Torna indietro   Hardware Upgrade Forum > Networking e sicurezza > Antivirus e Sicurezza > Tutorial / How-To / F.A.Q.
Ricarica la Pagina gmer e analisi dei suoi logs [tread ufficiale]

ASUS ProArt PA32UCXR: 4K, Quantum Dot e Mini-LED i per professionisti dell'immagine
ASUS ProArt PA32UCXR: 4K, Quantum Dot e Mini-LED i per professionisti dell'immagine
Un monitor veramente completo, per funzionalità e prestazioni. La presenza di un colorimetro integrato consente di agevolare le operazioni di calibrazione, anche per il mantenimento periodico delle prestazioni
HUAWEI WATCH FIT 3: lo smartwatch che ridefinisce design e fitness! Recensione
HUAWEI WATCH FIT 3: lo smartwatch che ridefinisce design e fitness! Recensione
Huawei è capace di sorprendere ancora e quest’anno lo fa con questo nuovo smartwatch WATCH FIT 3 che coniuga un design elegante e moderno con funzionalità di prim’ordine. Un mix tra smartwatch e fitness tracker con il coach animato incorporato.  
HONOR 200 Lite, lo smartphone economico per ritratti, selfie, e non solo. La recensione
HONOR 200 Lite, lo smartphone economico per ritratti, selfie, e non solo. La recensione
HONOR 200 Lite si presenta come uno smartphone completo e versatile a un prezzo molto competitivo. Caratteristiche interessanti sono il generoso display AMOLED da 2000 nits e la fotocamera principale da 108MP con tre lunghezze focali simulate per i ritratti. A coronare il pacchetto un'esperienza software completa grazie a MagicOS 8.0 e, in questo momento, una promozione lancio che permette di risparmiare 40€ sul listino ufficiale
La missione cinese Chang'e-6 è entrata in orbita lunare, ci vorrà qualche settimana per l'allunaggio
Boeing CST-100 Starliner: il lancio della navicella è stato posticipato al 18 maggio
Un'altra GPU cinese raggiunge la produzione di massa: GP201 è la nuova GeForce GT 1030
iPad Air non è più il tablet più leggero di Apple: il Pro, per assurdo, pesa meno
Minisforum AtomMan X7 Ti: il Mini PC da gaming come non l'avete mai visto
iPad Pro: i nuovi modelli hanno tantissime novità, ma ci sono anche dei passi indietro
Ecco come Cubbit DS3 ha permesso a CloudReso di migliorare la sicurezza dei dati abbattendo del 30% i costi di storage
Ring presenta Pan-Tilt Indoor Camera, la videocamera per interni con visione a 360°
Apple elimina iPad 9 dalla gamma, ma adesso iPad 10 costa molto meno
Tante novità per ho.mobile: raddoppia la banda per le offerte 4G e arrivano 5G ed eSIM
ASUS svelerà il suo primo notebook con CPU Qualcomm Snapdragon X il 20 maggio: dove vedere l'evento
Tutti gli articoli Tutte le news

Vai al Forum
Pagina 16 di 19 « Prima < 6 12 13 14 15 16 17 18 19 >
Rispondi
 
Strumenti
Old 19-03-2010, 14:43   #301
Jestat
Member
 
L'Avatar di Jestat
 
Iscritto dal: Apr 2009
Messaggi: 276
ciao,una controllata a questo notebook che ho disinfettato.....ho postato anche il log di hjt nell'apposito 3d....grazie mille

http://wikisend.com/download/456366/gmer.log
__________________


http://bassafedeltafanz.blogspot.com/ il blog della fanzine musicale
Jestat è offline   Rispondi citando il messaggio o parte di esso
Old 21-03-2010, 14:56   #302
mcgyver83
Senior Member
 
L'Avatar di mcgyver83
 
Iscritto dal: May 2003
Messaggi: 1505
Quote:
Quote:
Originariamente inviato da mcgyver83 Guarda i messaggi
Appena apro gmer su win7 ultimate mi da "c:\Windows\System32\config\SYSTEM"...
come posso risolvere?
Ribadisco

Quote:
Originariamente inviato da Chill-Out Guarda i messaggi
Senza vedere il log è difficile dare una risposta.
Che log devo allegare?
L'errore è all'avvio di gmer.
__________________
Intel e5450 |-| Dark Knight Xigmatek S1283 |-| Asus P5k SE/EPU |-| OCZ DDR2 PC2-6400 Platinum Revision 2 Dual Channel 4X1024MB 893Mhz |-| Seagate Barracuda 7200.11 500 Gb Sata 300 Buffer 32 Mb 7200 Rpm |-| Sapphire HD 6950 2GB DDR5
mcgyver83 è offline   Rispondi citando il messaggio o parte di esso
Old 23-03-2010, 08:25   #303
Jestat
Member
 
L'Avatar di Jestat
 
Iscritto dal: Apr 2009
Messaggi: 276
Quote:
Originariamente inviato da Jestat Guarda i messaggi
ciao,una controllata a questo notebook che ho disinfettato.....ho postato anche il log di hjt nell'apposito 3d....grazie mille

http://wikisend.com/download/456366/gmer.log

nessuno riesce a dargli un occhiata? grazie
__________________


http://bassafedeltafanz.blogspot.com/ il blog della fanzine musicale
Jestat è offline   Rispondi citando il messaggio o parte di esso
Old 23-03-2010, 09:21   #304
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da Jestat Guarda i messaggi
nessuno riesce a dargli un occhiata? grazie
Clean
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 23-03-2010, 10:04   #305
Jestat
Member
 
L'Avatar di Jestat
 
Iscritto dal: Apr 2009
Messaggi: 276
Quote:
Originariamente inviato da Chill-Out Guarda i messaggi
Clean
grazie mille chill
__________________


http://bassafedeltafanz.blogspot.com/ il blog della fanzine musicale
Jestat è offline   Rispondi citando il messaggio o parte di esso
Old 23-03-2010, 16:04   #306
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da Jestat Guarda i messaggi
grazie mille chill
Prego
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 08-04-2010, 12:50   #307
ivant87
Junior Member
 
Iscritto dal: Apr 2010
Messaggi: 30
Ciao, qualcuno potrebbe dare uno sguardo al mio LOG di gmer?

Anche Avira (nella scansione antirootkit approfondita) mi rileva delle voci nascoste ma poi non trova nulla di malevolo;

Invece Gmer mi allerta dicendo che trova modifiche attribuibili a modifiche da rootkits ed evidenzia in rosso dei processi (variabili in muero da 4 in su)

Le voci che mi preoccupano sono queste:
---- Processes - GMER 1.0.15 ----

Process hidden process (*** hidden *** ) 4908
Process hidden process (*** hidden *** ) 4948
Process hidden process (*** hidden *** ) 17628
Process hidden process (*** hidden *** ) 19600
Process wmpnscfg.exe (*** hidden *** ) 26248
Process hidden process (*** hidden *** ) 36456
Process hidden process (*** hidden *** ) 36484
Process hidden process (*** hidden *** ) 36512

Se qualcuno potesse dargli un'occhiata gliene sarei grato


Codice:
GMER 1.0.15.15163 - http://www.gmer.net
Rootkit scan 2010-04-08 06:47:19
Windows 6.0.6002 Service Pack 2
Running: 3zc9qcqt.exe; Driver: C:\Users\IVAN\AppData\Local\Temp\fxtdapod.sys


---- System - GMER 1.0.15 ----

SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwAdjustPrivilegesToken [0x8FB03F8E]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwAlpcConnectPort [0x8FB04F5C]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwAlpcCreatePort [0x8FB04174]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                                                                                                          ZwAssignProcessToJobObject [0x8FFF1464]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwConnectPort [0x8FB033FA]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwCreateFile [0x8FEB1952]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwCreatePort [0x8FB032DC]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwCreateSection [0x8FB03A82]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwCreateSymbolicLinkObject [0x8FB04C16]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwCreateThread [0x8FEB1158]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwDeleteKey [0x8FEB1740]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwDeleteValueKey [0x8FEB1612]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwDuplicateObject [0x8FB02CD4]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwLoadDriver [0x8FEB0F8E]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwMakeTemporaryObject [0x8FB0367E]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwMapViewOfSection [0x8FEB0D30]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwOpenFile [0x8FEB1C38]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwOpenKey [0x8FEB190C]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwOpenProcess [0x8FEB127A]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwOpenSection [0x8FEB13E0]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwOpenThread [0x8FEB132A]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                                                                                                          ZwProtectVirtualMemory [0x8FFF152A]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwQueueApcThread [0x8FEB1208]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwRequestWaitReplyPort [0x8FB053C6]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwSecureConnectPort [0x8FEB1D66]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwSetContextThread [0x8FEB0CC2]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwSetSystemInformation [0x8FEB10EA]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwSetValueKey [0x8FEB180C]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwShutdownSystem [0x8FB03618]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwSystemDebugControl [0x8FB03802]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwTerminateProcess [0x8FEB14F8]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                                                                                                          ZwTerminateThread [0x8FFF15AE]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwWriteVirtualMemory [0x8FEB0BF4]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwCreateThreadEx [0x8FB04280]

Code            89A21B0C                                                                                                                                                                                        ZwTraceEvent
Code            89A21B0B                                                                                                                                                                                        NtTraceEvent

---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!NtTraceEvent                                                                                                                                                                       82472376 5 Bytes  JMP 89A21B10 
.text           ntkrnlpa.exe!KeSetEvent + 119                                                                                                                                                                   824F387C 4 Bytes  [8E, 3F, B0, 8F]
.text           ntkrnlpa.exe!KeSetEvent + 13D                                                                                                                                                                   824F38A0 8 Bytes  [5C, 4F, B0, 8F, 74, 41, B0, ...] {POP ESP; DEC EDI; MOV AL, 0x8f; JZ 0x47; MOV AL, 0x8f}
.text           ntkrnlpa.exe!KeSetEvent + 191                                                                                                                                                                   824F38F4 4 Bytes  [64, 14, FF, 8F]
.text           ntkrnlpa.exe!KeSetEvent + 1C1                                                                                                                                                                   824F3924 4 Bytes  [FA, 33, B0, 8F]
.text           ntkrnlpa.exe!KeSetEvent + 1D9                                                                                                                                                                   824F393C 4 Bytes  [52, 19, EB, 8F]
.text           ...                                                                                                                                                                                             
PAGE            ntkrnlpa.exe!NtRequestPort + 2                                                                                                                                                                  82652E5A 5 Bytes  JMP 89A21BB0 
PAGE            ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 2                                                                                                                                                      826843DB 5 Bytes  JMP 89A21CF0 
?               C:\Users\IVAN\AppData\Local\Temp\aswArKrn.sys                                                                                                                                                   Impossibile trovare il file specificato. !

