82B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ntdll.dll!NtCreateFile                                                                   7C90D090 5 Bytes  JMP 00DF18D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ntdll.dll!NtCreateProcess                                                                7C90D130 5 Bytes  JMP 00DF1890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ntdll.dll!NtCreateProcessEx                                                              7C90D140 5 Bytes  JMP 00DF19B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ntdll.dll!NtDeleteFile                                                                   7C90D220 5 Bytes  JMP 00DF1910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ntdll.dll!NtFreeVirtualMemory                                                            7C90D370 5 Bytes  JMP 00DF1A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ntdll.dll!NtLoadDriver                                                                   7C90D450 5 Bytes  JMP 00DF1970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ntdll.dll!NtOpenFile                                                                     7C90D580 5 Bytes  JMP 00DF18F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ntdll.dll!NtProtectVirtualMemory                                                         7C90D6D0 5 Bytes  JMP 00DF1930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ntdll.dll!NtSetInformationProcess                                                        7C90DC80 5 Bytes  JMP 00DF19D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ntdll.dll!NtUnloadDriver                                                                 7C90DEA0 5 Bytes  JMP 00DF1990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ntdll.dll!NtWriteVirtualMemory                                                           7C90DF90 5 Bytes  JMP 00DF18B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ntdll.dll!KiUserExceptionDispatcher                                                      7C90E45C 7 Bytes  JMP 00DF22D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ntdll.dll!RtlAllocateHeap                                                                7C9100A4 5 Bytes  JMP 00DF1A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ntdll.dll!LdrLoadDll                                                                     7C9163A3 5 Bytes  JMP 00DF4550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ntdll.dll!LdrUnloadDll                                                                   7C91736B 5 Bytes  JMP 00DF81E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ntdll.dll!LdrGetProcedureAddress                                                         7C917E88 5 Bytes  JMP 00DF19F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!CreateFileA                                                                 7C801A28 5 Bytes  JMP 00DF1B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!VirtualProtect                                                              7C801AD4 5 Bytes  JMP 00DF1D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!LoadLibraryExW                                                              7C801AF5 7 Bytes  JMP 00DF1AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!LoadLibraryExA                                                              7C801D53 5 Bytes  JMP 00DF1AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!LoadLibraryA                                                                7C801D7B 5 Bytes  JMP 00DF1D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!CreateProcessW                                                              7C802336 5 Bytes  JMP 00DF1A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!CreateProcessA                                                              7C80236B 5 Bytes  JMP 00DF1A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!GetProcAddress                                                              7C80AE30 5 Bytes  JMP 00DF1A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!LoadLibraryW                                                                7C80AEDB 5 Bytes  JMP 00DF1D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!GetModuleHandleA                                                            7C80B731 5 Bytes  JMP 00DF1CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!GetModuleHandleW                                                            7C80E4CD 5 Bytes  JMP 00DF1D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!CreateFileW                                                                 7C8107F0 5 Bytes  JMP 00DF1B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!MoveFileWithProgressW                                                       7C81F716 5 Bytes  JMP 00DF1C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!MoveFileW                                                                   7C821249 5 Bytes  JMP 00DF1C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!OpenFile                                                                    7C82196A 2 Bytes  JMP 00DF1B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!OpenFile + 3                                                                7C82196D 2 Bytes  [5D, 84]
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!CopyFileExW                                                                 7C827B1A 7 Bytes  JMP 00DF1BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!CopyFileA                                                                   7C8286D6 5 Bytes  JMP 00DF1B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!CopyFileW                                                                   7C82F863 5 Bytes  JMP 00DF1B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!DeleteFileA                                                                 7C831EC5 5 Bytes  JMP 00DF1CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!DeleteFileW                                                                 7C831F4B 5 Bytes  JMP 00DF1CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!MoveFileExW                                                                 7C835673 5 Bytes  JMP 00DF1C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!MoveFileA                                                                   7C835EA7 5 Bytes  JMP 00DF1BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!MoveFileWithProgressA                                                       7C835EC6 5 Bytes  JMP 00DF1C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!MoveFileExA                                                                 7C85E3CB 5 Bytes  JMP 00DF1C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!CopyFileExA                                                                 7C85F2CC 5 Bytes  JMP 00DF1BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!WinExec                                                                     7C8623AD 5 Bytes  JMP 00DF1D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] kernel32.dll!LoadModule                                                                  7C8624BE 5 Bytes  JMP 00DF1AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ADVAPI32.dll!OpenServiceW                                                                77DD6FDD 7 Bytes  JMP 00DF1480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ADVAPI32.dll!OpenServiceA                                                                77DE4C36 7 Bytes  JMP 00DF1640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ADVAPI32.dll!CreateServiceA                                                              77E271E9 7 Bytes  JMP 00DF1000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ADVAPI32.dll!CreateServiceW                                                              77E27381 7 Bytes  JMP 00DF1250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] WS2_32.dll!WSASocketW                                                                    71A5404E 7 Bytes  JMP 00DF1E90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] WS2_32.dll!WSASocketA                                                                    71A58B6A 5 Bytes  JMP 00DF1E70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] USER32.dll!EndTask                                                                       