---- User code sections - GMER 1.0.15 ----

.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!LdrLoadDll                                                                                                                                       77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!LdrUnloadDll                                                                                                                                     77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!LdrGetProcedureAddress                                                                                                                           77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtAllocateVirtualMemory                                                                                                                          77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtClose                                                                                                                                          77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtCreateFile                                                                                                                                     77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtCreateProcess                                                                                                                                  77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtCreateProcessEx                                                                                                                                77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtDeleteFile                                                                                                                                     77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtFreeVirtualMemory                                                                                                                              77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtLoadDriver                                                                                                                                     77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtOpenFile                                                                                                                                       77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtProtectVirtualMemory                                                                                                                           77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtSetInformationProcess                                                                                                                          77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtUnloadDriver                                                                                                                                   77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtWriteVirtualMemory                                                                                                                             77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtCreateUserProcess                                                                                                                              77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!RtlAllocateHeap                                                                                                                                  77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!CreateProcessW                                                                                                                                76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!CreateProcessA                                                                                                                                76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!VirtualProtect                                                                                                                                76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!OpenFile                                                                                                                                      7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!MoveFileW                                                                                                                                     7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!CopyFileExW                                                                                                                                   76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!CopyFileW                                                                                                                                     76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!DeleteFileW                                                                                                                                   7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!DeleteFileA                                                                                                                                   7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!MoveFileWithProgressW                                                                                                                         762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!MoveFileExW                                                                                                                                   762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!LoadLibraryExW                                                                                                                                76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!LoadLibraryW                                                                                                                                  76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!LoadLibraryExA                                                                                                                                762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!LoadLibraryA                                                                                                                                  762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!GetProcAddress                                                                                                                                7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!GetModuleHandleA                                                                                                                              762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!GetModuleHandleW                                                                                                                              7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!CreateFileW                                                                                                                                   7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!CreateFileA                                                                                                                                   7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!MoveFileExA                                                                                                                                   76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!MoveFileWithProgressA                                                                                                                         76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!CopyFileA                                                                                                                                     76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!MoveFileA                                                                                                                                     762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!CopyFileExA                                                                                                                                   762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!WinExec                                                                                                                                       762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!LoadModule                                                                                                                                    762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ADVAPI32.dll!OpenServiceA                                                                                                                                  77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ADVAPI32.dll!OpenServiceW                                                                                                                                  77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ADVAPI32.dll!CreateServiceW                                                                                                                                77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ADVAPI32.dll!CreateServiceA                                                                                                                                77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] USER32.dll!EndTask                                                                                                                                         7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] SHELL32.dll!ShellExecuteW                                                                                                                                  764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] SHELL32.dll!ShellExecuteExW                                                                                                                                7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] SHELL32.dll!ShellExecuteEx                                                                                                                                 766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] SHELL32.dll!ShellExecuteA                                                                                                                                  766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ole32.dll!CoGetClassObject                                                                                                                                 7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ole32.dll!CoCreateInstanceEx                                                                                                                               76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!LdrLoadDll                                                                                                                                       77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!LdrUnloadDll                                                                                                                                     77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!LdrGetProcedureAddress                                                                                                                           77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtAllocateVirtualMemory                                                                                                                          77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtClose                                                                                                                                          77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtCreateFile                                                                                                                                     77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtCreateProcess                                                                                                                                  77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtCreateProcessEx                                                                                                                                77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtDeleteFile                                                                                                                                     77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtFreeVirtualMemory                                                                                                                              77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtLoadDriver                                                                                                                                     77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtOpenFile                                                                                                                                       77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtProtectVirtualMemory                                                                                                                           77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtSetInformationProcess                                                                                                                          77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtUnloadDriver                                                                                                                                   77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtWriteVirtualMemory                                                                                                                             77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtCreateUserProcess                                                                                                                              77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!RtlAllocateHeap                                                                                                                                  77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!CreateProcessW                                                                                                                                76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!CreateProcessA                                                                                                                                76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!VirtualProtect                                                                                                                                76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!OpenFile                                                                                                                                      7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!MoveFileW                                                                                                                                     7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!CopyFileExW                                                                                                                                   76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!CopyFileW                                                                                                                                     76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!DeleteFileW                                                                                                                                   7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!DeleteFileA                                                                                                                                   7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!MoveFileWithProgressW                                                                                                                         762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!MoveFileExW                                                                                                                                   762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!LoadLibraryExW                                                                                                                                76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!LoadLibraryW                                                                                                                                  76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!LoadLibraryExA                                                                                                                                762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!LoadLibraryA                                                                                                                                  762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!GetProcAddress                                                                                                                                7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!GetModuleHandleA                                                                                                                              762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!GetModuleHandleW                                                                                                                              7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!CreateFileW                                                                                                                                   7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!CreateFileA                                                                                                                                   7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!MoveFileExA                                                                                                                                   76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!MoveFileWithProgressA                                                                                                                         76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!CopyFileA                                                                                                                                     76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!MoveFileA                                                                                                                                     762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!CopyFileExA                                                                                                                                   762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!WinExec                                                                                                                                       762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!LoadModule                                                                                                                                    762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ADVAPI32.dll!OpenServiceA                                                                                                                                  77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ADVAPI32.dll!OpenServiceW                                                                                                                                  77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ADVAPI32.dll!CreateServiceW                                                                                                                                77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ADVAPI32.dll!CreateServiceA                                                                                                                                77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] USER32.dll!EndTask                                                                                                                                         7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] WS2_32.dll!WSASocketW                                                                                                                                      77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] WS2_32.dll!WSASocketA                                                                                                                                      77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ole32.dll!CoGetClassObject                                                                                                                                 7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ole32.dll!CoCreateInstanceEx                                                                                                                               76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!LdrLoadDll                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!LdrUnloadDll                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!LdrGetProcedureAddress                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtAllocateVirtualMemory                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtClose                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtCreateFile                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtCreateProcess                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtCreateProcessEx                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtDeleteFile                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtFreeVirtualMemory                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtLoadDriver                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtOpenFile                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtProtectVirtualMemory                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtSetInformationProcess                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtUnloadDriver                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtWriteVirtualMemory                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtCreateUserProcess                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!RtlAllocateHeap                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!CreateProcessW                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!CreateProcessA                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!VirtualProtect                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!OpenFile                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!MoveFileW                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!CopyFileExW                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!CopyFileW                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!DeleteFileW                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!DeleteFileA                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!MoveFileWithProgressW                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!MoveFileExW                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!LoadLibraryExW                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!LoadLibraryW                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!LoadLibraryExA                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!LoadLibraryA                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!GetProcAddress                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!GetModuleHandleA                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!GetModuleHandleW                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!CreateFileW                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!CreateFileA                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!MoveFileExA                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!MoveFileWithProgressA                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!CopyFileA                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!MoveFileA                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!CopyFileExA                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!WinExec                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!LoadModule                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ADVAPI32.dll!OpenServiceA                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ADVAPI32.dll!OpenServiceW                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ADVAPI32.dll!CreateServiceW                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ADVAPI32.dll!CreateServiceA                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] WS2_32.dll!WSASocketW                                                                                                                     77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] WS2_32.dll!WSASocketA                                                                                                                     77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] USER32.dll!EndTask                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] SHELL32.dll!ShellExecuteW                                                                                                                 764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] SHELL32.dll!ShellExecuteExW                                                                                                               7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] SHELL32.dll!ShellExecuteEx                                                                                                                766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] SHELL32.dll!ShellExecuteA                                                                                                                 766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!LdrLoadDll                                                                                                                                       77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!LdrUnloadDll                                                                                                                                     77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!LdrGetProcedureAddress                                                                                                                           77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtAllocateVirtualMemory                                                                                                                          77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtClose                                                                                                                                          77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtCreateFile                                                                                                                                     77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtCreateProcess                                                                                                                                  77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtCreateProcessEx                                                                                                                                77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtDeleteFile                                                                                                                                     77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtFreeVirtualMemory                                                                                                                              77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtLoadDriver                                                                                                                                     77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtOpenFile                                                                                                                                       77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtProtectVirtualMemory                                                                                                                           77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtSetInformationProcess                                                                                                                          77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtUnloadDriver                                                                                                                                   77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtWriteVirtualMemory                                                                                                                             77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtCreateUserProcess                                                                                                                              77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!RtlAllocateHeap                                                                                                                                  77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!CreateProcessW                                                                                                                                76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!CreateProcessA                                                                                                                                76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!VirtualProtect                                                                                                                                76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!OpenFile                                                                                                                                      7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!MoveFileW                                                                                                                                     7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!CopyFileExW                                                                                                                                   76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!CopyFileW                                                                                                                                     76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!DeleteFileW                                                                                                                                   7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!DeleteFileA                                                                                                                                   7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!MoveFileWithProgressW                                                                                                                         762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!MoveFileExW                                                                                                                                   762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!LoadLibraryExW                                                                                                                                76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!LoadLibraryW                                                                                                                                  76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!LoadLibraryExA                                                                                                                                762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!LoadLibraryA                                                                                                                                  762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!GetProcAddress                                                                                                                                7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!GetModuleHandleA                                                                                                                              762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!GetModuleHandleW                                                                                                                              7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!CreateFileW                                                                                                                                   7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!CreateFileA                                                                                                                                   7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!MoveFileExA                                                                                                                                   76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!MoveFileWithProgressA                                                                                                                         76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!CopyFileA                                                                                                                                     76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!MoveFileA                                                                                                                                     762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!CopyFileExA                                                                                                                                   762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!WinExec                                                                                                                                       762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!LoadModule                                                                                                                                    762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ADVAPI32.dll!OpenServiceA                                                                                                                                  77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ADVAPI32.dll!OpenServiceW                                                                                                                                  77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ADVAPI32.dll!CreateServiceW                                                                                                                                77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ADVAPI32.dll!CreateServiceA                                                                                                                                77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] USER32.dll!EndTask                                                                                                                                         7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] WS2_32.dll!WSASocketW                                                                                                                                      77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] WS2_32.dll!WSASocketA                                                                                                                                      77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!LdrLoadDll                                                                                                                                         77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!LdrUnloadDll                                                                                                                                       77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!LdrGetProcedureAddress                                                                                                                             77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtAllocateVirtualMemory                                                                                                                            77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtClose                                                                                                                                            77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtCreateFile                                                                                                                                       77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtCreateProcess                                                                                                                                    77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtCreateProcessEx                                                                                                                                  77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtDeleteFile                                                                                                                                       77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtFreeVirtualMemory                                                                                                                                77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtLoadDriver                                                                                                                                       77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtOpenFile                                                                                                                                         77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtProtectVirtualMemory                                                                                                                             77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtSetInformationProcess                                                                                                                            77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtUnloadDriver                                                                                                                                     77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtWriteVirtualMemory                                                                                                                               77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtCreateUserProcess                                                                                                                                77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!RtlAllocateHeap                                                                                                                                    77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!CreateProcessW                                                                                                                                  76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!CreateProcessA                                                                                                                                  76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!VirtualProtect                                                                                                                                  76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!OpenFile                                                                                                                                        7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!MoveFileW                                                                                                                                       7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!CopyFileExW                                                                                                                                     76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!CopyFileW                                                                                                                                       76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!DeleteFileW                                                                                                                                     7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!DeleteFileA                                                                                                                                     7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!MoveFileWithProgressW                                                                                                                           762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!MoveFileExW                                                                                                                                     762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!LoadLibraryExW                                                                                                                                  76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!LoadLibraryW                                                                                                                                    76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!LoadLibraryExA                                                                                                                                  762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!LoadLibraryA                                                                                                                                    762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!GetProcAddress                                                                                                                                  7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!GetModuleHandleA                                                                                                                                762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!GetModuleHandleW                                                                                                                                7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!CreateFileW                                                                                                                                     7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!CreateFileA                                                                                                                                     7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!MoveFileExA                                                                                                                                     76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!MoveFileWithProgressA                                                                                                                           76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!CopyFileA                                                                                                                                       76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!MoveFileA                                                                                                                                       762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!CopyFileExA                                                                                                                                     762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!WinExec                                                                                                                                         762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!LoadModule                                                                                                                                      762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ADVAPI32.dll!OpenServiceA                                                                                                                                    77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ADVAPI32.dll!OpenServiceW                                                                                                                                    77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ADVAPI32.dll!CreateServiceW                                                                                                                                  77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ADVAPI32.dll!CreateServiceA                                                                                                                                  77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] USER32.dll!EndTask                                                                                                                                           7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] WS2_32.dll!WSASocketW                                                                                                                                        77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] WS2_32.dll!WSASocketA                                                                                                                                        77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!LdrLoadDll                                                                                                                                           77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!LdrUnloadDll                                                                                                                                         77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!LdrGetProcedureAddress                                                                                                                               77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtAllocateVirtualMemory                                                                                                                              77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtClose                                                                                                                                              77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtCreateFile                                                                                                                                         77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtCreateProcess                                                                                                                                      77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtCreateProcessEx                                                                                                                                    77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtDeleteFile                                                                                                                                         77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtFreeVirtualMemory                                                                                                                                  77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtLoadDriver                                                                                                                                         77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtOpenFile                                                                                                                                           77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtProtectVirtualMemory                                                                                                                               77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtSetInformationProcess                                                                                                                              77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtUnloadDriver                                                                                                                                       77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtWriteVirtualMemory                                                                                                                                 77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtCreateUserProcess                                                                                                                                  77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!RtlAllocateHeap                                                                                                                                      77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!CreateProcessW                                                                                                                                    76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!CreateProcessA                                                                                                                                    76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!VirtualProtect                                                                                                                                    76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!OpenFile                                                                                                                                          7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!MoveFileW                                                                                                                                         7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!CopyFileExW                                                                                                                                       76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!CopyFileW                                                                                                                                         76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!DeleteFileW                                                                                                                                       7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!DeleteFileA                                                                                                                                       7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!MoveFileWithProgressW                                                                                                                             762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!MoveFileExW                                                                                                                                       762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!LoadLibraryExW                                                                                                                                    76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!LoadLibraryW                                                                                                                                      76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!LoadLibraryExA                                                                                                                                    762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!LoadLibraryA                                                                                                                                      762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!GetProcAddress                                                                                                                                    7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!GetModuleHandleA                                                                                                                                  762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!GetModuleHandleW                                                                                                                                  7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!CreateFileW                                                                                                                                       7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!CreateFileA                                                                                                                                       7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!MoveFileExA                                                                                                                                       76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!MoveFileWithProgressA                                                                                                                             76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!CopyFileA                                                                                                                                         76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!MoveFileA                                                                                                                                         762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!CopyFileExA                                                                                                                                       762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!WinExec                                                                                                                                           762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!LoadModule                                                                                                                                        762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ADVAPI32.dll!OpenServiceA                                                                                                                                      77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ADVAPI32.dll!OpenServiceW                                                                                                                                      77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ADVAPI32.dll!CreateServiceW                                                                                                                                    77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ADVAPI32.dll!CreateServiceA                                                                                                                                    77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] USER32.dll!EndTask                                                                                                                                             7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!LdrLoadDll                                                                                                                                       77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!LdrUnloadDll                                                                                                                                     77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!LdrGetProcedureAddress                                                                                                                           77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtAllocateVirtualMemory                                                                                                                          77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtClose                                                                                                                                          77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtCreateFile                                                                                                                                     77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtCreateProcess                                                                                                                                  77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtCreateProcessEx                                                                                                                                77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtDeleteFile                                                                                                                                     77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtFreeVirtualMemory                                                                                                                              77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtLoadDriver                                                                                                                                     77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtOpenFile                                                                                                                                       77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtProtectVirtualMemory                                                                                                                           77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtSetInformationProcess                                                                                                                          77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtUnloadDriver                                                                                                                                   77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtWriteVirtualMemory                                                                                                                             77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtCreateUserProcess                                                                                                                              77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!RtlAllocateHeap                                                                                                                                  77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!CreateProcessW                                                                                                                                76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!CreateProcessA                                                                                                                                76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!VirtualProtect                                                                                                                                76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!OpenFile                                                                                                                                      7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!MoveFileW                                                                                                                                     7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!CopyFileExW                                                                                                                                   76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!CopyFileW                                                                                                                                     76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!DeleteFileW                                                                                                                                   7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!DeleteFileA                                                                                                                                   7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!MoveFileWithProgressW                                                                                                                         762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!MoveFileExW                                                                                                                                   762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!LoadLibraryExW                                                                                                                                76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!LoadLibraryW                                                                                                                                  76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!LoadLibraryExA                                                                                                                                762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!LoadLibraryA                                                                                                                                  762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!GetProcAddress                                                                                                                                7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!GetModuleHandleA                                                                                                                              762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!GetModuleHandleW                                                                                                                              7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!CreateFileW                                                                                                                                   7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!CreateFileA                                                                                                                                   7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!MoveFileExA                                                                                                                                   76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!MoveFileWithProgressA                                                                                                                         76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!CopyFileA                                                                                                                                     76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!MoveFileA                                                                                                                                     762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!CopyFileExA                                                                                                                                   762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!WinExec                                                                                                                                       762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!LoadModule                                                                                                                                    762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ADVAPI32.dll!OpenServiceA                                                                                                                                  77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ADVAPI32.dll!OpenServiceW                                                                                                                                  77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ADVAPI32.dll!CreateServiceW                                                                                                                                77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ADVAPI32.dll!CreateServiceA                                                                                                                                77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] USER32.dll!EndTask                                                                                                                                         7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] SHELL32.dll!ShellExecuteW                                                                                                                                  764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] SHELL32.dll!ShellExecuteExW                                                                                                                                7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] SHELL32.dll!ShellExecuteEx                                                                                                                                 766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] SHELL32.dll!ShellExecuteA                                                                                                                                  766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!LdrLoadDll                                                                                                                                       77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!LdrUnloadDll                                                                                                                                     77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!LdrGetProcedureAddress                                                                                                                           77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtAllocateVirtualMemory                                                                                                                          77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtClose                                                                                                                                          77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtCreateFile                                                                                                                                     77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtCreateProcess                                                                                                                                  77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtCreateProcessEx                                                                                                                                77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtDeleteFile                                                                                                                                     77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtFreeVirtualMemory                                                                                                                              77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtLoadDriver                                                                                                                                     77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtOpenFile                                                                                                                                       77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtProtectVirtualMemory                                                                                                                           77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtSetInformationProcess                                                                                                                          77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtUnloadDriver                                                                                                                                   77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtWriteVirtualMemory                                                                                                                             77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtCreateUserProcess                                                                                                                              77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!RtlAllocateHeap                                                                                                                                  77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!CreateProcessW                                                                                                                                76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!CreateProcessA                                                                                                                                76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!VirtualProtect                                                                                                                                76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!OpenFile                                                                                                                                      7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!MoveFileW                                                                                                                                     7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!CopyFileExW                                                                                                                                   76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!CopyFileW                                                                                                                                     76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!DeleteFileW                                                                                                                                   7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!DeleteFileA                                                                                                                                   7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!MoveFileWithProgressW                                                                                                                         762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!MoveFileExW                                                                                                                                   762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!LoadLibraryExW                                                                                                                                76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!LoadLibraryW                                                                                                                                  76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!LoadLibraryExA                                                                                                                                762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!LoadLibraryA                                                                                                                                  762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!GetProcAddress                                                                                                                                7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!GetModuleHandleA                                                                                                                              762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!GetModuleHandleW                                                                                                                              7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!CreateFileW                                                                                                                                   7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!CreateFileA                                                                                                                                   7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!MoveFileExA                                                                                                                                   76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!MoveFileWithProgressA                                                                                                                         76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!CopyFileA                                                                                                                                     76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!MoveFileA                                                                                                                                     762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!CopyFileExA                                                                                                                                   762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!WinExec                                                                                                                                       762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!LoadModule                                                                                                                                    762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] USER32.dll!EndTask                                                                                                                                         7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ADVAPI32.dll!OpenServiceA                                                                                                                                  77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ADVAPI32.dll!OpenServiceW                                                                                                                                  77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ADVAPI32.dll!CreateServiceW                                                                                                                                77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ADVAPI32.dll!CreateServiceA                                                                                                                                77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] SHELL32.dll!ShellExecuteW                                                                                                                                  764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] SHELL32.dll!ShellExecuteExW                                                                                                                                7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] SHELL32.dll!ShellExecuteEx                                                                                                                                 766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] SHELL32.dll!ShellExecuteA                                                                                                                                  766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] WS2_32.dll!WSASocketW                                                                                                                                     77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] WS2_32.dll!WSASocketA                                                                                                                                     77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe[1120] ntdll.dll!NtAllocateVirtualMemory                                                                                           77BA4134 5 Bytes  JMP 0040FD50 C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] WS2_32.dll!WSASocketW                                                                                                                                     77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] WS2_32.dll!WSASocketA                                                                                                                                     77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] SHELL32.dll!ShellExecuteW                                                                                                                                 764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] SHELL32.dll!ShellExecuteExW                                                                                                                               7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] SHELL32.dll!ShellExecuteEx                                                                                                                                766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] SHELL32.dll!ShellExecuteA                                                                                                                                 766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] WS2_32.dll!WSASocketW                                                                                                                                     77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] WS2_32.dll!WSASocketA                                                                                                                                     77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] shell32.dll!ShellExecuteW                                                                                                                                 764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] shell32.dll!ShellExecuteExW                                                                                                                               7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] shell32.dll!ShellExecuteEx                                                                                                                                766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] shell32.dll!ShellExecuteA                                                                                                                                 766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] WS2_32.dll!WSASocketW                                                                                                                                     77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] WS2_32.dll!WSASocketA                                                                                                                                     77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] WS2_32.dll!WSASocketW                                                                                                                                     77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] WS2_32.dll!WSASocketA                                                                                                                                     77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!LdrLoadDll                                                                                                                   77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!LdrUnloadDll                                                                                                                 77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!LdrGetProcedureAddress                                                                                                       77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtAllocateVirtualMemory                                                                                                      77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtClose                                                                                                                      77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtCreateFile                                                                                                                 77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtCreateProcess                                                                                                              77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtCreateProcessEx                                                                                                            77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtDeleteFile                                                                                                                 77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtFreeVirtualMemory                                                                                                          77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtLoadDriver                                                                                                                 77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtOpenFile                                                                                                                   77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtProtectVirtualMemory                                                                                                       77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtSetInformationProcess                                                                                                      77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtUnloadDriver                                                                                                               77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtWriteVirtualMemory                                                                                                         77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtCreateUserProcess                                                                                                          77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!RtlAllocateHeap                                                                                                              77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!CreateProcessW                                                                                                            76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!CreateProcessA                                                                                                            76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!VirtualProtect                                                                                                            76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!OpenFile                                                                                                                  7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!MoveFileW                                                                                                                 7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!CopyFileExW                                                                                                               76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!CopyFileW                                                                                                                 76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!DeleteFileW                                                                                                               7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!DeleteFileA                                                                                                               7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!MoveFileWithProgressW                                                                                                     762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!MoveFileExW                                                                                                               762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!LoadLibraryExW                                                                                                            76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!LoadLibraryW                                                                                                              76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!LoadLibraryExA                                                                                                            762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!LoadLibraryA                                                                                                              762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!GetProcAddress                                                                                                            7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!GetModuleHandleA                                                                                                          762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!GetModuleHandleW                                                                                                          7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!CreateFileW                                                                                                               7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!CreateFileA                                                                                                               7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!MoveFileExA                                                                                                               76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!MoveFileWithProgressA                                                                                                     76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!CopyFileA                                                                                                                 76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!MoveFileA                                                                                                                 762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!CopyFileExA                                                                                                               762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!WinExec                                                                                                                   762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!LoadModule                                                                                                                762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ADVAPI32.dll!OpenServiceA                                                                                                              77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ADVAPI32.dll!OpenServiceW                                                                                                              77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ADVAPI32.dll!CreateServiceW                                                                                                            77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ADVAPI32.dll!CreateServiceA                                                                                                            77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] USER32.dll!EndTask                                                                                                                     7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ole32.dll!CoGetClassObject                                                                                                             7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ole32.dll!CoCreateInstanceEx                                                                                                           76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] shell32.dll!ShellExecuteW                                                                                                              764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] shell32.dll!ShellExecuteExW                                                                                                            7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] shell32.dll!ShellExecuteEx                                                                                                             766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] shell32.dll!ShellExecuteA                                                                                                              766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!LdrLoadDll                                                                                                                  77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!LdrUnloadDll                                                                                                                77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!LdrGetProcedureAddress                                                                                                      77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtAllocateVirtualMemory                                                                                                     77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtClose                                                                                                                     77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtCreateFile                                                                                                                77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtCreateProcess                                                                                                             77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtCreateProcessEx                                                                                                           77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtDeleteFile                                                                                                                77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtFreeVirtualMemory                                                                                                         77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtLoadDriver                                                                                                                77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtOpenFile                                                                                                                  77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtProtectVirtualMemory                                                                                                      77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtSetInformationProcess                                                                                                     77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtUnloadDriver                                                                                                              77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtWriteVirtualMemory                                                                                                        77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtCreateUserProcess                                                                                                         77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!RtlAllocateHeap                                                                                                             77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!CreateProcessW                                                                                                           76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!CreateProcessA                                                                                                           76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!VirtualProtect                                                                                                           76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!OpenFile                                                                                                                 7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!MoveFileW                                                                                                                7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!CopyFileExW                                                                                                              76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!CopyFileW                                                                                                                76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!DeleteFileW                                                                                                              7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!DeleteFileA                                                                                                              7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!MoveFileWithProgressW                                                                                                    762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!MoveFileExW                                                                                                              762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!LoadLibraryExW                                                                                                           76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!LoadLibraryW                                                                                                             76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!LoadLibraryExA                                                                                                           762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!LoadLibraryA                                                                                                             762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!GetProcAddress                                                                                                           7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!GetModuleHandleA                                                                                                         762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!GetModuleHandleW                                                                                                         7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!CreateFileW                                                                                                              7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!CreateFileA                                                                                                              7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!MoveFileExA                                                                                                              76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!MoveFileWithProgressA                                                                                                    76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!CopyFileA                                                                                                                76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!MoveFileA                                                                                                                762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!CopyFileExA                                                                                                              762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!WinExec                                                                                                                  762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!LoadModule                                                                                                               762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] WS2_32.dll!WSASocketW                                                                                                                 77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] WS2_32.dll!WSASocketA                                                                                                                 77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ADVAPI32.dll!OpenServiceA                                                                                                             77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ADVAPI32.dll!OpenServiceW                                                                                                             77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ADVAPI32.dll!CreateServiceW                                                                                                           77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ADVAPI32.dll!CreateServiceA                                                                                                           77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ole32.dll!CoGetClassObject                                                                                                            7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ole32.dll!CoCreateInstanceEx                                                                                                          76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] USER32.dll!EndTask                                                                                                                    7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] SHELL32.dll!ShellExecuteW                                                                                                             764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] SHELL32.dll!ShellExecuteExW                                                                                                           7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] SHELL32.dll!ShellExecuteEx                                                                                                            766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] SHELL32.dll!ShellExecuteA                                                                                                             766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] WS2_32.dll!WSASocketW                                                                                                                                     77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] WS2_32.dll!WSASocketA                                                                                                                                     77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!LdrLoadDll                                                                                                                                     77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!LdrUnloadDll                                                                                                                                   77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!LdrGetProcedureAddress                                                                                                                         77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtAllocateVirtualMemory                                                                                                                        77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtClose                                                                                                                                        77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtCreateFile                                                                                                                                   77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtCreateProcess                                                                                                                                77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtCreateProcessEx                                                                                                                              77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtDeleteFile                                                                                                                                   77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtFreeVirtualMemory                                                                                                                            77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtLoadDriver                                                                                                                                   77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtOpenFile                                                                                                                                     77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtProtectVirtualMemory                                                                                                                         77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtSetInformationProcess                                                                                                                        77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtUnloadDriver                                                                                                                                 77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtWriteVirtualMemory                                                                                                                           77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtCreateUserProcess                                                                                                                            77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!RtlAllocateHeap                                                                                                                                77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!CreateProcessW                                                                                                                              76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!CreateProcessA                                                                                                                              76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!VirtualProtect                                                                                                                              76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!OpenFile                                                                                                                                    7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!MoveFileW                                                                                                                                   7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!CopyFileExW                                                                                                                                 76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!CopyFileW                                                                                                                                   76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!DeleteFileW                                                                                                                                 7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!DeleteFileA                                                                                                                                 7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!MoveFileWithProgressW                                                                                                                       762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!MoveFileExW                                                                                                                                 762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!LoadLibraryExW                                                                                                                              76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!LoadLibraryW                                                                                                                                76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!LoadLibraryExA                                                                                                                              762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!LoadLibraryA                                                                                                                                762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!GetModuleHandleA                                                                                                                            762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!GetModuleHandleW                                                                                                                            7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!CreateFileW                                                                                                                                 7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!CreateFileA                                                                                                                                 7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!MoveFileExA                                                                                                                                 76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!MoveFileWithProgressA                                                                                                                       76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!CopyFileA                                                                                                                                   76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!MoveFileA                                                                                                                                   762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!CopyFileExA                                                                                                                                 762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!WinExec                                                                                                                                     762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!LoadModule                                                                                                                                  762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] USER32.dll!EndTask                                                                                                                                       7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ADVAPI32.dll!OpenServiceA                                                                                                                                77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ADVAPI32.dll!OpenServiceW                                                                                                                                77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ADVAPI32.dll!CreateServiceW                                                                                                                              77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ADVAPI32.dll!CreateServiceA                                                                                                                              77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] SHELL32.dll!ShellExecuteW                                                                                                                                764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] SHELL32.dll!ShellExecuteExW                                                                                                                              7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] SHELL32.dll!ShellExecuteEx                                                                                                                               766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] SHELL32.dll!ShellExecuteA                                                                                                                                766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ole32.dll!CoGetClassObject                                                                                                                               7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ole32.dll!CoCreateInstanceEx                                                                                                                             76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] WS2_32.dll!WSASocketW                                                                                                                                     77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] WS2_32.dll!WSASocketA                                                                                                                                     77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] shell32.dll!ShellExecuteW                                                                                                                                 764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] shell32.dll!ShellExecuteExW                                                                                                                               7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] shell32.dll!ShellExecuteEx                                                                                                                                766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] shell32.dll!ShellExecuteA                                                                                                                                 766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] WinInet.dll!InternetConnectA                                                                                                                              7744DEAE 5 Bytes  JMP 10001E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] WinInet.dll!InternetConnectW                                                                                                                              7744F862 5 Bytes  JMP 10001E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!LdrLoadDll                                                                                                                                77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!LdrUnloadDll                                                                                                                              77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!LdrGetProcedureAddress                                                                                                                    77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtAllocateVirtualMemory                                                                                                                   77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtClose                                                                                                                                   77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtCreateFile                                                                                                                              77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtCreateProcess                                                                                                                           77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtCreateProcessEx                                                                                                                         77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtDeleteFile                                                                                                                              77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtFreeVirtualMemory                                                                                                                       77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtLoadDriver                                                                                                                              77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtOpenFile                                                                                                                                77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtProtectVirtualMemory                                                                                                                    77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtSetInformationProcess                                                                                                                   77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtUnloadDriver                                                                                                                            77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtWriteVirtualMemory                                                                                                                      77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtCreateUserProcess                                                                                                                       77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!RtlAllocateHeap                                                                                                                           77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!CreateProcessW                                                                                                                         76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!CreateProcessA                                                                                                                         76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!VirtualProtect                                                                                                                         76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!OpenFile                                                                                                                               7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!MoveFileW                                                                                                                              7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!CopyFileExW                                                                                                                            76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!CopyFileW                                                                                                                              76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!DeleteFileW                                                                                                                            7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!DeleteFileA                                                                                                                            7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!MoveFileWithProgressW                                                                                                                  762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!MoveFileExW                                                                                                                            762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!LoadLibraryExW                                                                                                                         76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!LoadLibraryW                                                                                                                           76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!LoadLibraryExA                                                                                                                         762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!LoadLibraryA                                                                                                                           762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!GetProcAddress                                                                                                                         7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!GetModuleHandleA                                                                                                                       762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!GetModuleHandleW                                                                                                                       7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!CreateFileW                                                                                                                            7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!CreateFileA                                                                                                                            7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!MoveFileExA                                                                                                                            76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!MoveFileWithProgressA                                                                                                                  76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!CopyFileA                                                                                                                              76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!MoveFileA                                                                                                                              762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!CopyFileExA                                                                                                                            762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!WinExec                                                                                                                                762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!LoadModule                                                                                                                             762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ADVAPI32.dll!OpenServiceA                                                                                                                           77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ADVAPI32.dll!OpenServiceW                                                                                                                           77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ADVAPI32.dll!CreateServiceW                                                                                                                         77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ADVAPI32.dll!CreateServiceA                                                                                                                         77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] USER32.dll!EndTask                                                                                                                                  7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ole32.dll!CoGetClassObject                                                                                                                          7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ole32.dll!CoCreateInstanceEx                                                                                                                        76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] WS2_32.dll!WSASocketW                                                                                                                               77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] WS2_32.dll!WSASocketA                                                                                                                               77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!LdrLoadDll                                                                                                                                          77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!LdrUnloadDll                                                                                                                                        77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!LdrGetProcedureAddress                                                                                                                              77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtAllocateVirtualMemory                                                                                                                             77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtClose                                                                                                                                             77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtCreateFile                                                                                                                                        77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtCreateProcess                                                                                                                                     77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtCreateProcessEx                                                                                                                                   77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtDeleteFile                                                                                                                                        77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtFreeVirtualMemory                                                                                                                                 77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtLoadDriver                                                                                                                                        77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtOpenFile                                                                                                                                          77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtProtectVirtualMemory                                                                                                                              77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtSetInformationProcess                                                                                                                             77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtUnloadDriver                                                                                                                                      77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtWriteVirtualMemory                                                                                                                                77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtCreateUserProcess                                                                                                                                 77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!RtlAllocateHeap                                                                                                                                     77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!CreateProcessW                                                                                                                                   76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!CreateProcessA                                                                                                                                   76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!VirtualProtect                                                                                                                                   76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!OpenFile                                                                                                                                         7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!MoveFileW                                                                                                                                        7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!CopyFileExW                                                                                                                                      76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!CopyFileW                                                                                                                                        76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!DeleteFileW                                                                                                                                      7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!DeleteFileA                                                                                                                                      7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!MoveFileWithProgressW                                                                                                                            762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!MoveFileExW                                                                                                                                      762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!LoadLibraryExW                                                                                                                                   76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!LoadLibraryW                                                                                                                                     76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!LoadLibraryExA                                                                                                                                   762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!LoadLibraryA                                                                                                                                     762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!GetProcAddress                                                                                                                                   7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!GetModuleHandleA                                                                                                                                 762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!GetModuleHandleW                                                                                                                                 7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!CreateFileW                                                                                                                                      7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!CreateFileA                                                                                                                                      7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!MoveFileExA                                                                                                                                      76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!MoveFileWithProgressA                                                                                                                            76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!CopyFileA                                                                                                                                        76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!MoveFileA                                                                                                                                        762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!CopyFileExA                                                                                                                                      762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!WinExec                                                                                                                                          762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!LoadModule                                                                                                                                       762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ADVAPI32.dll!OpenServiceA                                                                                                                                     77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ADVAPI32.dll!OpenServiceW                                                                                                                                     77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ADVAPI32.dll!CreateServiceW                                                                                                                                   77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ADVAPI32.dll!CreateServiceA                                                                                                                                   77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] USER32.dll!EndTask                                                                                                                                            7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ole32.dll!CoGetClassObject                                                                                                                                    7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ole32.dll!CoCreateInstanceEx                                                                                                                                  76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!LdrLoadDll                                                                                                                                              77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!LdrUnloadDll                                                                                                                                            77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!LdrGetProcedureAddress                                                                                                                                  77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtAllocateVirtualMemory                                                                                                                                 77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtClose                                                                                                                                                 77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtCreateFile                                                                                                                                            77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtCreateProcess                                                                                                                                         77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtCreateProcessEx                                                                                                                                       77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtDeleteFile                                                                                                                                            77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtFreeVirtualMemory                                                                                                                                     77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtLoadDriver                                                                                                                                            77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtOpenFile                                                                                                                                              77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtProtectVirtualMemory                                                                                                                                  77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtSetInformationProcess                                                                                                                                 77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtUnloadDriver                                                                                                                                          77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtWriteVirtualMemory                                                                                                                                    77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtCreateUserProcess                                                                                                                                     77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!RtlAllocateHeap                                                                                                                                         77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!CreateProcessW                                                                                                                                       76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!CreateProcessA                                                                                                                                       76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!VirtualProtect                                                                                                                                       76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!OpenFile                                                                                                                                             7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!MoveFileW                                                                                                                                            7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!CopyFileExW                                                                                                                                          76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!CopyFileW                                                                                                                                            76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!DeleteFileW                                                                                                                                          7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!DeleteFileA                                                                                                                                          7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!MoveFileWithProgressW                                                                                                                                762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!MoveFileExW                                                                                                                                          762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!LoadLibraryExW                                                                                                                                       76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!LoadLibraryW                                                                                                                                         76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!LoadLibraryExA                                                                                                                                       762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!LoadLibraryA                                                                                                                                         762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!GetProcAddress                                                                                                                                       7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!GetModuleHandleA                                                                                                                                     762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!GetModuleHandleW                                                                                                                                     7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!CreateFileW                                                                                                                                          7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!CreateFileA                                                                                                                                          7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!MoveFileExA                                                                                                                                          76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!MoveFileWithProgressA                                                                                                                                76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!CopyFileA                                                                                                                                            76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!MoveFileA                                                                                                                                            762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!CopyFileExA                                                                                                                                          762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!WinExec                                                                                                                                              762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!LoadModule                                                                                                                                           762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ADVAPI32.dll!OpenServiceA                                                                                                                                         77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ADVAPI32.dll!OpenServiceW                                                                                                                                         77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ADVAPI32.dll!CreateServiceW                                                                                                                                       77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ADVAPI32.dll!CreateServiceA                                                                                                                                       77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] USER32.dll!EndTask                                                                                                                                                7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] SHELL32.dll!ShellExecuteW                                                                                                                                         764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] SHELL32.dll!SHGetFolderPathAndSubDirW + 81C9                                                                                                                      7651B364 4 Bytes  [F0, 1F, 48, 00]