7E3AA0A5 5 Bytes  JMP 00DF7E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] SHELL32.dll!ShellExecuteExW                                                              7CA02F03 5 Bytes  JMP 00DF1E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] SHELL32.dll!ShellExecuteEx                                                               7CA40E25 5 Bytes  JMP 00DF1DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] SHELL32.dll!ShellExecuteA                                                                7CA41150 5 Bytes  JMP 00DF1DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] SHELL32.dll!ShellExecuteW                                                                7CAB5BF0 5 Bytes  JMP 00DF1DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ole32.dll!CoCreateInstanceEx                                                             774F0526 5 Bytes  JMP 00DF7BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[2856] ole32.dll!CoGetClassObject                                                               775056C5 5 Bytes  JMP 00DF7D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ntdll.dll!NtAllocateVirtualMemory                                                                7C90CF50 5 Bytes  JMP 03191950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ntdll.dll!NtClose                                                                                7C90CFD0 5 Bytes  JMP 031982B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ntdll.dll!NtCreateFile                                                                           7C90D090 5 Bytes  JMP 031918D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ntdll.dll!NtCreateProcess                                                                        7C90D130 5 Bytes  JMP 03191890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ntdll.dll!NtCreateProcessEx                                                                      7C90D140 5 Bytes  JMP 031919B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ntdll.dll!NtDeleteFile                                                                           7C90D220 5 Bytes  JMP 03191910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ntdll.dll!NtFreeVirtualMemory                                                                    7C90D370 5 Bytes  JMP 03191A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ntdll.dll!NtLoadDriver                                                                           7C90D450 5 Bytes  JMP 03191970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ntdll.dll!NtOpenFile                                                                             7C90D580 5 Bytes  JMP 031918F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ntdll.dll!NtProtectVirtualMemory                                                                 7C90D6D0 5 Bytes  JMP 03191930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ntdll.dll!NtSetInformationProcess                                                                7C90DC80 5 Bytes  JMP 031919D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ntdll.dll!NtUnloadDriver                                                                         7C90DEA0 5 Bytes  JMP 03191990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ntdll.dll!NtWriteVirtualMemory                                                                   7C90DF90 5 Bytes  JMP 031918B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ntdll.dll!RtlAllocateHeap                                                                        7C9100A4 5 Bytes  JMP 03191A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ntdll.dll!LdrLoadDll                                                                             7C9163A3 5 Bytes  JMP 03194550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ntdll.dll!LdrUnloadDll                                                                           7C91736B 5 Bytes  JMP 031981E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ntdll.dll!LdrGetProcedureAddress                                                                 7C917E88 5 Bytes  JMP 031919F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!CreateFileA                                                                         7C801A28 5 Bytes  JMP 03191B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!VirtualProtect                                                                      7C801AD4 5 Bytes  JMP 03191D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!LoadLibraryExW                                                                      7C801AF5 7 Bytes  JMP 03191AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!LoadLibraryExA                                                                      7C801D53 5 Bytes  JMP 03191AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!LoadLibraryA                                                                        7C801D7B 5 Bytes  JMP 03191D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!CreateProcessW                                                                      7C802336 5 Bytes  JMP 03191A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!CreateProcessA                                                                      7C80236B 5 Bytes  JMP 03191A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!GetProcAddress                                                                      7C80AE30 5 Bytes  JMP 03191A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!LoadLibraryW                                                                        7C80AEDB 5 Bytes  JMP 03191D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!GetModuleHandleA                                                                    7C80B731 5 Bytes  JMP 03191CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!GetModuleHandleW                                                                    7C80E4CD 5 Bytes  JMP 03191D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!CreateFileW                                                                         7C8107F0 5 Bytes  JMP 03191B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!MoveFileWithProgressW                                                               7C81F716 5 Bytes  JMP 03191C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!MoveFileW                                                                           7C821249 5 Bytes  JMP 03191C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!OpenFile                                                                            7C82196A 2 Bytes  JMP 03191B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!OpenFile + 3                                                                        7C82196D 2 Bytes  [97, 86]
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!CopyFileExW                                                                         7C827B1A 7 Bytes  JMP 03191BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!CopyFileA                                                                           7C8286D6 5 Bytes  JMP 03191B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!CopyFileW                                                                           7C82F863 5 Bytes  JMP 03191B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!DeleteFileA                                                                         7C831EC5 5 Bytes  JMP 03191CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!DeleteFileW                                                                         7C831F4B 5 Bytes  JMP 03191CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!MoveFileExW                                                                         7C835673 5 Bytes  JMP 03191C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!MoveFileA                                                                           7C835EA7 5 Bytes  JMP 03191BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!MoveFileWithProgressA                                                               7C835EC6 5 Bytes  JMP 03191C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!MoveFileExA                                                                         7C85E3CB 5 Bytes  JMP 