.text           C:\Windows\Explorer.EXE[2028] SHELL32.dll!ShellExecuteExW                                                                                                                                       7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] SHELL32.dll!ShellExecuteEx                                                                                                                                        766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] SHELL32.dll!ShellExecuteA                                                                                                                                         766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ole32.dll!CoGetClassObject                                                                                                                                        7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ole32.dll!CoCreateInstanceEx                                                                                                                                      76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!LdrLoadDll                                                                                                         77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!LdrUnloadDll                                                                                                       77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!LdrGetProcedureAddress                                                                                             77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtAllocateVirtualMemory                                                                                            77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtClose                                                                                                            77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtCreateFile                                                                                                       77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtCreateProcess                                                                                                    77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtCreateProcessEx                                                                                                  77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtDeleteFile                                                                                                       77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtFreeVirtualMemory                                                                                                77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtLoadDriver                                                                                                       77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtOpenFile                                                                                                         77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtProtectVirtualMemory                                                                                             77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtSetInformationProcess                                                                                            77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtUnloadDriver                                                                                                     77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtWriteVirtualMemory                                                                                               77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtCreateUserProcess                                                                                                77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!RtlAllocateHeap                                                                                                    77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!CreateProcessW                                                                                                  76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!CreateProcessA                                                                                                  76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!VirtualProtect                                                                                                  76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!OpenFile                                                                                                        7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!MoveFileW                                                                                                       7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!CopyFileExW                                                                                                     76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!CopyFileW                                                                                                       76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!DeleteFileW                                                                                                     7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!DeleteFileA                                                                                                     7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!MoveFileWithProgressW                                                                                           762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!MoveFileExW                                                                                                     762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!LoadLibraryExW                                                                                                  76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!LoadLibraryW                                                                                                    76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!LoadLibraryExA                                                                                                  762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!LoadLibraryA                                                                                                    762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!GetProcAddress                                                                                                  7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!GetModuleHandleA                                                                                                762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!GetModuleHandleW                                                                                                7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!CreateFileW                                                                                                     7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!CreateFileA                                                                                                     7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!MoveFileExA                                                                                                     76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!MoveFileWithProgressA                                                                                           76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!CopyFileA                                                                                                       76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!MoveFileA                                                                                                       762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!CopyFileExA                                                                                                     762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!WinExec                                                                                                         762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!LoadModule                                                                                                      762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ADVAPI32.dll!OpenServiceA                                                                                                    77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ADVAPI32.dll!OpenServiceW                                                                                                    77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ADVAPI32.dll!CreateServiceW                                                                                                  77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ADVAPI32.dll!CreateServiceA                                                                                                  77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] USER32.dll!EndTask                                                                                                           7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] shell32.dll!ShellExecuteW                                                                                                    764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] shell32.dll!ShellExecuteExW                                                                                                  7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] shell32.dll!ShellExecuteEx                                                                                                   766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] shell32.dll!ShellExecuteA                                                                                                    766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ole32.dll!CoGetClassObject                                                                                                   7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ole32.dll!CoCreateInstanceEx                                                                                                 76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!LdrLoadDll                                                                                                                   77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!LdrUnloadDll                                                                                                                 77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!LdrGetProcedureAddress                                                                                                       77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtAllocateVirtualMemory                                                                                                      77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtClose                                                                                                                      77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtCreateFile                                                                                                                 77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtCreateProcess                                                                                                              77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtCreateProcessEx                                                                                                            77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtDeleteFile                                                                                                                 77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtFreeVirtualMemory                                                                                                          77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtLoadDriver                                                                                                                 77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtOpenFile                                                                                                                   77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtProtectVirtualMemory                                                                                                       77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtSetInformationProcess                                                                                                      77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtUnloadDriver                                                                                                               77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtWriteVirtualMemory                                                                                                         77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtCreateUserProcess                                                                                                          77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!RtlAllocateHeap                                                                                                              77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!CreateProcessW                                                                                                            76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!CreateProcessA                                                                                                            76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!VirtualProtect                                                                                                            76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!OpenFile                                                                                                                  7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!MoveFileW                                                                                                                 7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!CopyFileExW                                                                                                               76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!CopyFileW                                                                                                                 76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!DeleteFileW                                                                                                               7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!DeleteFileA                                                                                                               7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!MoveFileWithProgressW                                                                                                     762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!MoveFileExW                                                                                                               762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!LoadLibraryExW                                                                                                            76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!LoadLibraryW                                                                                                              76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!LoadLibraryExA                                                                                                            762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!LoadLibraryA                                                                                                              762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!GetProcAddress                                                                                                            7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!GetModuleHandleA                                                                                                          762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!GetModuleHandleW                                                                                                          7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!CreateFileW                                                                                                               7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!CreateFileA                                                                                                               7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!MoveFileExA                                                                                                               76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!MoveFileWithProgressA                                                                                                     76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!CopyFileA                                                                                                                 76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!MoveFileA                                                                                                                 762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!CopyFileExA                                                                                                               762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!WinExec                                                                                                                   762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!LoadModule                                                                                                                762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] USER32.dll!EndTask                                                                                                                     7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ADVAPI32.dll!OpenServiceA                                                                                                              77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ADVAPI32.dll!OpenServiceW                                                                                                              77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ADVAPI32.dll!CreateServiceW                                                                                                            77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ADVAPI32.dll!CreateServiceA                                                                                                            77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] SHELL32.dll!ShellExecuteW                                                                                                              764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] SHELL32.dll!ShellExecuteExW                                                                                                            7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] SHELL32.dll!ShellExecuteEx                                                                                                             766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] SHELL32.dll!ShellExecuteA                                                                                                              766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!LdrLoadDll                                                                                                                                77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!LdrUnloadDll                                                                                                                              77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!LdrGetProcedureAddress                                                                                                                    77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtAllocateVirtualMemory                                                                                                                   77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtClose                                                                                                                                   77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtCreateFile                                                                                                                              77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtCreateProcess                                                                                                                           77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtCreateProcessEx                                                                                                                         77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtDeleteFile                                                                                                                              77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtFreeVirtualMemory                                                                                                                       77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtLoadDriver                                                                                                                              77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtOpenFile                                                                                                                                77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtProtectVirtualMemory                                                                                                                    77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtSetInformationProcess                                                                                                                   77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtUnloadDriver                                                                                                                            77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtWriteVirtualMemory                                                                                                                      77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtCreateUserProcess                                                                                                                       77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!RtlAllocateHeap                                                                                                                           77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!CreateProcessW                                                                                                                         76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!CreateProcessA                                                                                                                         76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!VirtualProtect                                                                                                                         76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!OpenFile                                                                                                                               7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!MoveFileW                                                                                                                              7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!CopyFileExW                                                                                                                            76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!CopyFileW                                                                                                                              76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!DeleteFileW                                                                                                                            7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!DeleteFileA                                                                                                                            7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!MoveFileWithProgressW                                                                                                                  762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!MoveFileExW                                                                                                                            762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!LoadLibraryExW                                                                                                                         76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!LoadLibraryW                                                                                                                           76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!LoadLibraryExA                                                                                                                         762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!LoadLibraryA                                                                                                                           762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!GetProcAddress                                                                                                                         7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!GetModuleHandleA                                                                                                                       762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!GetModuleHandleW                                                                                                                       7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!CreateFileW                                                                                                                            7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!CreateFileA                                                                                                                            7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!MoveFileExA                                                                                                                            76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!MoveFileWithProgressA                                                                                                                  76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!CopyFileA                                                                                                                              76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!MoveFileA                                                                                                                              762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!CopyFileExA                                                                                                                            762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!WinExec                                                                                                                                762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!LoadModule                                                                                                                             762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ADVAPI32.dll!OpenServiceA                                                                                                                           77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ADVAPI32.dll!OpenServiceW                                                                                                                           77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ADVAPI32.dll!CreateServiceW                                                                                                                         77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ADVAPI32.dll!CreateServiceA                                                                                                                         77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ole32.dll!CoGetClassObject                                                                                                                          7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ole32.dll!CoCreateInstanceEx                                                                                                                        76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] USER32.dll!EndTask                                                                                                                                  7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!LdrLoadDll                                                                                                         77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!LdrUnloadDll                                                                                                       77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!LdrGetProcedureAddress                                                                                             77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtAllocateVirtualMemory                                                                                            77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtClose                                                                                                            77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtCreateFile                                                                                                       77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtCreateProcess                                                                                                    77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtCreateProcessEx                                                                                                  77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtDeleteFile                                                                                                       77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtFreeVirtualMemory                                                                                                77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtLoadDriver                                                                                                       77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtOpenFile                                                                                                         77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtProtectVirtualMemory                                                                                             77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtSetInformationProcess                                                                                            77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtUnloadDriver                                                                                                     77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtWriteVirtualMemory                                                                                               77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtCreateUserProcess                                                                                                77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!RtlAllocateHeap                                                                                                    77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!CreateProcessW                                                                                                  76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!CreateProcessA                                                                                                  76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!VirtualProtect                                                                                                  76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!OpenFile                                                                                                        7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!MoveFileW                                                                                                       7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!CopyFileExW                                                                                                     76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!CopyFileW                                                                                                       76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!DeleteFileW                                                                                                     7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!DeleteFileA                                                                                                     7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!MoveFileWithProgressW                                                                                           762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!MoveFileExW                                                                                                     762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!LoadLibraryExW                                                                                                  76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!LoadLibraryW                                                                                                    76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!LoadLibraryExA                                                                                                  762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!LoadLibraryA                                                                                                    762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!GetProcAddress                                                                                                  7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!GetModuleHandleA                                                                                                762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!GetModuleHandleW                                                                                                7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!CreateFileW                                                                                                     7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!CreateFileA                                                                                                     7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!MoveFileExA                                                                                                     76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!MoveFileWithProgressA                                                                                           76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!CopyFileA                                                                                                       76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!MoveFileA                                                                                                       762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!CopyFileExA                                                                                                     762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!WinExec                                                                                                         762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!LoadModule                                                                                                      762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ADVAPI32.dll!OpenServiceA                                                                                                    77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ADVAPI32.dll!OpenServiceW                                                                                                    77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ADVAPI32.dll!CreateServiceW                                                                                                  77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ADVAPI32.dll!CreateServiceA                                                                                                  77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] USER32.dll!EndTask                                                                                                           7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] shell32.dll!ShellExecuteW                                                                                                    764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] shell32.dll!ShellExecuteExW                                                                                                  7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] shell32.dll!ShellExecuteEx                                                                                                   766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] shell32.dll!ShellExecuteA                                                                                                    766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ole32.dll!CoGetClassObject                                                                                                   7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ole32.dll!CoCreateInstanceEx                                                                                                 76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!LdrLoadDll                                                                                                                                     77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!LdrUnloadDll                                                                                                                                   77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!LdrGetProcedureAddress                                                                                                                         77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtAllocateVirtualMemory                                                                                                                        77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtClose                                                                                                                                        77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtCreateFile                                                                                                                                   77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtCreateProcess                                                                                                                                77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtCreateProcessEx                                                                                                                              77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtDeleteFile                                                                                                                                   77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtFreeVirtualMemory                                                                                                                            77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtLoadDriver                                                                                                                                   77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtOpenFile                                                                                                                                     77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtProtectVirtualMemory                                                                                                                         77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtSetInformationProcess                                                                                                                        77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtUnloadDriver                                                                                                                                 77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtWriteVirtualMemory                                                                                                                           77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtCreateUserProcess                                                                                                                            77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!RtlAllocateHeap                                                                                                                                77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!CreateProcessW                                                                                                                              76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!CreateProcessA                                                                                                                              76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!VirtualProtect                                                                                                                              76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!OpenFile                                                                                                                                    7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!MoveFileW                                                                                                                                   7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!CopyFileExW                                                                                                                                 76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!CopyFileW                                                                                                                                   76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!DeleteFileW                                                                                                                                 7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!DeleteFileA                                                                                                                                 7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!MoveFileWithProgressW                                                                                                                       762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!MoveFileExW                                                                                                                                 762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!LoadLibraryExW                                                                                                                              76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!LoadLibraryW                                                                                                                                76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!LoadLibraryExA                                                                                                                              762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!LoadLibraryA                                                                                                                                762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!GetProcAddress                                                                                                                              7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!GetModuleHandleA                                                                                                                            762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!GetModuleHandleW                                                                                                                            7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!CreateFileW                                                                                                                                 7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!CreateFileA                                                                                                                                 7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!MoveFileExA                                                                                                                                 76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!MoveFileWithProgressA                                                                                                                       76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!CopyFileA                                                                                                                                   76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!MoveFileA                                                                                                                                   762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!CopyFileExA                                                                                                                                 762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!WinExec                                                                                                                                     762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!LoadModule                                                                                                                                  762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ADVAPI32.dll!OpenServiceA                                                                                                                                77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ADVAPI32.dll!OpenServiceW                                                                                                                                77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ADVAPI32.dll!CreateServiceW                                                                                                                              77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ADVAPI32.dll!CreateServiceA                                                                                                                              77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] USER32.dll!EndTask                                                                                                                                       7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] SHELL32.dll!ShellExecuteW                                                                                                                                764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] SHELL32.dll!ShellExecuteExW                                                                                                                              7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] SHELL32.dll!ShellExecuteEx                                                                                                                               766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] SHELL32.dll!ShellExecuteA                                                                                                                                766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] WS2_32.dll!WSASocketW                                                                                                                                    77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] WS2_32.dll!WSASocketA                                                                                                                                    77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ole32.dll!CoGetClassObject                                                                                                                               7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ole32.dll!CoCreateInstanceEx                                                                                                                             76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!LdrLoadDll                                                                                                       77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!LdrUnloadDll                                                                                                     77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!LdrGetProcedureAddress                                                                                           77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtAllocateVirtualMemory                                                                                          77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtClose                                                                                                          77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtCreateFile                                                                                                     77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtCreateProcess                                                                                                  77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtCreateProcessEx                                                                                                77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtDeleteFile                                                                                                     77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtFreeVirtualMemory                                                                                              77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtLoadDriver                                                                                                     77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtOpenFile                                                                                                       77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtProtectVirtualMemory                                                                                           77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtSetInformationProcess                                                                                          77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtUnloadDriver                                                                                                   77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtWriteVirtualMemory                                                                                             77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtCreateUserProcess                                                                                              77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!RtlAllocateHeap                                                                                                  77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!CreateProcessW                                                                                                76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!CreateProcessA                                                                                                76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!VirtualProtect                                                                                                76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!OpenFile                                                                                                      7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!MoveFileW                                                                                                     7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!CopyFileExW                                                                                                   76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!CopyFileW                                                                                                     76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!DeleteFileW                                                                                                   7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!DeleteFileA                                                                                                   7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!MoveFileWithProgressW                                                                                         762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!MoveFileExW                                                                                                   762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!LoadLibraryExW                                                                                                76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!LoadLibraryW                                                                                                  76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!LoadLibraryExA                                                                                                762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!LoadLibraryA                                                                                                  762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!GetProcAddress                                                                                                7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!GetModuleHandleA                                                                                              762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!GetModuleHandleW                                                                                              7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!CreateFileW                                                                                                   7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!CreateFileA                                                                                                   7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!MoveFileExA                                                                                                   76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!MoveFileWithProgressA                                                                                         76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!CopyFileA                                                                                                     76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!MoveFileA                                                                                                     762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!CopyFileExA                                                                                                   762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!WinExec                                                                                                       762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!LoadModule                                                                                                    762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] WS2_32.dll!WSASocketW                                                                                                      77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] WS2_32.dll!WSASocketA                                                                                                      77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ADVAPI32.dll!OpenServiceA                                                                                                  77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ADVAPI32.dll!OpenServiceW                                                                                                  77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ADVAPI32.dll!CreateServiceW                                                                                                77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ADVAPI32.dll!CreateServiceA                                                                                                77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] WININET.dll!InternetConnectA                                                                                               7744DEAE 5 Bytes  JMP 10001E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] WININET.dll!InternetConnectW                                                                                               7744F862 5 Bytes  JMP 10001E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] USER32.dll!EndTask                                                                                                         7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ole32.dll!CoGetClassObject                                                                                                 7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ole32.dll!CoCreateInstanceEx                                                                                               76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!LdrLoadDll                                                                                                            77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!LdrUnloadDll                                                                                                          77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!LdrGetProcedureAddress                                                                                                77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtAllocateVirtualMemory                                                                                               77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtClose                                                                                                               77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtCreateFile                                                                                                          77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtCreateProcess                                                                                                       77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtCreateProcessEx                                                                                                     77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtDeleteFile                                                                                                          77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtFreeVirtualMemory                                                                                                   77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtLoadDriver                                                                                                          77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtOpenFile                                                                                                            77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtProtectVirtualMemory                                                                                                77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtSetInformationProcess                                                                                               77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtUnloadDriver                                                                                                        77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtWriteVirtualMemory                                                                                                  77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtCreateUserProcess                                                                                                   77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!RtlAllocateHeap                                                                                                       77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!CreateProcessW                                                                                                     76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!CreateProcessA                                                                                                     76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!VirtualProtect                                                                                                     76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!OpenFile                                                                                                           7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!MoveFileW                                                                                                          7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!CopyFileExW                                                                                                        76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!CopyFileW                                                                                                          76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!DeleteFileW                                                                                                        7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!DeleteFileA                                                                                                        7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!MoveFileWithProgressW                                                                                              762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!MoveFileExW                                                                                                        762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!LoadLibraryExW                                                                                                     76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!LoadLibraryW                                                                                                       76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!LoadLibraryExA                                                                                                     762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!LoadLibraryA                                                                                                       762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!GetProcAddress                                                                                                     7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!GetModuleHandleA                                                                                                   762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!GetModuleHandleW                                                                                                   7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!CreateFileW                                                                                                        7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!CreateFileA                                                                                                        7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!MoveFileExA                                                                                                        76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!MoveFileWithProgressA                                                                                              76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!CopyFileA                                                                                                          76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!MoveFileA                                                                                                          762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!CopyFileExA                                                                                                        762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!WinExec                                                                                                            762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!LoadModule                                                                                                         762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ADVAPI32.dll!OpenServiceA                                                                                                       77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ADVAPI32.dll!OpenServiceW                                                                                                       77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ADVAPI32.dll!CreateServiceW                                                                                                     77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ADVAPI32.dll!CreateServiceA                                                                                                     77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] USER32.dll!EndTask                                                                                                              7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] shell32.dll!ShellExecuteW                                                                                                       764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] shell32.dll!ShellExecuteExW                                                                                                     7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] shell32.dll!ShellExecuteEx                                                                                                      766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] shell32.dll!ShellExecuteA                                                                                                       766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ole32.dll!CoGetClassObject                                                                                                      7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ole32.dll!CoCreateInstanceEx                                                                                                    76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!LdrLoadDll                                                                                                                                     77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!LdrUnloadDll                                                                                                                                   77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!LdrGetProcedureAddress                                                                                                                         77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtAllocateVirtualMemory                                                                                                                        77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtClose                                                                                                                                        77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtCreateFile                                                                                                                                   77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtCreateProcess                                                                                                                                77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtCreateProcessEx                                                                                                                              77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtDeleteFile                                                                                                                                   77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtFreeVirtualMemory                                                                                                                            77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtLoadDriver                                                                                                                                   77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtOpenFile                                                                                                                                     77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtProtectVirtualMemory                                                                                                                         77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtSetInformationProcess                                                                                                                        77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtUnloadDriver                                                                                                                                 77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtWriteVirtualMemory                                                                                                                           77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtCreateUserProcess                                                                                                                            77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!RtlAllocateHeap                                                                                                                                77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!CreateProcessW                                                                                                                              76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!CreateProcessA                                                                                                                              76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!VirtualProtect                                                                                                                              76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!OpenFile                                                                                                                                    7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!MoveFileW                                                                                                                                   7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!CopyFileExW                                                                                                                                 76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!CopyFileW                                                                                                                                   76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!DeleteFileW                                                                                                                                 7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!DeleteFileA                                                                                                                                 7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!MoveFileWithProgressW                                                                                                                       762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!MoveFileExW                                                                                                                                 762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!LoadLibraryExW                                                                                                                              76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!LoadLibraryW                                                                                                                                76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!LoadLibraryExA                                                                                                                              762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!LoadLibraryA                                                                                                                                762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!GetProcAddress                                                                                                                              7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!GetModuleHandleA                                                                                                                            762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!GetModuleHandleW                                                                                                                            7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!CreateFileW                                                                                                                                 7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!CreateFileA                                                                                                                                 7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!MoveFileExA                                                                                                                                 76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!MoveFileWithProgressA                                                                                                                       76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!CopyFileA                                                                                                                                   76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!MoveFileA                                                                                                                                   762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!CopyFileExA                                                                                                                                 762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!WinExec                                                                                                                                     762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!LoadModule                                                                                                                                  762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ADVAPI32.dll!OpenServiceA                                                                                                                                77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ADVAPI32.dll!OpenServiceW                                                                                                                                77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ADVAPI32.dll!CreateServiceW                                                                                                                              77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ADVAPI32.dll!CreateServiceA                                                                                                                              77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] USER32.dll!EndTask                                                                                                                                       7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] SHELL32.dll!ShellExecuteW                                                                                                                                764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] SHELL32.dll!ShellExecuteExW                                                                                                                              7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] SHELL32.dll!ShellExecuteEx                                                                                                                               766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] SHELL32.dll!ShellExecuteA                                                                                                                                766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] WS2_32.dll!WSASocketW                                                                                                                                    77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] WS2_32.dll!WSASocketA                                                                                                                                    77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ole32.dll!CoGetClassObject                                                                                                                               7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ole32.dll!CoCreateInstanceEx                                                                                                                             76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!LdrLoadDll                                                                                                                        77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!LdrUnloadDll                                                                                                                      77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!LdrGetProcedureAddress                                                                                                            77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtAllocateVirtualMemory                                                                                                           77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtClose                                                                                                                           77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtCreateFile                                                                                                                      77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtCreateProcess                                                                                                                   77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtCreateProcessEx                                                                                                                 77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtDeleteFile                                                                                                                      77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtFreeVirtualMemory                                                                                                               77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtLoadDriver                                                                                                                      77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtOpenFile                                                                                                                        77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtProtectVirtualMemory                                                                                                            77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtSetInformationProcess                                                                                                           77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtUnloadDriver                                                                                                                    77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtWriteVirtualMemory                                                                                                              77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtCreateUserProcess                                                                                                               77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!RtlAllocateHeap                                                                                                                   77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!CreateProcessW                                                                                                                 76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!CreateProcessA                                                                                                                 76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!VirtualProtect                                                                                                                 76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!OpenFile                                                                                                                       7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!MoveFileW                                                                                                                      7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!CopyFileExW                                                                                                                    76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!CopyFileW                                                                                                                      76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!DeleteFileW                                                                                                                    7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!DeleteFileA                                                                                                                    7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!MoveFileWithProgressW                                                                                                          762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!MoveFileExW                                                                                                                    762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!LoadLibraryExW                                                                                                                 76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!LoadLibraryW                                                                                                                   76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!LoadLibraryExA                                                                                                                 762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!LoadLibraryA                                                                                                                   762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!GetProcAddress                                                                                                                 7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!GetModuleHandleA                                                                                                               762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!GetModuleHandleW                                                                                                               7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!CreateFileW                                                                                                                    7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!CreateFileA                                                                                                                    7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!MoveFileExA                                                                                                                    76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!MoveFileWithProgressA                                                                                                          76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!CopyFileA                                                                                                                      76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!MoveFileA                                                                                                                      762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!CopyFileExA                                                                                                                    762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!WinExec                                                                                                                        