03191C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!CopyFileExA                                                                         7C85F2CC 5 Bytes  JMP 03191BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!WinExec                                                                             7C8623AD 5 Bytes  JMP 03191D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] kernel32.dll!LoadModule                                                                          7C8624BE 5 Bytes  JMP 03191AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] USER32.dll!EndTask                                                                               7E3AA0A5 5 Bytes  JMP 03197E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ole32.dll!CoCreateInstanceEx                                                                     774F0526 5 Bytes  JMP 03197BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ole32.dll!CoGetClassObject                                                                       775056C5 5 Bytes  JMP 03197D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ADVAPI32.dll!OpenServiceW                                                                        77DD6FDD 7 Bytes  JMP 03191480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ADVAPI32.dll!OpenServiceA                                                                        77DE4C36 7 Bytes  JMP 03191640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ADVAPI32.dll!CreateServiceA                                                                      77E271E9 7 Bytes  JMP 03191000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] ADVAPI32.dll!CreateServiceW                                                                      77E27381 7 Bytes  JMP 03191250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] SHELL32.dll!ShellExecuteExW                                                                      7CA02F03 5 Bytes  JMP 03191E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] SHELL32.dll!ShellExecuteEx                                                                       7CA40E25 5 Bytes  JMP 03191DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] SHELL32.dll!ShellExecuteA                                                                        7CA41150 5 Bytes  JMP 03191DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] SHELL32.dll!ShellExecuteW                                                                        7CAB5BF0 5 Bytes  JMP 03191DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] WS2_32.dll!WSASocketW                                                                            71A5404E 7 Bytes  JMP 03191E90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] WS2_32.dll!WSASocketA                                                                            71A58B6A 5 Bytes  JMP 03191E70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] WININET.dll!InternetConnectA                                                                     771B3452 5 Bytes  JMP 03191E30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Gadu-Gadu 10\gg.exe[3368] WININET.dll!InternetConnectW                                                                     771BEE00 5 Bytes  JMP 03191E50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ntdll.dll!NtAllocateVirtualMemory                                                                     7C90CF50 5 Bytes  JMP 10001950 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ntdll.dll!NtClose                                                                                     7C90CFD0 5 Bytes  JMP 100082B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ntdll.dll!NtCreateFile                                                                                7C90D090 5 Bytes  JMP 100018D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ntdll.dll!NtCreateProcess                                                                             7C90D130 5 Bytes  JMP 10001890 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ntdll.dll!NtCreateProcessEx                                                                           7C90D140 5 Bytes  JMP 100019B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ntdll.dll!NtDeleteFile                                                                                7C90D220 5 Bytes  JMP 10001910 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ntdll.dll!NtFreeVirtualMemory                                                                         7C90D370 5 Bytes  JMP 10001A30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ntdll.dll!NtLoadDriver                                                                                7C90D450 5 Bytes  JMP 10001970 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ntdll.dll!NtOpenFile                                                                                  7C90D580 5 Bytes  JMP 100018F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ntdll.dll!NtProtectVirtualMemory                                                                      7C90D6D0 5 Bytes  JMP 10001930 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ntdll.dll!NtSetInformationProcess                                                                     7C90DC80 5 Bytes  JMP 100019D0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ntdll.dll!NtUnloadDriver                                                                              7C90DEA0 5 Bytes  JMP 10001990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ntdll.dll!NtWriteVirtualMemory                                                                        7C90DF90 5 Bytes  JMP 100018B0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ntdll.dll!RtlAllocateHeap                                                                             7C9100A4 5 Bytes  JMP 10001A10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ntdll.dll!LdrLoadDll                                                                                  7C9163A3 5 Bytes  JMP 10004550 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ntdll.dll!LdrUnloadDll                                                                                7C91736B 5 Bytes  JMP 100081E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ntdll.dll!LdrGetProcedureAddress                                                                      7C917E88 5 Bytes  JMP 100019F0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!CreateFileA                                                                              7C801A28 5 Bytes  JMP 10001B30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!VirtualProtect                                                                           7C801AD4 5 Bytes  JMP 10001D90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!LoadLibraryExW                                                                           7C801AF5 7 Bytes  JMP 10001AF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!LoadLibraryExA                                                                           7C801D53 5 Bytes  JMP 10001AD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!LoadLibraryA                                                                             7C801D7B 5 Bytes  JMP 10001D30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!CreateProcessW                                                                           7C802336 5 Bytes  JMP 10001A70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!CreateProcessA                                                                           7C80236B 5 Bytes  JMP 10001A50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!GetProcAddress                                                                           7C80AE30 5 Bytes  JMP 10001A90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!LoadLibraryW                                                                             7C80AEDB 5 Bytes  JMP 10001D50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!GetModuleHandleA                                                                         7C80B731 5 Bytes  JMP 10001CF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!GetModuleHandleW                                                                         7C80E4CD 5 Bytes  JMP 10001D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!CreateFileW                                                                              7C8107F0 5 Bytes  JMP 10001B50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!MoveFileWithProgressW                                                                    7C81F716 5 Bytes  JMP 10001C90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!MoveFileW                                                                                7C821249 5 Bytes  JMP 10001C10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!OpenFile                                                                                 7C82196A 2 Bytes  JMP 10001B10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!OpenFile + 3                                                                             7C82196D 2 Bytes  [7E, 93] {JLE 0xffffffffffffff95}