762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!LoadModule                                                                                                                     762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ADVAPI32.dll!OpenServiceA                                                                                                                   77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ADVAPI32.dll!OpenServiceW                                                                                                                   77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ADVAPI32.dll!CreateServiceW                                                                                                                 77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ADVAPI32.dll!CreateServiceA                                                                                                                 77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] USER32.dll!EndTask                                                                                                                          7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] SHELL32.dll!ShellExecuteW                                                                                                                   764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] SHELL32.dll!ShellExecuteExW                                                                                                                 7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] SHELL32.dll!ShellExecuteEx                                                                                                                  766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] SHELL32.dll!ShellExecuteA                                                                                                                   766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ole32.dll!CoGetClassObject                                                                                                                  7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ole32.dll!CoCreateInstanceEx                                                                                                                76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!LdrLoadDll                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!LdrUnloadDll                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!LdrGetProcedureAddress                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtAllocateVirtualMemory                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtClose                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtCreateFile                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtCreateProcess                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtCreateProcessEx                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtDeleteFile                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtFreeVirtualMemory                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtLoadDriver                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtOpenFile                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtProtectVirtualMemory                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtSetInformationProcess                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtUnloadDriver                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtWriteVirtualMemory                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtCreateUserProcess                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!RtlAllocateHeap                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!CreateProcessW                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!CreateProcessA                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!VirtualProtect                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!OpenFile                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!MoveFileW                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!CopyFileExW                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!CopyFileW                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!DeleteFileW                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!DeleteFileA                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!MoveFileWithProgressW                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!MoveFileExW                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!LoadLibraryExW                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!LoadLibraryW                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!LoadLibraryExA                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!LoadLibraryA                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!GetProcAddress                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!GetModuleHandleA                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!GetModuleHandleW                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!CreateFileW                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!CreateFileA                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!MoveFileExA                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!MoveFileWithProgressA                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!CopyFileA                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!MoveFileA                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!CopyFileExA                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!WinExec                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!LoadModule                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] USER32.dll!EndTask                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ADVAPI32.dll!OpenServiceA                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ADVAPI32.dll!OpenServiceW                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ADVAPI32.dll!CreateServiceW                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ADVAPI32.dll!CreateServiceA                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] SHELL32.dll!ShellExecuteW                                                                                                                 764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] SHELL32.dll!ShellExecuteExW                                                                                                               7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] SHELL32.dll!ShellExecuteEx                                                                                                                766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] SHELL32.dll!ShellExecuteA                                                                                                                 766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ole32.dll!CoGetClassObject                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ole32.dll!CoCreateInstanceEx                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!LdrLoadDll                                                                                                        77B69390 5 Bytes  JMP 01A34550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!LdrUnloadDll                                                                                                      77B7BA50 7 Bytes  JMP 01A381E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!LdrGetProcedureAddress                                                                                            77B85A88 5 Bytes  JMP 01A319F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtAllocateVirtualMemory                                                                                           77BA4134 5 Bytes  JMP 01A31950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtClose                                                                                                           77BA4314 5 Bytes  JMP 01A382B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtCreateFile                                                                                                      77BA43D4 5 Bytes  JMP 01A318D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtCreateProcess                                                                                                   77BA4494 5 Bytes  JMP 01A31890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtCreateProcessEx                                                                                                 77BA44A4 5 Bytes  JMP 01A319B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtDeleteFile                                                                                                      77BA47B4 5 Bytes  JMP 01A31910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtFreeVirtualMemory                                                                                               77BA4944 5 Bytes  JMP 01A31A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtLoadDriver                                                                                                      77BA4A64 5 Bytes  JMP 01A31970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtOpenFile                                                                                                        77BA4BB4 5 Bytes  JMP 01A318F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtProtectVirtualMemory                                                                                            77BA4D34 5 Bytes  JMP 01A31930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtSetInformationProcess                                                                                           77BA5324 5 Bytes  JMP 01A319D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtUnloadDriver                                                                                                    77BA5574 5 Bytes  JMP 01A31990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtWriteVirtualMemory                                                                                              77BA5674 5 Bytes  JMP 01A318B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtCreateUserProcess                                                                                               77BA5804 5 Bytes  JMP 01A37040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!RtlAllocateHeap                                                                                                   77BA6570 5 Bytes  JMP 01A31A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!CreateProcessW                                                                                                 76221BF3 5 Bytes  JMP 01A31A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!CreateProcessA                                                                                                 76221C28 5 Bytes  JMP 01A31A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!VirtualProtect                                                                                                 76221DC3 5 Bytes  JMP 01A31D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!OpenFile                                                                                                       7622355A 5 Bytes  JMP 01A31B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!MoveFileW                                                                                                      7622A2F2 5 Bytes  JMP 01A31C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!CopyFileExW                                                                                                    76230211 7 Bytes  JMP 01A31BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!CopyFileW                                                                                                      76230299 5 Bytes  JMP 01A31B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!DeleteFileW                                                                                                    7623F4B6 5 Bytes  JMP 01A31CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!DeleteFileA                                                                                                    7623F5D2 5 Bytes  JMP 01A31CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!MoveFileWithProgressW                                                                                          762410A4 5 Bytes  JMP 01A31C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!MoveFileExW                                                                                                    762410C8 5 Bytes  JMP 01A31C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!LoadLibraryExW                                                                                                 76249109 7 Bytes  JMP 01A31AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!LoadLibraryW                                                                                                   76249362 5 Bytes  JMP 01A31D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!LoadLibraryExA                                                                                                 762494B4 5 Bytes  JMP 01A31AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!LoadLibraryA                                                                                                   762494DC 5 Bytes  JMP 01A31D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!GetProcAddress                                                                                                 7626903B 5 Bytes  JMP 01A31A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!GetModuleHandleA                                                                                               762692A5 5 Bytes  JMP 01A31CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!GetModuleHandleW                                                                                               7626A804 5 Bytes  JMP 01A31D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!CreateFileW                                                                                                    7626AECB 5 Bytes  JMP 01A31B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!CreateFileA                                                                                                    7626CE5F 5 Bytes  JMP 01A31B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!MoveFileExA                                                                                                    76270F0A 5 Bytes  JMP 01A31C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!MoveFileWithProgressA                                                                                          76270F2A 5 Bytes  JMP 01A31C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!CopyFileA                                                                                                      76272433 5 Bytes  JMP 01A31B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!MoveFileA                                                                                                      762AF641 5 Bytes  JMP 01A31BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!CopyFileExA                                                                                                    762B19F9 5 Bytes  JMP 01A31BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!WinExec                                                                                                        762B5CF7 5 Bytes  JMP 01A31D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!LoadModule                                                                                                     762B5E4F 5 Bytes  JMP 01A31AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ADVAPI32.dll!OpenServiceA                                                                                                   77CF2EBD 7 Bytes  JMP 01A31640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ADVAPI32.dll!OpenServiceW                                                                                                   77CF8354 7 Bytes  JMP 01A31480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ADVAPI32.dll!CreateServiceW                                                                                                 77D19EB4 7 Bytes  JMP 01A31250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ADVAPI32.dll!CreateServiceA                                                                                                 77D572A1 7 Bytes  JMP 01A31000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] USER32.dll!EndTask                                                                                                          7790AD32 5 Bytes  JMP 01A37E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] SHELL32.dll!ShellExecuteW                                                                                                   764F9725 5 Bytes  JMP 01A31DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] SHELL32.dll!ShellExecuteExW                                                                                                 7654C135 5 Bytes  JMP 01A31E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] SHELL32.dll!ShellExecuteEx                                                                                                  766F9FE2 5 Bytes  JMP 01A31DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] SHELL32.dll!ShellExecuteA                                                                                                   766FA07D 5 Bytes  JMP 01A31DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ole32.dll!CoGetClassObject                                                                                                  7633FABC 5 Bytes  JMP 01A37D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ole32.dll!CoCreateInstanceEx                                                                                                76359EE9 5 Bytes  JMP 01A37BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] WININET.dll!InternetConnectA                                                                                                7744DEAE 5 Bytes  JMP 01A31E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] WININET.dll!InternetConnectW                                                                                                7744F862 5 Bytes  JMP 01A31E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] WS2_32.dll!WSASocketW                                                                                                       77C834EB 7 Bytes  JMP 01A31E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] WS2_32.dll!WSASocketA                                                                                                       77C88FA9 5 Bytes  JMP 01A31E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!LdrLoadDll                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!LdrUnloadDll                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!LdrGetProcedureAddress                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtAllocateVirtualMemory                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtClose                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtCreateFile                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtCreateProcess                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtCreateProcessEx                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtDeleteFile                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtFreeVirtualMemory                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtLoadDriver                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtOpenFile                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtProtectVirtualMemory                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtSetInformationProcess                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtUnloadDriver                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtWriteVirtualMemory                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtCreateUserProcess                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!RtlAllocateHeap                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!CreateProcessW                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!CreateProcessA                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!VirtualProtect                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!OpenFile                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!MoveFileW                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!CopyFileExW                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!CopyFileW                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!DeleteFileW                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!DeleteFileA                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!MoveFileWithProgressW                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!MoveFileExW                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!LoadLibraryExW                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!LoadLibraryW                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!LoadLibraryExA                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!LoadLibraryA                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!GetProcAddress                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!GetModuleHandleA                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!GetModuleHandleW                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!CreateFileW                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!CreateFileA                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!MoveFileExA                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!MoveFileWithProgressA                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!CopyFileA                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!MoveFileA                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!CopyFileExA                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!WinExec                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!LoadModule                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] USER32.dll!EndTask                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ADVAPI32.dll!OpenServiceA                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ADVAPI32.dll!OpenServiceW                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ADVAPI32.dll!CreateServiceW                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ADVAPI32.dll!CreateServiceA                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ole32.dll!CoGetClassObject                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ole32.dll!CoCreateInstanceEx                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] SHELL32.dll!ShellExecuteW                                                                                                                 764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] SHELL32.dll!ShellExecuteExW                                                                                                               7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] SHELL32.dll!ShellExecuteEx                                                                                                                766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] SHELL32.dll!ShellExecuteA                                                                                                                 766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!LdrLoadDll                                                                                                     77B69390 5 Bytes  JMP 00334550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!LdrUnloadDll                                                                                                   77B7BA50 7 Bytes  JMP 003381E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!LdrGetProcedureAddress                                                                                         77B85A88 5 Bytes  JMP 003319F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtAllocateVirtualMemory                                                                                        77BA4134 5 Bytes  JMP 00331950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtClose                                                                                                        77BA4314 5 Bytes  JMP 003382B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtCreateFile                                                                                                   77BA43D4 5 Bytes  JMP 003318D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtCreateProcess                                                                                                77BA4494 5 Bytes  JMP 00331890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtCreateProcessEx                                                                                              77BA44A4 5 Bytes  JMP 003319B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtDeleteFile                                                                                                   77BA47B4 5 Bytes  JMP 00331910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtFreeVirtualMemory                                                                                            77BA4944 5 Bytes  JMP 00331A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtLoadDriver                                                                                                   77BA4A64 5 Bytes  JMP 00331970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtOpenFile                                                                                                     77BA4BB4 5 Bytes  JMP 003318F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtProtectVirtualMemory                                                                                         77BA4D34 5 Bytes  JMP 00331930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtSetInformationProcess                                                                                        77BA5324 5 Bytes  JMP 003319D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtUnloadDriver                                                                                                 77BA5574 5 Bytes  JMP 00331990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtWriteVirtualMemory                                                                                           77BA5674 5 Bytes  JMP 003318B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtCreateUserProcess                                                                                            77BA5804 5 Bytes  JMP 00337040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!RtlAllocateHeap                                                                                                77BA6570 5 Bytes  JMP 00331A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!CreateProcessW                                                                                              76221BF3 5 Bytes  JMP 00331A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!CreateProcessA                                                                                              76221C28 5 Bytes  JMP 00331A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!VirtualProtect                                                                                              76221DC3 5 Bytes  JMP 00331D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!OpenFile                                                                                                    7622355A 5 Bytes  JMP 00331B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!MoveFileW                                                                                                   7622A2F2 5 Bytes  JMP 00331C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!CopyFileExW                                                                                                 76230211 7 Bytes  JMP 00331BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!CopyFileW                                                                                                   76230299 5 Bytes  JMP 00331B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!DeleteFileW                                                                                                 7623F4B6 5 Bytes  JMP 00331CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!DeleteFileA                                                                                                 7623F5D2 5 Bytes  JMP 00331CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!MoveFileWithProgressW                                                                                       762410A4 5 Bytes  JMP 00331C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!MoveFileExW                                                                                                 762410C8 5 Bytes  JMP 00331C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!LoadLibraryExW                                                                                              76249109 7 Bytes  JMP 00331AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!LoadLibraryW                                                                                                76249362 5 Bytes  JMP 00331D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!LoadLibraryExA                                                                                              762494B4 5 Bytes  JMP 00331AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!LoadLibraryA                                                                                                762494DC 5 Bytes  JMP 00331D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!GetProcAddress                                                                                              7626903B 5 Bytes  JMP 00331A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!GetModuleHandleA                                                                                            762692A5 5 Bytes  JMP 00331CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!GetModuleHandleW                                                                                            7626A804 5 Bytes  JMP 00331D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!CreateFileW                                                                                                 7626AECB 5 Bytes  JMP 00331B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!CreateFileA                                                                                                 7626CE5F 5 Bytes  JMP 00331B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!MoveFileExA                                                                                                 76270F0A 5 Bytes  JMP 00331C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!MoveFileWithProgressA                                                                                       76270F2A 5 Bytes  JMP 00331C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!CopyFileA                                                                                                   76272433 5 Bytes  JMP 00331B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!MoveFileA                                                                                                   762AF641 5 Bytes  JMP 00331BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!CopyFileExA                                                                                                 762B19F9 5 Bytes  JMP 00331BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!WinExec                                                                                                     762B5CF7 5 Bytes  JMP 00331D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!LoadModule                                                                                                  762B5E4F 5 Bytes  JMP 00331AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] USER32.dll!EndTask                                                                                                       7790AD32 5 Bytes  JMP 00337E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ADVAPI32.dll!OpenServiceA                                                                                                77CF2EBD 7 Bytes  JMP 00331640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ADVAPI32.dll!OpenServiceW                                                                                                77CF8354 7 Bytes  JMP 00331480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ADVAPI32.dll!CreateServiceW                                                                                              77D19EB4 7 Bytes  JMP 00331250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ADVAPI32.dll!CreateServiceA                                                                                              77D572A1 7 Bytes  JMP 00331000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] SHELL32.dll!ShellExecuteW                                                                                                764F9725 5 Bytes  JMP 00331DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] SHELL32.dll!ShellExecuteExW                                                                                              7654C135 5 Bytes  JMP 00331E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] SHELL32.dll!ShellExecuteEx                                                                                               766F9FE2 5 Bytes  JMP 00331DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] SHELL32.dll!ShellExecuteA                                                                                                766FA07D 5 Bytes  JMP 00331DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ole32.dll!CoGetClassObject                                                                                               7633FABC 5 Bytes  JMP 00337D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ole32.dll!CoCreateInstanceEx                                                                                             76359EE9 5 Bytes  JMP 00337BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!LdrLoadDll                                                                                                                                77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!LdrUnloadDll                                                                                                                              77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!LdrGetProcedureAddress                                                                                                                    77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtAllocateVirtualMemory                                                                                                                   77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtClose                                                                                                                                   77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtCreateFile                                                                                                                              77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtCreateProcess                                                                                                                           77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtCreateProcessEx                                                                                                                         77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtDeleteFile                                                                                                                              77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtFreeVirtualMemory                                                                                                                       77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtLoadDriver                                                                                                                              77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtOpenFile                                                                                                                                77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtProtectVirtualMemory                                                                                                                    77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtSetInformationProcess                                                                                                                   77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtUnloadDriver                                                                                                                            77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtWriteVirtualMemory                                                                                                                      77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtCreateUserProcess                                                                                                                       77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!RtlAllocateHeap                                                                                                                           77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!CreateProcessW                                                                                                                         76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!CreateProcessA                                                                                                                         76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!VirtualProtect                                                                                                                         76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!OpenFile                                                                                                                               7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!MoveFileW                                                                                                                              7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!CopyFileExW                                                                                                                            76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!CopyFileW                                                                                                                              76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!DeleteFileW                                                                                                                            7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!DeleteFileA                                                                                                                            7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!MoveFileWithProgressW                                                                                                                  762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!MoveFileExW                                                                                                                            762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!LoadLibraryExW                                                                                                                         76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!LoadLibraryW                                                                                                                           76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!LoadLibraryExA                                                                                                                         762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!LoadLibraryA                                                                                                                           762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!GetProcAddress                                                                                                                         7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!GetModuleHandleA                                                                                                                       762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!GetModuleHandleW                                                                                                                       7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!CreateFileW                                                                                                                            7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!CreateFileA                                                                                                                            7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!MoveFileExA                                                                                                                            76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!MoveFileWithProgressA                                                                                                                  76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!CopyFileA                                                                                                                              76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!MoveFileA                                                                                                                              762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!CopyFileExA                                                                                                                            762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!WinExec                                                                                                                                762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!LoadModule                                                                                                                             762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ADVAPI32.dll!OpenServiceA                                                                                                                           77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ADVAPI32.dll!OpenServiceW                                                                                                                           77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ADVAPI32.dll!CreateServiceW                                                                                                                         77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ADVAPI32.dll!CreateServiceA                                                                                                                         77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] USER32.dll!EndTask                                                                                                                                  7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ole32.dll!CoGetClassObject                                                                                                                          7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ole32.dll!CoCreateInstanceEx                                                                                                                        76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] WS2_32.dll!WSASocketW                                                                                                                               77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] WS2_32.dll!WSASocketA                                                                                                                               77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!LdrLoadDll                                                                                                                                              77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!LdrUnloadDll                                                                                                                                            77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!LdrGetProcedureAddress                                                                                                                                  77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtAllocateVirtualMemory                                                                                                                                 77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtClose                                                                                                                                                 77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtCreateFile                                                                                                                                            77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtCreateProcess                                                                                                                                         77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtCreateProcessEx                                                                                                                                       77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtDeleteFile                                                                                                                                            77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtFreeVirtualMemory                                                                                                                                     77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtLoadDriver                                                                                                                                            77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtOpenFile                                                                                                                                              77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtProtectVirtualMemory                                                                                                                                  77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtSetInformationProcess                                                                                                                                 77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtUnloadDriver                                                                                                                                          77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtWriteVirtualMemory                                                                                                                                    77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtCreateUserProcess                                                                                                                                     77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!RtlAllocateHeap                                                                                                                                         77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!CreateProcessW                                                                                                                                       76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!CreateProcessA                                                                                                                                       76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!VirtualProtect                                                                                                                                       76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!OpenFile                                                                                                                                             7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!MoveFileW                                                                                                                                            7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!CopyFileExW                                                                                                                                          76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!CopyFileW                                                                                                                                            76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!DeleteFileW                                                                                                                                          7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!DeleteFileA                                                                                                                                          7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!MoveFileWithProgressW                                                                                                                                762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!MoveFileExW                                                                                                                                          762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!LoadLibraryExW                                                                                                                                       76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!LoadLibraryW                                                                                                                                         76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!LoadLibraryExA                                                                                                                                       762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!LoadLibraryA                                                                                                                                         762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!GetProcAddress                                                                                                                                       7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!GetModuleHandleA                                                                                                                                     762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!GetModuleHandleW                                                                                                                                     7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!CreateFileW                                                                                                                                          7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!CreateFileA                                                                                                                                          7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!MoveFileExA                                                                                                                                          76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!MoveFileWithProgressA                                                                                                                                76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!CopyFileA                                                                                                                                            76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!MoveFileA                                                                                                                                            762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!CopyFileExA                                                                                                                                          762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!WinExec                                                                                                                                              762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!LoadModule                                                                                                                                           762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ADVAPI32.dll!OpenServiceA                                                                                                                                         77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ADVAPI32.dll!OpenServiceW                                                                                                                                         77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ADVAPI32.dll!CreateServiceW                                                                                                                                       77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ADVAPI32.dll!CreateServiceA                                                                                                                                       77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] USER32.dll!EndTask                                                                                                                                                7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ole32.dll!CoGetClassObject                                                                                                                                        7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ole32.dll!CoCreateInstanceEx                                                                                                                                      76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] SHELL32.dll!ShellExecuteW                                                                                                                                         764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] SHELL32.dll!ShellExecuteExW                                                                                                                                       7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] SHELL32.dll!ShellExecuteEx                                                                                                                                        766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] SHELL32.dll!ShellExecuteA                                                                                                                                         766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!LdrLoadDll                                                                                                                  77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!LdrUnloadDll                                                                                                                77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!LdrGetProcedureAddress                                                                                                      77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtAllocateVirtualMemory                                                                                                     77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtClose                                                                                                                     77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtCreateFile                                                                                                                77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtCreateProcess                                                                                                             77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtCreateProcessEx                                                                                                           77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtDeleteFile                                                                                                                77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtFreeVirtualMemory                                                                                                         77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtLoadDriver                                                                                                                77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtOpenFile                                                                                                                  77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtProtectVirtualMemory                                                                                                      77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtSetInformationProcess                                                                                                     77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtUnloadDriver                                                                                                              77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtWriteVirtualMemory                                                                                                        77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtCreateUserProcess                                                                                                         77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!RtlAllocateHeap                                                                                                             77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!CreateProcessW                                                                                                           76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!CreateProcessA                                                                                                           76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!VirtualProtect                                                                                                           76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!OpenFile                                                                                                                 7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!MoveFileW                                                                                                                7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!CopyFileExW                                                                                                              76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!CopyFileW                                                                                                                76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!DeleteFileW                                                                                                              7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!DeleteFileA                                                                                                              7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!MoveFileWithProgressW                                                                                                    762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!MoveFileExW                                                                                                              762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!LoadLibraryExW                                                                                                           76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!LoadLibraryW                                                                                                             76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!LoadLibraryExA                                                                                                           762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!LoadLibraryA                                                                                                             762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!GetProcAddress                                                                                                           7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!GetModuleHandleA                                                                                                         762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!GetModuleHandleW                                                                                                         7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!CreateFileW                                                                                                              7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!CreateFileA                                                                                                              7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!MoveFileExA                                                                                                              76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!MoveFileWithProgressA                                                                                                    76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!CopyFileA                                                                                                                76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!MoveFileA                                                                                                                762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!CopyFileExA                                                                                                              762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!WinExec                                                                                                                  762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!LoadModule                                                                                                               762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ADVAPI32.dll!OpenServiceA                                                                                                             77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ADVAPI32.dll!OpenServiceW                                                                                                             77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ADVAPI32.dll!CreateServiceW                                                                                                           77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ADVAPI32.dll!CreateServiceA                                                                                                           77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] WS2_32.dll!WSASocketW                                                                                                                 77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] WS2_32.dll!WSASocketA                                                                                                                 77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] USER32.dll!EndTask                                                                                                                    7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ole32.dll!CoGetClassObject                                                                                                            7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ole32.dll!CoCreateInstanceEx                                                                                                          76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] SHELL32.dll!ShellExecuteW                                                                                                             764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] SHELL32.dll!ShellExecuteExW                                                                                                           7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] SHELL32.dll!ShellExecuteEx                                                                                                            766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] SHELL32.dll!ShellExecuteA                                                                                                             766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!LdrLoadDll                                                                                                                           77B69390 5 Bytes  JMP 00674550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!LdrUnloadDll                                                                                                                         77B7BA50 7 Bytes  JMP 006781E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!LdrGetProcedureAddress                                                                                                               77B85A88 5 Bytes  JMP 006719F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtAllocateVirtualMemory                                                                                                              77BA4134 5 Bytes  JMP 00671950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtClose                                                                                                                              77BA4314 5 Bytes  JMP 006782B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtCreateFile                                                                                                                         77BA43D4 5 Bytes  JMP 006718D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtCreateProcess                                                                                                                      77BA4494 5 Bytes  JMP 00671890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtCreateProcessEx                                                                                                                    77BA44A4 5 Bytes  JMP 006719B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtDeleteFile                                                                                                                         77BA47B4 5 Bytes  JMP 00671910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtFreeVirtualMemory                                                                                                                  77BA4944 5 Bytes  JMP 00671A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtLoadDriver                                                                                                                         77BA4A64 5 Bytes  JMP 00671970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtOpenFile                                                                                                                           77BA4BB4 5 Bytes  JMP 006718F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtProtectVirtualMemory                                                                                                               77BA4D34 5 Bytes  JMP 00671930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtSetInformationProcess                                                                                                              77BA5324 5 Bytes  JMP 006719D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtUnloadDriver                                                                                                                       77BA5574 5 Bytes  JMP 00671990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtWriteVirtualMemory                                                                                                                 77BA5674 5 Bytes  JMP 006718B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtCreateUserProcess                                                                                                                  77BA5804 5 Bytes  JMP 00677040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!RtlAllocateHeap                                                                                                                      77BA6570 5 Bytes  JMP 00671A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!CreateProcessW                                                                                                                    76221BF3 5 Bytes  JMP 00671A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!CreateProcessA                                                                                                                    76221C28 5 Bytes  JMP 00671A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!VirtualProtect                                                                                                                    76221DC3 5 Bytes  JMP 00671D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!OpenFile                                                                                                                          7622355A 5 Bytes  JMP 00671B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!MoveFileW                                                                                                                         7622A2F2 5 Bytes  JMP 00671C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!CopyFileExW                                                                                                                       76230211 7 Bytes  JMP 00671BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!CopyFileW                                                                                                                         76230299 5 Bytes  JMP 00671B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!DeleteFileW                                                                                                                       7623F4B6 5 Bytes  JMP 00671CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!DeleteFileA                                                                                                                       7623F5D2 5 Bytes  JMP 00671CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!MoveFileWithProgressW                                                                                                             762410A4 5 Bytes  JMP 00671C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!MoveFileExW                                                                                                                       762410C8 5 Bytes  JMP 00671C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!LoadLibraryExW                                                                                                                    76249109 7 Bytes  JMP 00671AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!LoadLibraryW                                                                                                                      76249362 5 Bytes  JMP 00671D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!LoadLibraryExA                                                                                                                    762494B4 5 Bytes  JMP 00671AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!LoadLibraryA                                                                                                                      762494DC 5 Bytes  JMP 00671D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!GetProcAddress                                                                                                                    7626903B 5 Bytes  JMP 00671A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!GetModuleHandleA                                                                                                                  762692A5 5 Bytes  JMP 00671CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!GetModuleHandleW                                                                                                                  7626A804 5 Bytes  JMP 00671D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!CreateFileW                                                                                                                       7626AECB 5 Bytes  JMP 00671B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!CreateFileA                                                                                                                       7626CE5F 5 Bytes  JMP 00671B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!MoveFileExA                                                                                                                       76270F0A 5 Bytes  JMP 00671C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!MoveFileWithProgressA                                                                                                             76270F2A 5 Bytes  JMP 00671C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!CopyFileA                                                                                                                         76272433 5 Bytes  JMP 00671B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!MoveFileA                                                                                                                         762AF641 5 Bytes  JMP 00671BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!CopyFileExA                                                                                                                       762B19F9 5 Bytes  JMP 00671BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!WinExec                                                                                                                           762B5CF7 5 Bytes  JMP 00671D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!LoadModule                                                                                                                        762B5E4F 5 Bytes  JMP 00671AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ADVAPI32.dll!OpenServiceA                                                                                                                      77CF2EBD 7 Bytes  JMP 00671640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ADVAPI32.dll!OpenServiceW                                                                                                                      77CF8354 7 Bytes  JMP 00671480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ADVAPI32.dll!CreateServiceW                                                                                                                    77D19EB4 7 Bytes  JMP 00671250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ADVAPI32.dll!CreateServiceA                                                                                                                    77D572A1 7 Bytes  JMP 00671000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] USER32.dll!EndTask                                                                                                                             7790AD32 5 Bytes  JMP 00677E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] SHELL32.dll!ShellExecuteW                                                                                                                      764F9725 5 Bytes  JMP 00671DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] SHELL32.dll!ShellExecuteExW                                                                                                                    7654C135 5 Bytes  JMP 00671E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] SHELL32.dll!ShellExecuteEx                                                                                                                     766F9FE2 5 Bytes  JMP 00671DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] SHELL32.dll!ShellExecuteA                                                                                                                      766FA07D 5 Bytes  JMP 00671DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ole32.dll!CoGetClassObject                                                                                                                     7633FABC 5 Bytes  JMP 00677D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ole32.dll!CoCreateInstanceEx                                                                                                                   76359EE9 5 Bytes  JMP 