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!CopyFileExW                                                                              7C827B1A 7 Bytes  JMP 10001BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!CopyFileA                                                                                7C8286D6 5 Bytes  JMP 10001B70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!CopyFileW                                                                                7C82F863 5 Bytes  JMP 10001B90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!DeleteFileA                                                                              7C831EC5 5 Bytes  JMP 10001CB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!DeleteFileW                                                                              7C831F4B 5 Bytes  JMP 10001CD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!MoveFileExW                                                                              7C835673 5 Bytes  JMP 10001C50 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!MoveFileA                                                                                7C835EA7 5 Bytes  JMP 10001BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!MoveFileWithProgressA                                                                    7C835EC6 5 Bytes  JMP 10001C70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!MoveFileExA                                                                              7C85E3CB 5 Bytes  JMP 10001C30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!CopyFileExA                                                                              7C85F2CC 5 Bytes  JMP 10001BB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!WinExec                                                                                  7C8623AD 5 Bytes  JMP 10001D70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] kernel32.dll!LoadModule                                                                               7C8624BE 5 Bytes  JMP 10001AB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] USER32.dll!EndTask                                                                                    7E3AA0A5 5 Bytes  JMP 10007E80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ADVAPI32.dll!OpenServiceW                                                                             77DD6FDD 7 Bytes  JMP 10001480 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ADVAPI32.dll!OpenServiceA                                                                             77DE4C36 7 Bytes  JMP 10001640 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ADVAPI32.dll!CreateServiceA                                                                           77E271E9 7 Bytes  JMP 10001000 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ADVAPI32.dll!CreateServiceW                                                                           77E27381 7 Bytes  JMP 10001250 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ole32.dll!CoCreateInstanceEx                                                                          774F0526 5 Bytes  JMP 10007BD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] ole32.dll!CoGetClassObject                                                                            775056C5 5 Bytes  JMP 10007D10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] WS2_32.dll!WSASocketW                                                                                 71A5404E 7 Bytes  JMP 10001E90 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] WS2_32.dll!WSASocketA                                                                                 71A58B6A 5 Bytes  JMP 10001E70 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] SHELL32.dll!ShellExecuteExW                                                                           7CA02F03 5 Bytes  JMP 10001E10 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] SHELL32.dll!ShellExecuteEx                                                                            7CA40E25 5 Bytes  JMP 10001DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] SHELL32.dll!ShellExecuteA                                                                             7CA41150 5 Bytes  JMP 10001DB0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\WINDOWS\system32\wuauclt.exe[3800] SHELL32.dll!ShellExecuteW                                                                             7CAB5BF0 5 Bytes  JMP 10001DD0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter]                                                                         [B7E216E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter]                                                                          [B7E217B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol]                                                                   [B7E21780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol]                                                                     [B7E21740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol]                                                                    [B7E21740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter]                                                                         [B7E217B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter]                                                                        [B7E216E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol]                                                                  [B7E21780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol]                                                                    [B7E21780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol]                                                                      [B7E21740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter]                                                                           [B7E217B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter]                                                                          [B7E216E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol]                                                                     [B7E21740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol]                                                                   [B7E21780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter]                                                                         [B7E216E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter]                                                                          [B7E217B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter]                                                                           [B7E216E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter]                                                                            [B7E217B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol]                                                                       [B7E21740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol]                                                                    [B7E21780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol]                                                                      [B7E21740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter]                                                                           [B7E217B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter]                                                                          [B7E216E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol]                                                                     [B7E21740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol]                                                                   [B7E21780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter]                                                                         [B7E216E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter]                                                                          [B7E217B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW]             [00618260] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread]               [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA]           [006182B0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW]               [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA]               [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]             [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA]                 [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW]                 [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress]               [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread]                 [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA]                [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW]                [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress]              [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress]               [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA]                 [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA]             [006182B0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread]                 [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!GetProcAddress]             [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!LoadLibraryA]               [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress]               [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA]                 [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread]                 [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA]            [006182B0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA]                [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread]                [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress]              [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [GDI32.dll!DeleteObject]                   [006172F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA]            [006182B0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA]                [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW]                [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress]              [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread]                [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW]              [00618260] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA]              [00618210] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!AdjustWindowRectEx]            [00617FB0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA]                [006176D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSystemMetrics]              [00617D80] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColor]                   [006172A0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW]                [00617760] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!RegisterClassW]                [00617CC0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColorBrush]              [00617330] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!FillRect]                      [006180C0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DrawFrameControl]              [00618130] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DrawEdge]                      [00618110] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SystemParametersInfoW]         [00617EA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetScrollInfo]                 [00617520] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!CallWindowProcW]               [00617590] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetScrollInfo]                 [00617410] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHLWAPI.dll [GDI32.dll!DeleteObject]                   [006172F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA]            [006182B0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA]              [00618210] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW]              [00618260] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW]                [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread]                [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA]                [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]              [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA]                [006176D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW]                [00617760] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSysColor]                   [006172A0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!RegisterClassA]                [00617C00] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!RegisterClassW]                [00617CC0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SystemParametersInfoW]         [00617EA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CallWindowProcW]               [00617590] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CallWindowProcA]               [00617630] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSystemMetrics]              [00617D80] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\ole32.dll [GDI32.dll!DeleteObject]                     [006172F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress]                [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA]                  [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW]                  [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread]                  [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW]                [00618260] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA]                [00618210] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SystemParametersInfoW]           [00617EA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetSystemMetrics]                [00617D80] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetSysColor]                     [006172A0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!CallWindowProcW]                 [00617590] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!RegisterClassW]                  [00617CC0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW]                  [00617760] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW]               [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA]               [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress]             [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread]               [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress]              [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA]                [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA]              [00618210] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW]              [00618260] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread]                [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA]            [006182B0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\CRYPT32.dll [USER32.dll!GetSystemMetrics]              [00617D80] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA]                  [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT             C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2040] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress]                [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