00677BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] WS2_32.dll!WSASocketW                                                                                                                          77C834EB 7 Bytes  JMP 00671E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] WS2_32.dll!WSASocketA                                                                                                                          77C88FA9 5 Bytes  JMP 00671E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!LdrLoadDll                                                                                                     77B69390 5 Bytes  JMP 003A4550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!LdrUnloadDll                                                                                                   77B7BA50 7 Bytes  JMP 003A81E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!LdrGetProcedureAddress                                                                                         77B85A88 5 Bytes  JMP 003A19F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtAllocateVirtualMemory                                                                                        77BA4134 5 Bytes  JMP 003A1950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtClose                                                                                                        77BA4314 5 Bytes  JMP 003A82B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtCreateFile                                                                                                   77BA43D4 5 Bytes  JMP 003A18D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtCreateProcess                                                                                                77BA4494 5 Bytes  JMP 003A1890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtCreateProcessEx                                                                                              77BA44A4 5 Bytes  JMP 003A19B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtDeleteFile                                                                                                   77BA47B4 5 Bytes  JMP 003A1910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtFreeVirtualMemory                                                                                            77BA4944 5 Bytes  JMP 003A1A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtLoadDriver                                                                                                   77BA4A64 5 Bytes  JMP 003A1970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtOpenFile                                                                                                     77BA4BB4 5 Bytes  JMP 003A18F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtProtectVirtualMemory                                                                                         77BA4D34 5 Bytes  JMP 003A1930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtSetInformationProcess                                                                                        77BA5324 5 Bytes  JMP 003A19D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtUnloadDriver                                                                                                 77BA5574 5 Bytes  JMP 003A1990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtWriteVirtualMemory                                                                                           77BA5674 5 Bytes  JMP 003A18B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtCreateUserProcess                                                                                            77BA5804 5 Bytes  JMP 003A7040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!RtlAllocateHeap                                                                                                77BA6570 5 Bytes  JMP 003A1A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!CreateProcessW                                                                                              76221BF3 5 Bytes  JMP 003A1A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!CreateProcessA                                                                                              76221C28 5 Bytes  JMP 003A1A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!VirtualProtect                                                                                              76221DC3 5 Bytes  JMP 003A1D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!OpenFile                                                                                                    7622355A 5 Bytes  JMP 003A1B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!MoveFileW                                                                                                   7622A2F2 5 Bytes  JMP 003A1C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!CopyFileExW                                                                                                 76230211 7 Bytes  JMP 003A1BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!CopyFileW                                                                                                   76230299 5 Bytes  JMP 003A1B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!DeleteFileW                                                                                                 7623F4B6 5 Bytes  JMP 003A1CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!DeleteFileA                                                                                                 7623F5D2 5 Bytes  JMP 003A1CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!MoveFileWithProgressW                                                                                       762410A4 5 Bytes  JMP 003A1C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!MoveFileExW                                                                                                 762410C8 5 Bytes  JMP 003A1C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!LoadLibraryExW                                                                                              76249109 7 Bytes  JMP 003A1AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!LoadLibraryW                                                                                                76249362 5 Bytes  JMP 003A1D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!LoadLibraryExA                                                                                              762494B4 5 Bytes  JMP 003A1AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!LoadLibraryA                                                                                                762494DC 5 Bytes  JMP 003A1D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!GetProcAddress                                                                                              7626903B 5 Bytes  JMP 003A1A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!GetModuleHandleA                                                                                            762692A5 5 Bytes  JMP 003A1CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!GetModuleHandleW                                                                                            7626A804 5 Bytes  JMP 003A1D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!CreateFileW                                                                                                 7626AECB 5 Bytes  JMP 003A1B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!CreateFileA                                                                                                 7626CE5F 5 Bytes  JMP 003A1B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!MoveFileExA                                                                                                 76270F0A 5 Bytes  JMP 003A1C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!MoveFileWithProgressA                                                                                       76270F2A 5 Bytes  JMP 003A1C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!CopyFileA                                                                                                   76272433 5 Bytes  JMP 003A1B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!MoveFileA                                                                                                   762AF641 5 Bytes  JMP 003A1BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!CopyFileExA                                                                                                 762B19F9 5 Bytes  JMP 003A1BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!WinExec                                                                                                     762B5CF7 5 Bytes  JMP 003A1D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!LoadModule                                                                                                  762B5E4F 5 Bytes  JMP 003A1AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] USER32.dll!EndTask                                                                                                       7790AD32 5 Bytes  JMP 003A7E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ADVAPI32.dll!OpenServiceA                                                                                                77CF2EBD 7 Bytes  JMP 003A1640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ADVAPI32.dll!OpenServiceW                                                                                                77CF8354 7 Bytes  JMP 003A1480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ADVAPI32.dll!CreateServiceW                                                                                              77D19EB4 7 Bytes  JMP 003A1250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ADVAPI32.dll!CreateServiceA                                                                                              77D572A1 7 Bytes  JMP 003A1000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] SHELL32.dll!ShellExecuteW                                                                                                764F9725 5 Bytes  JMP 003A1DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] SHELL32.dll!ShellExecuteExW                                                                                              7654C135 5 Bytes  JMP 003A1E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] SHELL32.dll!ShellExecuteEx                                                                                               766F9FE2 5 Bytes  JMP 003A1DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] SHELL32.dll!ShellExecuteA                                                                                                766FA07D 5 Bytes  JMP 003A1DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ole32.dll!CoGetClassObject                                                                                               7633FABC 5 Bytes  JMP 003A7D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ole32.dll!CoCreateInstanceEx                                                                                             76359EE9 5 Bytes  JMP 003A7BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] SHELL32.dll!ShellExecuteW                                                                                                                                 764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] SHELL32.dll!ShellExecuteExW                                                                                                                               7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] SHELL32.dll!ShellExecuteEx                                                                                                                                766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] SHELL32.dll!ShellExecuteA                                                                                                                                 766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!LdrLoadDll                                                                                                                 77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!LdrUnloadDll                                                                                                               77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!LdrGetProcedureAddress                                                                                                     77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtAllocateVirtualMemory                                                                                                    77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtClose                                                                                                                    77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtCreateFile                                                                                                               77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtCreateProcess                                                                                                            77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtCreateProcessEx                                                                                                          77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtDeleteFile                                                                                                               77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtFreeVirtualMemory                                                                                                        77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtLoadDriver                                                                                                               77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtOpenFile                                                                                                                 77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtProtectVirtualMemory                                                                                                     77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtSetInformationProcess                                                                                                    77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtUnloadDriver                                                                                                             77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtWriteVirtualMemory                                                                                                       77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtCreateUserProcess                                                                                                        77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!RtlAllocateHeap                                                                                                            77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!CreateProcessW                                                                                                          76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!CreateProcessA                                                                                                          76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!VirtualProtect                                                                                                          76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!OpenFile                                                                                                                7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!MoveFileW                                                                                                               7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!CopyFileExW                                                                                                             76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!CopyFileW                                                                                                               76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!DeleteFileW                                                                                                             7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!DeleteFileA                                                                                                             7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!MoveFileWithProgressW                                                                                                   762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!MoveFileExW                                                                                                             762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!LoadLibraryExW                                                                                                          76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!LoadLibraryW                                                                                                            76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!LoadLibraryExA                                                                                                          762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!LoadLibraryA                                                                                                            762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!GetProcAddress                                                                                                          7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!GetModuleHandleA                                                                                                        762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!GetModuleHandleW                                                                                                        7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!CreateFileW                                                                                                             7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!CreateFileA                                                                                                             7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!MoveFileExA                                                                                                             76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!MoveFileWithProgressA                                                                                                   76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!CopyFileA                                                                                                               76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!MoveFileA                                                                                                               762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!CopyFileExA                                                                                                             762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!WinExec                                                                                                                 762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!LoadModule                                                                                                              762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] USER32.dll!EndTask                                                                                                                   7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ADVAPI32.dll!OpenServiceA                                                                                                            77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ADVAPI32.dll!OpenServiceW                                                                                                            77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ADVAPI32.dll!CreateServiceW                                                                                                          77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ADVAPI32.dll!CreateServiceA                                                                                                          77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] SHELL32.dll!ShellExecuteW                                                                                                            764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] SHELL32.dll!ShellExecuteExW                                                                                                          7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] SHELL32.dll!ShellExecuteEx                                                                                                           766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] SHELL32.dll!ShellExecuteA                                                                                                            766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!LdrLoadDll                                                                                                                          77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!LdrUnloadDll                                                                                                                        77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!LdrGetProcedureAddress                                                                                                              77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtAllocateVirtualMemory                                                                                                             77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtClose                                                                                                                             77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtCreateFile                                                                                                                        77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtCreateProcess                                                                                                                     77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtCreateProcessEx                                                                                                                   77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtDeleteFile                                                                                                                        77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtFreeVirtualMemory                                                                                                                 77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtLoadDriver                                                                                                                        77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtOpenFile                                                                                                                          77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtProtectVirtualMemory                                                                                                              77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtSetInformationProcess                                                                                                             77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtUnloadDriver                                                                                                                      77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtWriteVirtualMemory                                                                                                                77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtCreateUserProcess                                                                                                                 77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!RtlAllocateHeap                                                                                                                     77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!CreateProcessW                                                                                                                   76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!CreateProcessA                                                                                                                   76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!VirtualProtect                                                                                                                   76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!OpenFile                                                                                                                         7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!MoveFileW                                                                                                                        7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!CopyFileExW                                                                                                                      76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!CopyFileW                                                                                                                        76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!DeleteFileW                                                                                                                      7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!DeleteFileA                                                                                                                      7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!MoveFileWithProgressW                                                                                                            762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!MoveFileExW                                                                                                                      762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!LoadLibraryExW                                                                                                                   76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!LoadLibraryW                                                                                                                     76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!LoadLibraryExA                                                                                                                   762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!LoadLibraryA                                                                                                                     762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!GetProcAddress                                                                                                                   7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!GetModuleHandleA                                                                                                                 762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!GetModuleHandleW                                                                                                                 7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!CreateFileW                                                                                                                      7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!CreateFileA                                                                                                                      7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!MoveFileExA                                                                                                                      76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!MoveFileWithProgressA                                                                                                            76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!CopyFileA                                                                                                                        76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!MoveFileA                                                                                                                        762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!CopyFileExA                                                                                                                      762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!WinExec                                                                                                                          762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!LoadModule                                                                                                                       762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ADVAPI32.dll!OpenServiceA                                                                                                                     77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ADVAPI32.dll!OpenServiceW                                                                                                                     77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ADVAPI32.dll!CreateServiceW                                                                                                                   77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ADVAPI32.dll!CreateServiceA                                                                                                                   77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] USER32.dll!EndTask                                                                                                                            7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] SHELL32.dll!ShellExecuteW                                                                                                                     764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] SHELL32.dll!ShellExecuteExW                                                                                                                   7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] SHELL32.dll!ShellExecuteEx                                                                                                                    766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] SHELL32.dll!ShellExecuteA                                                                                                                     766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ole32.dll!CoGetClassObject                                                                                                                    7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ole32.dll!CoCreateInstanceEx                                                                                                                  76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] WS2_32.dll!WSASocketW                                                                                                                                     77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] WS2_32.dll!WSASocketA                                                                                                                                     77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!LdrLoadDll                                                                                                                  77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!LdrUnloadDll                                                                                                                77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!LdrGetProcedureAddress                                                                                                      77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtAllocateVirtualMemory                                                                                                     77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtClose                                                                                                                     77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtCreateFile                                                                                                                77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtCreateProcess                                                                                                             77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtCreateProcessEx                                                                                                           77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtDeleteFile                                                                                                                77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtFreeVirtualMemory                                                                                                         77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtLoadDriver                                                                                                                77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtOpenFile                                                                                                                  77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtProtectVirtualMemory                                                                                                      77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtSetInformationProcess                                                                                                     77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtUnloadDriver                                                                                                              77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtWriteVirtualMemory                                                                                                        77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtCreateUserProcess                                                                                                         77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!RtlAllocateHeap                                                                                                             77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!CreateProcessW                                                                                                           76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!CreateProcessA                                                                                                           76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!VirtualProtect                                                                                                           76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!OpenFile                                                                                                                 7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!MoveFileW                                                                                                                7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!CopyFileExW                                                                                                              76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!CopyFileW                                                                                                                76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!DeleteFileW                                                                                                              7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!DeleteFileA                                                                                                              7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!MoveFileWithProgressW                                                                                                    762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!MoveFileExW                                                                                                              762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!LoadLibraryExW                                                                                                           76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!LoadLibraryW                                                                                                             76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!LoadLibraryExA                                                                                                           762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!LoadLibraryA                                                                                                             762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!GetProcAddress                                                                                                           7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!GetModuleHandleA                                                                                                         762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!GetModuleHandleW                                                                                                         7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!CreateFileW                                                                                                              7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!CreateFileA                                                                                                              7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!MoveFileExA                                                                                                              76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!MoveFileWithProgressA                                                                                                    76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!CopyFileA                                                                                                                76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!MoveFileA                                                                                                                762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!CopyFileExA                                                                                                              762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!WinExec                                                                                                                  762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!LoadModule                                                                                                               762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] USER32.dll!EndTask                                                                                                                    7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ADVAPI32.dll!OpenServiceA                                                                                                             77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ADVAPI32.dll!OpenServiceW                                                                                                             77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ADVAPI32.dll!CreateServiceW                                                                                                           77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ADVAPI32.dll!CreateServiceA                                                                                                           77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ole32.dll!CoGetClassObject                                                                                                            7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ole32.dll!CoCreateInstanceEx                                                                                                          76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!LdrLoadDll                                                                                                                        77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!LdrUnloadDll                                                                                                                      77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!LdrGetProcedureAddress                                                                                                            77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtAllocateVirtualMemory                                                                                                           77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtClose                                                                                                                           77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtCreateFile                                                                                                                      77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtCreateProcess                                                                                                                   77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtCreateProcessEx                                                                                                                 77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtDeleteFile                                                                                                                      77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtFreeVirtualMemory                                                                                                               77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtLoadDriver                                                                                                                      77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtOpenFile                                                                                                                        77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtProtectVirtualMemory                                                                                                            77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtSetInformationProcess                                                                                                           77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtUnloadDriver                                                                                                                    77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtWriteVirtualMemory                                                                                                              77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtCreateUserProcess                                                                                                               77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!RtlAllocateHeap                                                                                                                   77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!CreateProcessW                                                                                                                 76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!CreateProcessA                                                                                                                 76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!VirtualProtect                                                                                                                 76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!OpenFile                                                                                                                       7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!MoveFileW                                                                                                                      7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!CopyFileExW                                                                                                                    76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!CopyFileW                                                                                                                      76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!DeleteFileW                                                                                                                    7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!DeleteFileA                                                                                                                    7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!MoveFileWithProgressW                                                                                                          762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!MoveFileExW                                                                                                                    762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!LoadLibraryExW                                                                                                                 76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!LoadLibraryW                                                                                                                   76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!LoadLibraryExA                                                                                                                 762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!LoadLibraryA                                                                                                                   762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!GetProcAddress                                                                                                                 7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!GetModuleHandleA                                                                                                               762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!GetModuleHandleW                                                                                                               7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!CreateFileW                                                                                                                    7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!CreateFileA                                                                                                                    7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!MoveFileExA                                                                                                                    76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!MoveFileWithProgressA                                                                                                          76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!CopyFileA                                                                                                                      76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!MoveFileA                                                                                                                      762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!CopyFileExA                                                                                                                    762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!WinExec                                                                                                                        762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!LoadModule                                                                                                                     762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ADVAPI32.dll!OpenServiceA                                                                                                                   77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ADVAPI32.dll!OpenServiceW                                                                                                                   77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ADVAPI32.dll!CreateServiceW                                                                                                                 77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ADVAPI32.dll!CreateServiceA                                                                                                                 77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] USER32.dll!EndTask                                                                                                                          7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ole32.dll!CoGetClassObject                                                                                                                  7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ole32.dll!CoCreateInstanceEx                                                                                                                76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!LdrLoadDll                                                                                                                77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!LdrUnloadDll                                                                                                              77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!LdrGetProcedureAddress                                                                                                    77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtAllocateVirtualMemory                                                                                                   77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtClose                                                                                                                   77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtCreateFile                                                                                                              77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtCreateProcess                                                                                                           77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtCreateProcessEx                                                                                                         77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtDeleteFile                                                                                                              77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtFreeVirtualMemory                                                                                                       77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtLoadDriver                                                                                                              77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtOpenFile                                                                                                                77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtProtectVirtualMemory                                                                                                    77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtSetInformationProcess                                                                                                   77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtUnloadDriver                                                                                                            77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtWriteVirtualMemory                                                                                                      77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtCreateUserProcess                                                                                                       77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!RtlAllocateHeap                                                                                                           77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!CreateProcessW                                                                                                         76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!CreateProcessA                                                                                                         76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!VirtualProtect                                                                                                         76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!OpenFile                                                                                                               7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!MoveFileW                                                                                                              7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!CopyFileExW                                                                                                            76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!CopyFileW                                                                                                              76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!DeleteFileW                                                                                                            7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!DeleteFileA                                                                                                            7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!MoveFileWithProgressW                                                                                                  762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!MoveFileExW                                                                                                            762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!LoadLibraryExW                                                                                                         76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!LoadLibraryW                                                                                                           76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!LoadLibraryExA                                                                                                         762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!LoadLibraryA                                                                                                           762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!GetProcAddress                                                                                                         7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!GetModuleHandleA                                                                                                       762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!GetModuleHandleW                                                                                                       7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!CreateFileW                                                                                                            7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!CreateFileA                                                                                                            7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!MoveFileExA                                                                                                            76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!MoveFileWithProgressA                                                                                                  76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!CopyFileA                                                                                                              76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!MoveFileA                                                                                                              762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!CopyFileExA                                                                                                            762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!WinExec                                                                                                                762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!LoadModule                                                                                                             762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] USER32.dll!EndTask                                                                                                                  7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ADVAPI32.dll!OpenServiceA                                                                                                           77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ADVAPI32.dll!OpenServiceW                                                                                                           77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ADVAPI32.dll!CreateServiceW                                                                                                         77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ADVAPI32.dll!CreateServiceA                                                                                                         77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] SHELL32.dll!ShellExecuteW                                                                                                           764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] SHELL32.dll!ShellExecuteExW                                                                                                         7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] SHELL32.dll!ShellExecuteEx                                                                                                          766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] SHELL32.dll!ShellExecuteA                                                                                                           766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ole32.dll!CoGetClassObject                                                                                                          7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ole32.dll!CoCreateInstanceEx                                                                                                        76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] SHELL32.dll!ShellExecuteW                                                                                                                                 764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] SHELL32.dll!ShellExecuteExW                                                                                                                               7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] SHELL32.dll!ShellExecuteEx                                                                                                                                766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] SHELL32.dll!ShellExecuteA                                                                                                                                 766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] SHELL32.dll!ShellExecuteW                                                                                                                                 764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] SHELL32.dll!ShellExecuteExW                                                                                                                               7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] SHELL32.dll!ShellExecuteEx                                                                                                                                766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] SHELL32.dll!ShellExecuteA                                                                                                                                 766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!LdrLoadDll                                                                                                                                77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!LdrUnloadDll                                                                                                                              77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!LdrGetProcedureAddress                                                                                                                    77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtAllocateVirtualMemory                                                                                                                   77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtClose                                                                                                                                   77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtCreateFile                                                                                                                              77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtCreateProcess                                                                                                                           77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtCreateProcessEx                                                                                                                         77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtDeleteFile                                                                                                                              77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtFreeVirtualMemory                                                                                                                       77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtLoadDriver                                                                                                                              77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtOpenFile                                                                                                                                77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtProtectVirtualMemory                                                                                                                    77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtSetInformationProcess                                                                                                                   77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtUnloadDriver                                                                                                                            77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtWriteVirtualMemory                                                                                                                      77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtCreateUserProcess                                                                                                                       77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!RtlAllocateHeap                                                                                                                           77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!CreateProcessW                                                                                                                         76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!CreateProcessA                                                                                                                         76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!VirtualProtect                                                                                                                         76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!OpenFile                                                                                                                               7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!MoveFileW                                                                                                                              7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!CopyFileExW                                                                                                                            76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!CopyFileW                                                                                                                              76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!DeleteFileW                                                                                                                            7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!DeleteFileA                                                                                                                            7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!MoveFileWithProgressW                                                                                                                  762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!MoveFileExW                                                                                                                            762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!LoadLibraryExW                                                                                                                         76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!LoadLibraryW                                                                                                                           76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!LoadLibraryExA                                                                                                                         762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!LoadLibraryA                                                                                                                           762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!GetProcAddress                                                                                                                         7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!GetModuleHandleA                                                                                                                       762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!GetModuleHandleW                                                                                                                       7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!CreateFileW                                                                                                                            7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!CreateFileA                                                                                                                            7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!MoveFileExA                                                                                                                            76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!MoveFileWithProgressA                                                                                                                  76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!CopyFileA                                                                                                                              76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!MoveFileA                                                                                                                              762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!CopyFileExA                                                                                                                            762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!WinExec                                                                                                                                762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!LoadModule                                                                                                                             762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ADVAPI32.dll!OpenServiceA                                                                                                                           77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ADVAPI32.dll!OpenServiceW                                                                                                                           77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ADVAPI32.dll!CreateServiceW                                                                                                                         77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ADVAPI32.dll!CreateServiceA                                                                                                                         77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] USER32.dll!EndTask                                                                                                                                  7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ole32.dll!CoGetClassObject                                                                                                                          7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ole32.dll!CoCreateInstanceEx                                                                                                                        76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] SHELL32.dll!ShellExecuteW                                                                                                                           764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] SHELL32.dll!ShellExecuteExW                                                                                                                         7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] SHELL32.dll!ShellExecuteEx                                                                                                                          766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] SHELL32.dll!ShellExecuteA                                                                                                                           766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] WS2_32.dll!WSASocketW                                                                                                                               77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] WS2_32.dll!WSASocketA                                                                                                                               77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!LdrLoadDll                                                                                                                               77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!LdrUnloadDll                                                                                                                             77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!LdrGetProcedureAddress                                                                                                                   77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtAllocateVirtualMemory                                                                                                                  77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtClose                                                                                                                                  77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtCreateFile                                                                                                                             77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtCreateProcess                                                                                                                          77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtCreateProcessEx                                                                                                                        77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtDeleteFile                                                                                                                             77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtFreeVirtualMemory                                                                                                                      77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtLoadDriver                                                                                                                             77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtOpenFile                                                                                                                               77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtProtectVirtualMemory                                                                                                                   77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtSetInformationProcess                                                                                                                  77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtUnloadDriver                                                                                                                           77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtWriteVirtualMemory                                                                                                                     77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtCreateUserProcess                                                                                                                      77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!RtlAllocateHeap                                                                                                                          77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!CreateProcessW                                                                                                                        76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!CreateProcessA                                                                                                                        76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!VirtualProtect                                                                                                                        76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!OpenFile                                                                                                                              7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!MoveFileW                                                                                                                             7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!CopyFileExW                                                                                                                           76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!CopyFileW                                                                                                                             76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!DeleteFileW                                                                                                                           7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!DeleteFileA                                                                                                                           7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!MoveFileWithProgressW                                                                                                                 762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!MoveFileExW                                                                                                                           