---- Devices - GMER 1.0.15 ----

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                                                                      eamon.sys (Amon monitor/ESET)
AttachedDevice  \Driver\Tcpip \Device\Ip                                                                                                                    cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                                                   cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice  \Driver\Tcpip \Device\Udp                                                                                                                   cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice  \Driver\Tcpip \Device\RawIp                                                                                                                 cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                                            
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                         0xD4 0xC3 0x97 0x02 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                         0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                      0x7C 0x1A 0x96 0x88 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC.REN                                                        
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                                        
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                             0xD4 0xC3 0x97 0x02 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                             0
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                          0x7C 0x1A 0x96 0x88 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC.REN (not active ControlSet)                                    
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                                        
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                             0xD4 0xC3 0x97 0x02 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                             0
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                          0x7C 0x1A 0x96 0x88 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC.REN (not active ControlSet)                                    
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\OpenWithProgids@lŮ\x81\1\x2d9\x2d9\x2d9\16xÍS\23zÍS\23,>\xb6\0\3      
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithProgids@lŮ\x81\1\x2d9\x2d9\x2d9\16xÍS\23`Ă&\1,>\xb6\0\3       
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\OpenWithProgids@lŮ\x81\1\x2d9\x2d9\x2d9\16xÍS\23zÍS\23,>\xb6\0\3     
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\OpenWithProgids@lŮ\x81\1\x2d9\x2d9\x2d9\16xÍS\23zÍS\23,>\xb6\0\3      
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\OpenWithProgids@lŮ\x81\1\x2d9\x2d9\x2d9\16xÍS\23\x20acgP\2,>\xb6\0\3  

---- Files - GMER 1.0.15 ----

File            C:\Program Files\COMODO\COMODO Internet Security\Quarantine\exe6198.tmp                                                                     21504 bytes executable
File            C:\Program Files\COMODO\COMODO Internet Security\Quarantine\exe6198.tmp.info                                                                254 bytes
File            C:\Program Files\COMODO\COMODO Internet Security\Quarantine\is-G2R93.tmp                                                                    291840 bytes
File            C:\Program Files\COMODO\COMODO Internet Security\Quarantine\is-G2R93.tmp.info                                                               242 bytes
File            C:\Program Files\COMODO\COMODO Internet Security\Quarantine\is-T0KJ5.tmp                                                                    291840 bytes
File            C:\Program Files\COMODO\COMODO Internet Security\Quarantine\is-T0KJ5.tmp.info                                                               242 bytes
File            C:\Program Files\COMODO\COMODO Internet Security\Quarantine\is-UT04L.tmp                                                                    291840 bytes
File            C:\Program Files\COMODO\COMODO Internet Security\Quarantine\is-UT04L.tmp.info                                                               242 bytes
File            C:\Program Files\COMODO\COMODO Internet Security\Quarantine\playlist[1].exe                                                                 21504 bytes executable
File            C:\Program Files\COMODO\COMODO Internet Security\Quarantine\playlist[1].exe.info                                                            154 bytes
File            C:\WINDOWS\temp\HTTA0C.tmp                                                                                                                  2097152 bytes

---- EOF - GMER 1.0.15 ----

W temacie: Logi - Rootkit wykryty przez Combofix'a

16 05 2010 - 23:19

log cały http://wklejto.pl/67370
log usługi http://wklejto.pl/67371

W temacie: Logi - Rootkit wykryty przez Combofix'a

16 05 2010 - 22:02

ok robi się. który log przysłać ? bo ten pierwszy chyba będzie długi. czy wkleić 2 na forum ?

  1. Forum Komputerowe Tweaks.pl
  2. Przeglądanie profilu: Posty: kuba206
  3. Polityka prywatności
  4. Szukaj
  5. Regulamin Forum ·