762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!LoadLibraryExW                                                                                                                        76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!LoadLibraryW                                                                                                                          76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!LoadLibraryExA                                                                                                                        762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!LoadLibraryA                                                                                                                          762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!GetProcAddress                                                                                                                        7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!GetModuleHandleA                                                                                                                      762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!GetModuleHandleW                                                                                                                      7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!CreateFileW                                                                                                                           7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!CreateFileA                                                                                                                           7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!MoveFileExA                                                                                                                           76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!MoveFileWithProgressA                                                                                                                 76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!CopyFileA                                                                                                                             76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!MoveFileA                                                                                                                             762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!CopyFileExA                                                                                                                           762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!WinExec                                                                                                                               762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!LoadModule                                                                                                                            762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ADVAPI32.dll!OpenServiceA                                                                                                                          77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ADVAPI32.dll!OpenServiceW                                                                                                                          77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ADVAPI32.dll!CreateServiceW                                                                                                                        77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ADVAPI32.dll!CreateServiceA                                                                                                                        77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ole32.dll!CoGetClassObject                                                                                                                         7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ole32.dll!CoCreateInstanceEx                                                                                                                       76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] USER32.dll!EndTask                                                                                                                                 7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!LdrLoadDll                                                                                                                   77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!LdrUnloadDll                                                                                                                 77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!LdrGetProcedureAddress                                                                                                       77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtAllocateVirtualMemory                                                                                                      77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtClose                                                                                                                      77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtCreateFile                                                                                                                 77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtCreateProcess                                                                                                              77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtCreateProcessEx                                                                                                            77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtDeleteFile                                                                                                                 77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtFreeVirtualMemory                                                                                                          77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtLoadDriver                                                                                                                 77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtOpenFile                                                                                                                   77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtProtectVirtualMemory                                                                                                       77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtSetInformationProcess                                                                                                      77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtUnloadDriver                                                                                                               77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtWriteVirtualMemory                                                                                                         77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtCreateUserProcess                                                                                                          77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!RtlAllocateHeap                                                                                                              77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!CreateProcessW                                                                                                            76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!CreateProcessA                                                                                                            76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!VirtualProtect                                                                                                            76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!OpenFile                                                                                                                  7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!MoveFileW                                                                                                                 7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!CopyFileExW                                                                                                               76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!CopyFileW                                                                                                                 76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!DeleteFileW                                                                                                               7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!DeleteFileA                                                                                                               7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!MoveFileWithProgressW                                                                                                     762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!MoveFileExW                                                                                                               762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!LoadLibraryExW                                                                                                            76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!LoadLibraryW                                                                                                              76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!LoadLibraryExA                                                                                                            762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!LoadLibraryA                                                                                                              762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!GetProcAddress                                                                                                            7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!GetModuleHandleA                                                                                                          762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!GetModuleHandleW                                                                                                          7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!CreateFileW                                                                                                               7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!CreateFileA                                                                                                               7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!MoveFileExA                                                                                                               76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!MoveFileWithProgressA                                                                                                     76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!CopyFileA                                                                                                                 76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!MoveFileA                                                                                                                 762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!CopyFileExA                                                                                                               762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!WinExec                                                                                                                   762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!LoadModule                                                                                                                762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] WS2_32.dll!WSASocketW                                                                                                                  77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] WS2_32.dll!WSASocketA                                                                                                                  77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ADVAPI32.dll!OpenServiceA                                                                                                              77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ADVAPI32.dll!OpenServiceW                                                                                                              77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ADVAPI32.dll!CreateServiceW                                                                                                            77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ADVAPI32.dll!CreateServiceA                                                                                                            77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] USER32.dll!EndTask                                                                                                                     7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] SHELL32.dll!ShellExecuteW                                                                                                              764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] SHELL32.dll!ShellExecuteExW                                                                                                            7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] SHELL32.dll!ShellExecuteEx                                                                                                             766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] SHELL32.dll!ShellExecuteA                                                                                                              766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!LdrLoadDll                                                                                                                         77B69390 5 Bytes  JMP 004E4550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!LdrUnloadDll                                                                                                                       77B7BA50 7 Bytes  JMP 004E81E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!LdrGetProcedureAddress                                                                                                             77B85A88 5 Bytes  JMP 004E19F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtAllocateVirtualMemory                                                                                                            77BA4134 5 Bytes  JMP 004E1950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtClose                                                                                                                            77BA4314 5 Bytes  JMP 004E82B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtCreateFile                                                                                                                       77BA43D4 5 Bytes  JMP 004E18D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtCreateProcess                                                                                                                    77BA4494 5 Bytes  JMP 004E1890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtCreateProcessEx                                                                                                                  77BA44A4 5 Bytes  JMP 004E19B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtDeleteFile                                                                                                                       77BA47B4 5 Bytes  JMP 004E1910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtFreeVirtualMemory                                                                                                                77BA4944 5 Bytes  JMP 004E1A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtLoadDriver                                                                                                                       77BA4A64 5 Bytes  JMP 004E1970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtOpenFile                                                                                                                         77BA4BB4 5 Bytes  JMP 004E18F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtProtectVirtualMemory                                                                                                             77BA4D34 5 Bytes  JMP 004E1930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtSetInformationProcess                                                                                                            77BA5324 5 Bytes  JMP 004E19D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtUnloadDriver                                                                                                                     77BA5574 5 Bytes  JMP 004E1990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtWriteVirtualMemory                                                                                                               77BA5674 5 Bytes  JMP 004E18B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtCreateUserProcess                                                                                                                77BA5804 5 Bytes  JMP 004E7040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!RtlAllocateHeap                                                                                                                    77BA6570 5 Bytes  JMP 004E1A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!CreateProcessW                                                                                                                  76221BF3 5 Bytes  JMP 004E1A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!CreateProcessA                                                                                                                  76221C28 5 Bytes  JMP 004E1A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!VirtualProtect                                                                                                                  76221DC3 5 Bytes  JMP 004E1D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!OpenFile                                                                                                                        7622355A 5 Bytes  JMP 004E1B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!MoveFileW                                                                                                                       7622A2F2 5 Bytes  JMP 004E1C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!CopyFileExW                                                                                                                     76230211 7 Bytes  JMP 004E1BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!CopyFileW                                                                                                                       76230299 5 Bytes  JMP 004E1B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!DeleteFileW                                                                                                                     7623F4B6 5 Bytes  JMP 004E1CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!DeleteFileA                                                                                                                     7623F5D2 5 Bytes  JMP 004E1CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!MoveFileWithProgressW                                                                                                           762410A4 5 Bytes  JMP 004E1C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!MoveFileExW                                                                                                                     762410C8 5 Bytes  JMP 004E1C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!LoadLibraryExW                                                                                                                  76249109 7 Bytes  JMP 004E1AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!LoadLibraryW                                                                                                                    76249362 5 Bytes  JMP 004E1D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!LoadLibraryExA                                                                                                                  762494B4 5 Bytes  JMP 004E1AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!LoadLibraryA                                                                                                                    762494DC 5 Bytes  JMP 004E1D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!GetProcAddress                                                                                                                  7626903B 5 Bytes  JMP 004E1A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!GetModuleHandleA                                                                                                                762692A5 5 Bytes  JMP 004E1CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!GetModuleHandleW                                                                                                                7626A804 5 Bytes  JMP 004E1D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!CreateFileW                                                                                                                     7626AECB 5 Bytes  JMP 004E1B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!CreateFileA                                                                                                                     7626CE5F 5 Bytes  JMP 004E1B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!MoveFileExA                                                                                                                     76270F0A 5 Bytes  JMP 004E1C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!MoveFileWithProgressA                                                                                                           76270F2A 5 Bytes  JMP 004E1C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!CopyFileA                                                                                                                       76272433 5 Bytes  JMP 004E1B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!MoveFileA                                                                                                                       762AF641 5 Bytes  JMP 004E1BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!CopyFileExA                                                                                                                     762B19F9 5 Bytes  JMP 004E1BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!WinExec                                                                                                                         762B5CF7 5 Bytes  JMP 004E1D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!LoadModule                                                                                                                      762B5E4F 5 Bytes  JMP 004E1AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] USER32.dll!EndTask                                                                                                                           7790AD32 5 Bytes  JMP 004E7E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ADVAPI32.dll!OpenServiceA                                                                                                                    77CF2EBD 7 Bytes  JMP 004E1640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ADVAPI32.dll!OpenServiceW                                                                                                                    77CF8354 7 Bytes  JMP 004E1480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ADVAPI32.dll!CreateServiceW                                                                                                                  77D19EB4 7 Bytes  JMP 004E1250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ADVAPI32.dll!CreateServiceA                                                                                                                  77D572A1 7 Bytes  JMP 004E1000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] SHELL32.dll!ShellExecuteW                                                                                                                    764F9725 5 Bytes  JMP 004E1DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] SHELL32.dll!ShellExecuteExW                                                                                                                  7654C135 5 Bytes  JMP 004E1E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] SHELL32.dll!ShellExecuteEx                                                                                                                   766F9FE2 5 Bytes  JMP 004E1DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] SHELL32.dll!ShellExecuteA                                                                                                                    766FA07D 5 Bytes  JMP 004E1DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ole32.dll!CoGetClassObject                                                                                                                   7633FABC 5 Bytes  JMP 004E7D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ole32.dll!CoCreateInstanceEx                                                                                                                 76359EE9 5 Bytes  JMP 004E7BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!LdrLoadDll                                                                                                                                               77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!LdrUnloadDll                                                                                                                                             77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!LdrGetProcedureAddress                                                                                                                                   77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtAllocateVirtualMemory                                                                                                                                  77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtClose                                                                                                                                                  77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtCreateFile                                                                                                                                             77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtCreateProcess                                                                                                                                          77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtCreateProcessEx                                                                                                                                        77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtDeleteFile                                                                                                                                             77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtFreeVirtualMemory                                                                                                                                      77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtLoadDriver                                                                                                                                             77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtOpenFile                                                                                                                                               77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtProtectVirtualMemory                                                                                                                                   77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtSetInformationProcess                                                                                                                                  77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtUnloadDriver                                                                                                                                           77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtWriteVirtualMemory                                                                                                                                     77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtCreateUserProcess                                                                                                                                      77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!RtlAllocateHeap                                                                                                                                          77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!CreateProcessW                                                                                                                                        76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!CreateProcessA                                                                                                                                        76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!VirtualProtect                                                                                                                                        76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!OpenFile                                                                                                                                              7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!MoveFileW                                                                                                                                             7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!CopyFileExW                                                                                                                                           76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!CopyFileW                                                                                                                                             76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!DeleteFileW                                                                                                                                           7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!DeleteFileA                                                                                                                                           7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!MoveFileWithProgressW                                                                                                                                 762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!MoveFileExW                                                                                                                                           762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!LoadLibraryExW                                                                                                                                        76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!LoadLibraryW                                                                                                                                          76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!LoadLibraryExA                                                                                                                                        762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!LoadLibraryA                                                                                                                                          762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!GetProcAddress                                                                                                                                        7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!GetModuleHandleA                                                                                                                                      762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!GetModuleHandleW                                                                                                                                      7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!CreateFileW                                                                                                                                           7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!CreateFileA                                                                                                                                           7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!MoveFileExA                                                                                                                                           76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!MoveFileWithProgressA                                                                                                                                 76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!CopyFileA                                                                                                                                             76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!MoveFileA                                                                                                                                             762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!CopyFileExA                                                                                                                                           762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!WinExec                                                                                                                                               762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!LoadModule                                                                                                                                            762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] USER32.dll!EndTask                                                                                                                                                 7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ADVAPI32.dll!OpenServiceA                                                                                                                                          77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ADVAPI32.dll!OpenServiceW                                                                                                                                          77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ADVAPI32.dll!CreateServiceW                                                                                                                                        77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ADVAPI32.dll!CreateServiceA                                                                                                                                        77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] SHELL32.dll!ShellExecuteW                                                                                                                                          764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] SHELL32.dll!ShellExecuteExW                                                                                                                                        7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] SHELL32.dll!ShellExecuteEx                                                                                                                                         766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] SHELL32.dll!ShellExecuteA                                                                                                                                          766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ole32.dll!CoGetClassObject                                                                                                                                         7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ole32.dll!CoCreateInstanceEx                                                                                                                                       76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!LdrLoadDll                                                                                                                     77B69390 5 Bytes  JMP 00394550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!LdrUnloadDll                                                                                                                   77B7BA50 7 Bytes  JMP 003981E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!LdrGetProcedureAddress                                                                                                         77B85A88 5 Bytes  JMP 003919F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtAllocateVirtualMemory                                                                                                        77BA4134 5 Bytes  JMP 00391950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtClose                                                                                                                        77BA4314 5 Bytes  JMP 003982B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtCreateFile                                                                                                                   77BA43D4 5 Bytes  JMP 003918D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtCreateProcess                                                                                                                77BA4494 5 Bytes  JMP 00391890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtCreateProcessEx                                                                                                              77BA44A4 5 Bytes  JMP 003919B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtDeleteFile                                                                                                                   77BA47B4 5 Bytes  JMP 00391910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtFreeVirtualMemory                                                                                                            77BA4944 5 Bytes  JMP 00391A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtLoadDriver                                                                                                                   77BA4A64 5 Bytes  JMP 00391970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtOpenFile                                                                                                                     77BA4BB4 5 Bytes  JMP 003918F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtProtectVirtualMemory                                                                                                         77BA4D34 5 Bytes  JMP 00391930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtSetInformationProcess                                                                                                        77BA5324 5 Bytes  JMP 003919D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtUnloadDriver                                                                                                                 77BA5574 5 Bytes  JMP 00391990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtWriteVirtualMemory                                                                                                           77BA5674 5 Bytes  JMP 003918B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtCreateUserProcess                                                                                                            77BA5804 5 Bytes  JMP 00397040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!RtlAllocateHeap                                                                                                                77BA6570 5 Bytes  JMP 00391A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!CreateProcessW                                                                                                              76221BF3 5 Bytes  JMP 00391A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!CreateProcessA                                                                                                              76221C28 5 Bytes  JMP 00391A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!VirtualProtect                                                                                                              76221DC3 5 Bytes  JMP 00391D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!OpenFile                                                                                                                    7622355A 5 Bytes  JMP 00391B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!MoveFileW                                                                                                                   7622A2F2 5 Bytes  JMP 00391C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!CopyFileExW                                                                                                                 76230211 7 Bytes  JMP 00391BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!CopyFileW                                                                                                                   76230299 5 Bytes  JMP 00391B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!DeleteFileW                                                                                                                 7623F4B6 5 Bytes  JMP 00391CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!DeleteFileA                                                                                                                 7623F5D2 5 Bytes  JMP 00391CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!MoveFileWithProgressW                                                                                                       762410A4 5 Bytes  JMP 00391C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!MoveFileExW                                                                                                                 762410C8 5 Bytes  JMP 00391C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!LoadLibraryExW                                                                                                              76249109 7 Bytes  JMP 00391AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!LoadLibraryW                                                                                                                76249362 5 Bytes  JMP 00391D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!LoadLibraryExA                                                                                                              762494B4 5 Bytes  JMP 00391AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!LoadLibraryA                                                                                                                762494DC 5 Bytes  JMP 00391D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!GetProcAddress                                                                                                              7626903B 5 Bytes  JMP 00391A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!GetModuleHandleA                                                                                                            762692A5 5 Bytes  JMP 00391CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!GetModuleHandleW                                                                                                            7626A804 5 Bytes  JMP 00391D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!CreateFileW                                                                                                                 7626AECB 5 Bytes  JMP 00391B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!CreateFileA                                                                                                                 7626CE5F 5 Bytes  JMP 00391B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!MoveFileExA                                                                                                                 76270F0A 5 Bytes  JMP 00391C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!MoveFileWithProgressA                                                                                                       76270F2A 5 Bytes  JMP 00391C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!CopyFileA                                                                                                                   76272433 5 Bytes  JMP 00391B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!MoveFileA                                                                                                                   762AF641 5 Bytes  JMP 00391BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!CopyFileExA                                                                                                                 762B19F9 5 Bytes  JMP 00391BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!WinExec                                                                                                                     762B5CF7 5 Bytes  JMP 00391D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!LoadModule                                                                                                                  762B5E4F 5 Bytes  JMP 00391AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] USER32.dll!EndTask                                                                                                                       7790AD32 5 Bytes  JMP 00397E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ADVAPI32.dll!OpenServiceA                                                                                                                77CF2EBD 7 Bytes  JMP 00391640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ADVAPI32.dll!OpenServiceW                                                                                                                77CF8354 7 Bytes  JMP 00391480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ADVAPI32.dll!CreateServiceW                                                                                                              77D19EB4 7 Bytes  JMP 00391250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ADVAPI32.dll!CreateServiceA                                                                                                              77D572A1 7 Bytes  JMP 00391000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] SHELL32.dll!ShellExecuteW                                                                                                                764F9725 5 Bytes  JMP 00391DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] SHELL32.dll!ShellExecuteExW                                                                                                              7654C135 5 Bytes  JMP 00391E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] SHELL32.dll!ShellExecuteEx                                                                                                               766F9FE2 5 Bytes  JMP 00391DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] SHELL32.dll!ShellExecuteA                                                                                                                766FA07D 5 Bytes  JMP 00391DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ole32.dll!CoGetClassObject                                                                                                               7633FABC 5 Bytes  JMP 00397D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ole32.dll!CoCreateInstanceEx                                                                                                             76359EE9 5 Bytes  JMP 00397BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!LdrLoadDll                                                                                                                                77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!LdrUnloadDll                                                                                                                              77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!LdrGetProcedureAddress                                                                                                                    77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtAllocateVirtualMemory                                                                                                                   77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtClose                                                                                                                                   77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtCreateFile                                                                                                                              77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtCreateProcess                                                                                                                           77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtCreateProcessEx                                                                                                                         77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtDeleteFile                                                                                                                              77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtFreeVirtualMemory                                                                                                                       77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtLoadDriver                                                                                                                              77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtOpenFile                                                                                                                                77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtProtectVirtualMemory                                                                                                                    77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtSetInformationProcess                                                                                                                   77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtUnloadDriver                                                                                                                            77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtWriteVirtualMemory                                                                                                                      77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtCreateUserProcess                                                                                                                       77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!RtlAllocateHeap                                                                                                                           77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!CreateProcessW                                                                                                                         76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!CreateProcessA                                                                                                                         76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!VirtualProtect                                                                                                                         76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!OpenFile                                                                                                                               7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!MoveFileW                                                                                                                              7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!CopyFileExW                                                                                                                            76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!CopyFileW                                                                                                                              76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!DeleteFileW                                                                                                                            7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!DeleteFileA                                                                                                                            7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!MoveFileWithProgressW                                                                                                                  762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!MoveFileExW                                                                                                                            762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!LoadLibraryExW                                                                                                                         76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!LoadLibraryW                                                                                                                           76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!LoadLibraryExA                                                                                                                         762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!LoadLibraryA                                                                                                                           762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!GetProcAddress                                                                                                                         7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!GetModuleHandleA                                                                                                                       762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!GetModuleHandleW                                                                                                                       7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!CreateFileW                                                                                                                            7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!CreateFileA                                                                                                                            7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!MoveFileExA                                                                                                                            76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!MoveFileWithProgressA                                                                                                                  76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!CopyFileA                                                                                                                              76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!MoveFileA                                                                                                                              762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!CopyFileExA                                                                                                                            762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!WinExec                                                                                                                                762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!LoadModule                                                                                                                             762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ADVAPI32.dll!OpenServiceA                                                                                                                           77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ADVAPI32.dll!OpenServiceW                                                                                                                           77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ADVAPI32.dll!CreateServiceW                                                                                                                         77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ADVAPI32.dll!CreateServiceA                                                                                                                         77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ole32.dll!CoGetClassObject                                                                                                                          7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ole32.dll!CoCreateInstanceEx                                                                                                                        76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] USER32.dll!EndTask                                                                                                                                  7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!LdrLoadDll                                                                                                                        77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!LdrUnloadDll                                                                                                                      77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!LdrGetProcedureAddress                                                                                                            77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtAllocateVirtualMemory                                                                                                           77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtClose                                                                                                                           77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtCreateFile                                                                                                                      77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtCreateProcess                                                                                                                   77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtCreateProcessEx                                                                                                                 77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtDeleteFile                                                                                                                      77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtFreeVirtualMemory                                                                                                               77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtLoadDriver                                                                                                                      77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtOpenFile                                                                                                                        77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtProtectVirtualMemory                                                                                                            77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtSetInformationProcess                                                                                                           77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtUnloadDriver                                                                                                                    77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtWriteVirtualMemory                                                                                                              77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtCreateUserProcess                                                                                                               77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!RtlAllocateHeap                                                                                                                   77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!CreateProcessW                                                                                                                 76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!CreateProcessA                                                                                                                 76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!VirtualProtect                                                                                                                 76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!OpenFile                                                                                                                       7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!MoveFileW                                                                                                                      7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!CopyFileExW                                                                                                                    76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!CopyFileW                                                                                                                      76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!DeleteFileW                                                                                                                    7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!DeleteFileA                                                                                                                    7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!MoveFileWithProgressW                                                                                                          762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!MoveFileExW                                                                                                                    762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!LoadLibraryExW                                                                                                                 76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!LoadLibraryW                                                                                                                   76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!LoadLibraryExA                                                                                                                 762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!LoadLibraryA                                                                                                                   762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!GetProcAddress                                                                                                                 7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!GetModuleHandleA                                                                                                               762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!GetModuleHandleW                                                                                                               7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!CreateFileW                                                                                                                    7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!CreateFileA                                                                                                                    7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!MoveFileExA                                                                                                                    76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!MoveFileWithProgressA                                                                                                          76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!CopyFileA                                                                                                                      76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!MoveFileA                                                                                                                      762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!CopyFileExA                                                                                                                    762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!WinExec                                                                                                                        762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!LoadModule                                                                                                                     762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] USER32.dll!EndTask                                                                                                                          7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ADVAPI32.dll!OpenServiceA                                                                                                                   77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ADVAPI32.dll!OpenServiceW                                                                                                                   77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ADVAPI32.dll!CreateServiceW                                                                                                                 77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ADVAPI32.dll!CreateServiceA                                                                                                                 77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ole32.dll!CoGetClassObject                                                                                                                  7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ole32.dll!CoCreateInstanceEx                                                                                                                76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] SHELL32.dll!ShellExecuteW                                                                                                                   764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] SHELL32.dll!ShellExecuteExW                                                                                                                 7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] SHELL32.dll!ShellExecuteEx                                                                                                                  766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] SHELL32.dll!ShellExecuteA                                                                                                                   766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!LdrLoadDll                                                                                                                          77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!LdrUnloadDll                                                                                                                        77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!LdrGetProcedureAddress                                                                                                              77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtAllocateVirtualMemory                                                                                                             77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtClose                                                                                                                             77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtCreateFile                                                                                                                        77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtCreateProcess                                                                                                                     77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtCreateProcessEx                                                                                                                   77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtDeleteFile                                                                                                                        77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtFreeVirtualMemory                                                                                                                 77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtLoadDriver                                                                                                                        77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtOpenFile                                                                                                                          77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtProtectVirtualMemory                                                                                                              77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtSetInformationProcess                                                                                                             77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtUnloadDriver                                                                                                                      77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtWriteVirtualMemory                                                                                                                77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtCreateUserProcess                                                                                                                 77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!RtlAllocateHeap                                                                                                                     77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!CreateProcessW                                                                                                                   76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!CreateProcessA                                                                                                                   76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!VirtualProtect                                                                                                                   76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!OpenFile                                                                                                                         7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!MoveFileW                                                                                                                        7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!CopyFileExW                                                                                                                      76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!CopyFileW                                                                                                                        76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!DeleteFileW                                                                                                                      7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!DeleteFileA                                                                                                                      7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!MoveFileWithProgressW                                                                                                            762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!MoveFileExW                                                                                                                      762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!LoadLibraryExW                                                                                                                   76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!LoadLibraryW                                                                                                                     76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!LoadLibraryExA                                                                                                                   762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!LoadLibraryA                                                                                                                     762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!GetProcAddress                                                                                                                   7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!GetModuleHandleA                                                                                                                 762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!GetModuleHandleW                                                                                                                 7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!CreateFileW                                                                                                                      7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!CreateFileA                                                                                                                      7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!MoveFileExA                                                                                                                      76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!MoveFileWithProgressA                                                                                                            76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!CopyFileA                                                                                                                        76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!MoveFileA                                                                                                                        762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!CopyFileExA                                                                                                                      762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!WinExec                                                                                                                          762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!LoadModule                                                                                                                       762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] USER32.dll!EndTask                                                                                                                            7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ADVAPI32.dll!OpenServiceA                                                                                                                     77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ADVAPI32.dll!OpenServiceW                                                                                                                     77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ADVAPI32.dll!CreateServiceW                                                                                                                   77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ADVAPI32.dll!CreateServiceA                                                                                                                   77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] SHELL32.dll!ShellExecuteW                                                                                                                     764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] SHELL32.dll!ShellExecuteExW                                                                                                                   7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] SHELL32.dll!ShellExecuteEx                                                                                                                    766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] SHELL32.dll!ShellExecuteA                                                                                                                     766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ole32.dll!CoGetClassObject                                                                                                                    7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ole32.dll!CoCreateInstanceEx                                                                                                                  76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] WININET.dll!InternetConnectA                                                                                                                  7744DEAE 5 Bytes  JMP 10001E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] WININET.dll!InternetConnectW                                                                                                                  7744F862 5 Bytes  JMP 10001E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!LdrLoadDll                                                                                                                           77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!LdrUnloadDll                                                                                                                         77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!LdrGetProcedureAddress                                                                                                               77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtAllocateVirtualMemory                                                                                                              77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtClose                                                                                                                              77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtCreateFile                                                                                                                         77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtCreateProcess                                                                                                                      77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtCreateProcessEx                                                                                                                    77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtDeleteFile                                                                                                                         77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtFreeVirtualMemory                                                                                                                  77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtLoadDriver                                                                                                                         77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtOpenFile                                                                                                                           77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtProtectVirtualMemory                                                                                                               77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtSetInformationProcess                                                                                                              77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtUnloadDriver                                                                                                                       77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtWriteVirtualMemory                                                                                                                 77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtCreateUserProcess                                                                                                                  77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!RtlAllocateHeap                                                                                                                      77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!CreateProcessW                                                                                                                    76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!CreateProcessA                                                                                                                    76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!VirtualProtect                                                                                                                    76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!OpenFile                                                                                                                          7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!MoveFileW                                                                                                                         7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!CopyFileExW                                                                                                                       76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!CopyFileW                                                                                                                         76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!DeleteFileW                                                                                                                       7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!DeleteFileA                                                                                                                       7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!MoveFileWithProgressW                                                                                                             762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!MoveFileExW                                                                                                                       762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!LoadLibraryExW                                                                                                                    76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!LoadLibraryW                                                                                                                      76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!LoadLibraryExA                                                                                                                    762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!LoadLibraryA                                                                                                                      762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!GetProcAddress                                                                                                                    7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!GetModuleHandleA                                                                                                                  762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!GetModuleHandleW                                                                                                                  7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!CreateFileW                                                                                                                       7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!CreateFileA                                                                                                                       7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!MoveFileExA                                                                                                                       76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!MoveFileWithProgressA                                                                                                             76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!CopyFileA                                                                                                                         76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!MoveFileA                                                                                                                         762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!CopyFileExA                                                                                                                       762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!WinExec                                                                                                                           762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!LoadModule                                                                                                                        762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ADVAPI32.dll!OpenServiceA                                                                                                                      77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ADVAPI32.dll!OpenServiceW                                                                                                                      77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ADVAPI32.dll!CreateServiceW                                                                                                                    77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ADVAPI32.dll!CreateServiceA                                                                                                                    77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] USER32.dll!EndTask                                                                                                                             7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] WS2_32.dll!WSASocketW                                                                                                                          77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] WS2_32.dll!WSASocketA                                                                                                                          77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] SHELL32.dll!ShellExecuteW                                                                                                                      764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] SHELL32.dll!ShellExecuteExW                                                                                                                    7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] SHELL32.dll!ShellExecuteEx                                                                                                                     766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] SHELL32.dll!ShellExecuteA                                                                                                                      766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ole32.dll!CoGetClassObject                                                                                                                     7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ole32.dll!CoCreateInstanceEx                                                                                                                   76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] wininet.dll!InternetConnectA                                                                                                                   7744DEAE 5 Bytes  JMP 10001E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] wininet.dll!InternetConnectW                                                                                                                   7744F862 5 Bytes  JMP 10001E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!LdrLoadDll                                                                                                                                     77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!LdrUnloadDll                                                                                                                                   77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!LdrGetProcedureAddress                                                                                                                         77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtAllocateVirtualMemory                                                                                                                        77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtClose                                                                                                                                        77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtCreateFile                                                                                                                                   77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtCreateProcess                                                                                                                                77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtCreateProcessEx                                                                                                                              77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtDeleteFile                                                                                                                                   77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtFreeVirtualMemory                                                                                                                            77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtLoadDriver                                                                                                                                   77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtOpenFile                                                                                                                                     77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtProtectVirtualMemory                                                                                                                         77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtSetInformationProcess                                                                                                                        77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtUnloadDriver                                                                                                                                 77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtWriteVirtualMemory                                                                                                                           77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtCreateUserProcess                                                                                                                            77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!RtlAllocateHeap                                                                                                                                77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!CreateProcessW                                                                                                                              76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!CreateProcessA                                                                                                                              76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!VirtualProtect                                                                                                                              76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!OpenFile                                                                                                                                    7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!MoveFileW                                                                                                                                   7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!CopyFileExW                                                                                                                                 76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!CopyFileW                                                                                                                                   76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!DeleteFileW                                                                                                                                 7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!DeleteFileA                                                                                                                                 7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!MoveFileWithProgressW                                                                                                                       762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!MoveFileExW                                                                                                                                 762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!LoadLibraryExW                                                                                                                              76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!LoadLibraryW                                                                                                                                76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!LoadLibraryExA                                                                                                                              762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!LoadLibraryA                                                                                                                                762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!GetModuleHandleA                                                                                                                            762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!GetModuleHandleW                                                                                                                            7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!CreateFileW                                                                                                                                 7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!CreateFileA                                                                                                                                 7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!MoveFileExA                                                                                                                                 76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!MoveFileWithProgressA                                                                                                                       76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!CopyFileA                                                                                                                                   76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!MoveFileA                                                                                                                                   762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!CopyFileExA                                                                                                                                 762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!WinExec                                                                                                                                     762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!LoadModule                                                                                                                                  762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] USER32.dll!EndTask                                                                                                                                       7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ADVAPI32.dll!OpenServiceA                                                                                                                                77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ADVAPI32.dll!OpenServiceW                                                                                                                                77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ADVAPI32.dll!CreateServiceW                                                                                                                              77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ADVAPI32.dll!CreateServiceA                                                                                                                              77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] SHELL32.dll!ShellExecuteW                                                                                                                                764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] SHELL32.dll!ShellExecuteExW                                                                                                                              7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] SHELL32.dll!ShellExecuteEx                                                                                                                               766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] SHELL32.dll!ShellExecuteA                                                                                                                                766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ole32.dll!CoGetClassObject                                                                                                                               7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ole32.dll!CoCreateInstanceEx                                                                                                                             76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!LdrLoadDll                                                                                                           77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!LdrUnloadDll                                                                                                         77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!LdrGetProcedureAddress                                                                                               77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtAllocateVirtualMemory                                                                                              77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtClose                                                                                                              77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtCreateFile                                                                                                         77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtCreateProcess                                                                                                      77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtCreateProcessEx                                                                                                    77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtDeleteFile                                                                                                         77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtFreeVirtualMemory                                                                                                  77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtLoadDriver                                                                                                         77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtOpenFile                                                                                                           77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtProtectVirtualMemory                                                                                               77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtSetInformationProcess                                                                                              77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtUnloadDriver                                                                                                       77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtWriteVirtualMemory                                                                                                 77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtCreateUserProcess                                                                                                  77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!RtlAllocateHeap                                                                                                      77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!CreateProcessW                                                                                                    76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!CreateProcessA                                                                                                    76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!VirtualProtect                                                                                                    76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!OpenFile                                                                                                          7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!MoveFileW                                                                                                         7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!CopyFileExW                                                                                                       76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!CopyFileW                                                                                                         76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!DeleteFileW                                                                                                       7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!DeleteFileA                                                                                                       7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!MoveFileWithProgressW                                                                                             762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!MoveFileExW                                                                                                       762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!LoadLibraryExW                                                                                                    76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!LoadLibraryW                                                                                                      76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!LoadLibraryExA                                                                                                    762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!LoadLibraryA                                                                                                      762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!GetProcAddress                                                                                                    7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!GetModuleHandleA                                                                                                  762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!GetModuleHandleW                                                                                                  7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!CreateFileW                                                                                                       7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!CreateFileA                                                                                                       7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!MoveFileExA                                                                                                       76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!MoveFileWithProgressA                                                                                             76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!CopyFileA                                                                                                         76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!MoveFileA                                                                                                         762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!CopyFileExA                                                                                                       762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!WinExec                                                                                                           762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!LoadModule                                                                                                        762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ADVAPI32.dll!OpenServiceA                                                                                                      77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ADVAPI32.dll!OpenServiceW                                                                                                      77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ADVAPI32.dll!CreateServiceW                                                                                                    77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ADVAPI32.dll!CreateServiceA                                                                                                    77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] USER32.dll!EndTask                                                                                                             7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] WININET.dll!InternetConnectA                                                                                                   7744DEAE 5 Bytes  JMP 10001E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] WININET.dll!InternetConnectW                                                                                                   7744F862 5 Bytes  JMP 10001E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ole32.dll!CoGetClassObject                                                                                                     7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ole32.dll!CoCreateInstanceEx                                                                                                   76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] SHELL32.dll!ShellExecuteW                                                                                                      764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] SHELL32.dll!ShellExecuteExW                                                                                                    7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] SHELL32.dll!ShellExecuteEx                                                                                                     766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] SHELL32.dll!ShellExecuteA                                                                                                      766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!LdrLoadDll                                                                                                                         77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!LdrUnloadDll                                                                                                                       77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!LdrGetProcedureAddress                                                                                                             77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtAllocateVirtualMemory                                                                                                            77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtClose                                                                                                                            77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtCreateFile                                                                                                                       77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtCreateProcess                                                                                                                    77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtCreateProcessEx                                                                                                                  77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtDeleteFile                                                                                                                       77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtFreeVirtualMemory                                                                                                                77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtLoadDriver                                                                                                                       77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtOpenFile                                                                                                                         77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtProtectVirtualMemory                                                                                                             77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtSetInformationProcess                                                                                                            77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtUnloadDriver                                                                                                                     77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtWriteVirtualMemory                                                                                                               77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtCreateUserProcess                                                                                                                77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!RtlAllocateHeap                                                                                                                    77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!CreateProcessW                                                                                                                  76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!CreateProcessA                                                                                                                  76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!VirtualProtect                                                                                                                  76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!OpenFile                                                                                                                        7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!MoveFileW                                                                                                                       7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!CopyFileExW                                                                                                                     76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!CopyFileW                                                                                                                       76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!DeleteFileW                                                                                                                     7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!DeleteFileA                                                                                                                     7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!MoveFileWithProgressW                                                                                                           762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!MoveFileExW                                                                                                                     762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!LoadLibraryExW                                                                                                                  76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!LoadLibraryW                                                                                                                    76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!LoadLibraryExA                                                                                                                  762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!LoadLibraryA                                                                                                                    762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!GetProcAddress                                                                                                                  7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!GetModuleHandleA                                                                                                                762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!GetModuleHandleW                                                                                                                7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!CreateFileW                                                                                                                     7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!CreateFileA                                                                                                                     7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!MoveFileExA                                                                                                                     76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!MoveFileWithProgressA                                                                                                           76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!CopyFileA                                                                                                                       76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!MoveFileA                                                                                                                       762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!CopyFileExA                                                                                                                     762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!WinExec                                                                                                                         762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!LoadModule                                                                                                                      762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ADVAPI32.dll!OpenServiceA                                                                                                                    77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ADVAPI32.dll!OpenServiceW                                                                                                                    77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ADVAPI32.dll!CreateServiceW                                                                                                                  77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ADVAPI32.dll!CreateServiceA                                                                                                                  77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] USER32.dll!EndTask                                                                                                                           7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ole32.dll!CoGetClassObject                                                                                                                   7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ole32.dll!CoCreateInstanceEx                                                                                                                 76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] SHELL32.dll!ShellExecuteW                                                                                                                    764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] SHELL32.dll!ShellExecuteExW                                                                                                                  7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] SHELL32.dll!ShellExecuteEx                                                                                                                   766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] SHELL32.dll!ShellExecuteA                                                                                                                    766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] WS2_32.dll!WSASocketW                                                                                                                        77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] WS2_32.dll!WSASocketA                                                                                                                        77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] WININET.dll!InternetConnectA                                                                                                                 7744DEAE 5 Bytes  JMP 10001E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] WININET.dll!InternetConnectW                                                                                                                 7744F862 5 Bytes  JMP 10001E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!LdrLoadDll                                                                                                                  77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!LdrUnloadDll                                                                                                                77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!LdrGetProcedureAddress                                                                                                      77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtAllocateVirtualMemory                                                                                                     77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtClose                                                                                                                     77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtCreateFile                                                                                                                77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtCreateProcess                                                                                                             77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtCreateProcessEx                                                                                                           77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtDeleteFile                                                                                                                77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtFreeVirtualMemory                                                                                                         77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtLoadDriver                                                                                                                77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtOpenFile                                                                                                                  77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtProtectVirtualMemory                                                                                                      77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtSetInformationProcess                                                                                                     77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtUnloadDriver                                                                                                              77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtWriteVirtualMemory                                                                                                        77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtCreateUserProcess                                                                                                         77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!KiUserExceptionDispatcher                                                                                                   77BA5DC8 5 Bytes  JMP 100022D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!RtlAllocateHeap                                                                                                             77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!CreateProcessW                                                                                                           76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!CreateProcessA                                                                                                           76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!VirtualProtect                                                                                                           76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!OpenFile                                                                                                                 7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!MoveFileW                                                                                                                7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!CopyFileExW                                                                                                              76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!CopyFileW                                                                                                                76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!DeleteFileW                                                                                                              7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!DeleteFileA                                                                                                              7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!MoveFileWithProgressW                                                                                                    762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!MoveFileExW                                                                                                              762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!LoadLibraryExW                                                                                                           76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!LoadLibraryW                                                                                                             76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!LoadLibraryExA                                                                                                           762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!LoadLibraryA                                                                                                             762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!GetProcAddress                                                                                                           7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!GetModuleHandleA                                                                                                         762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!GetModuleHandleW                                                                                                         7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!CreateFileW                                                                                                              7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!CreateFileA                                                                                                              7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!MoveFileExA                                                                                                              76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!MoveFileWithProgressA                                                                                                    76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!CopyFileA                                                                                                                76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!MoveFileA                                                                                                                762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!CopyFileExA                                                                                                              762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!WinExec                                                                                                                  762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!LoadModule                                                                                                               762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ADVAPI32.dll!OpenServiceA                                                                                                             77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ADVAPI32.dll!OpenServiceW                                                                                                             77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ADVAPI32.dll!CreateServiceW                                                                                                           77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ADVAPI32.dll!CreateServiceA                                                                                                           77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] USER32.dll!EndTask                                                                                                                    7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] WS2_32.dll!WSASocketW                                                                                                                 77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] WS2_32.dll!WSASocketA                                                                                                                 77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] SHELL32.dll!ShellExecuteW                                                                                                             764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] SHELL32.dll!ShellExecuteExW                                                                                                           7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] SHELL32.dll!ShellExecuteEx                                                                                                            766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] SHELL32.dll!ShellExecuteA                                                                                                             766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ole32.dll!CoGetClassObject                                                                                                            7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ole32.dll!CoCreateInstanceEx                                                                                                          76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] WININET.dll!InternetConnectA                                                                                                          7744DEAE 5 Bytes  JMP 10001E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] WININET.dll!InternetConnectW                                                                                                          7744F862 5 Bytes  JMP 10001E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!LdrLoadDll                                                                                                                                          77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!LdrUnloadDll                                                                                                                                        77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!LdrGetProcedureAddress                                                                                                                              77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtAllocateVirtualMemory                                                                                                                             77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtClose                                                                                                                                             77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtCreateFile                                                                                                                                        77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtCreateProcess                                                                                                                                     77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtCreateProcessEx                                                                                                                                   77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtDeleteFile                                                                                                                                        77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtFreeVirtualMemory                                                                                                                                 77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtLoadDriver                                                                                                                                        77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtOpenFile                                                                                                                                          77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtProtectVirtualMemory                                                                                                                              77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtSetInformationProcess                                                                                                                             77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtUnloadDriver                                                                                                                                      77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtWriteVirtualMemory                                                                                                                                77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtCreateUserProcess                                                                                                                                 77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!RtlAllocateHeap                                                                                                                                     77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!CreateProcessW                                                                                                                                   76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!CreateProcessA                                                                                                                                   76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!VirtualProtect                                                                                                                                   76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!OpenFile                                                                                                                                         7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!MoveFileW                                                                                                                                        7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!CopyFileExW                                                                                                                                      76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!CopyFileW                                                                                                                                        76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!DeleteFileW                                                                                                                                      7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!DeleteFileA                                                                                                                                      7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!MoveFileWithProgressW                                                                                                                            762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!MoveFileExW                                                                                                                                      762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!LoadLibraryExW                                                                                                                                   76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!LoadLibraryW                                                                                                                                     76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!LoadLibraryExA                                                                                                                                   762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!LoadLibraryA                                                                                                                                     762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!GetProcAddress                                                                                                                                   7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!GetModuleHandleA                                                                                                                                 762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!GetModuleHandleW                                                                                                                                 7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!CreateFileW                                                                                                                                      7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!CreateFileA                                                                                                                                      7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!MoveFileExA                                                                                                                                      76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!MoveFileWithProgressA                                                                                                                            76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!CopyFileA                                                                                                                                        76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!MoveFileA                                                                                                                                        762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!CopyFileExA                                                                                                                                      762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!WinExec                                                                                                                                          762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!LoadModule                                                                                                                                       762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ADVAPI32.dll!OpenServiceA                                                                                                                                     77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ADVAPI32.dll!OpenServiceW                                                                                                                                     77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ADVAPI32.dll!CreateServiceW                                                                                                                                   77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ADVAPI32.dll!CreateServiceA                                                                                                                                   77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] USER32.dll!EndTask                                                                                                                                            7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] SHELL32.dll!ShellExecuteW                                                                                                                                     764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] SHELL32.dll!ShellExecuteExW                                                                                                                                   7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] SHELL32.dll!ShellExecuteEx                                                                                                                                    766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] SHELL32.dll!ShellExecuteA                                                                                                                                     766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ole32.dll!CoGetClassObject                                                                                                                                    7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ole32.dll!CoCreateInstanceEx                                                                                                                                  76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!LdrLoadDll                                                                                                                   77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!LdrUnloadDll                                                                                                                 77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!LdrGetProcedureAddress                                                                                                       77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtAllocateVirtualMemory                                                                                                      77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtClose                                                                                                                      77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtCreateFile                                                                                                                 77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtCreateProcess                                                                                                              77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtCreateProcessEx                                                                                                            77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtDeleteFile                                                                                                                 77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtFreeVirtualMemory                                                                                                          77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtLoadDriver                                                                                                                 77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtOpenFile                                                                                                                   77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtProtectVirtualMemory                                                                                                       77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtSetInformationProcess                                                                                                      77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtUnloadDriver                                                                                                               77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtWriteVirtualMemory                                                                                                         77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtCreateUserProcess                                                                                                          77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!RtlAllocateHeap                                                                                                              77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!CreateProcessW                                                                                                            76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!CreateProcessA                                                                                                            76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!VirtualProtect                                                                                                            76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!OpenFile                                                                                                                  7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!MoveFileW                                                                                                                 7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!CopyFileExW                                                                                                               76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!CopyFileW                                                                                                                 76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!DeleteFileW                                                                                                               7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!DeleteFileA                                                                                                               7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!MoveFileWithProgressW                                                                                                     762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!MoveFileExW                                                                                                               762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!LoadLibraryExW                                                                                                            76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!LoadLibraryW                                                                                                              76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!LoadLibraryExA                                                                                                            762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!LoadLibraryA                                                                                                              762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!GetProcAddress                                                                                                            7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!GetModuleHandleA                                                                                                          762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!GetModuleHandleW                                                                                                          7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!CreateFileW                                                                                                               7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!CreateFileA                                                                                                               7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!MoveFileExA                                                                                                               76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!MoveFileWithProgressA                                                                                                     76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!CopyFileA                                                                                                                 76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!MoveFileA                                                                                                                 762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!CopyFileExA                                                                                                               762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!WinExec                                                                                                                   762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!LoadModule                                                                                                                762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ADVAPI32.dll!OpenServiceA                                                                                                              77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ADVAPI32.dll!OpenServiceW                                                                                                              77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ADVAPI32.dll!CreateServiceW                                                                                                            77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ADVAPI32.dll!CreateServiceA                                                                                                            77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] USER32.dll!EndTask                                                                                                                     7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ole32.dll!CoGetClassObject                                                                                                             7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ole32.dll!CoCreateInstanceEx                                                                                                           76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!LdrLoadDll                                                                                                                                          77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!LdrUnloadDll                                                                                                                                        77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!LdrGetProcedureAddress                                                                                                                              77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtAllocateVirtualMemory                                                                                                                             77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtClose                                                                                                                                             77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtCreateFile                                                                                                                                        77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtCreateProcess                                                                                                                                     77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtCreateProcessEx                                                                                                                                   77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtDeleteFile                                                                                                                                        77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtFreeVirtualMemory                                                                                                                                 77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtLoadDriver                                                                                                                                        77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtOpenFile                                                                                                                                          77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtProtectVirtualMemory                                                                                                                              77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtSetInformationProcess                                                                                                                             77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtUnloadDriver                                                                                                                                      77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtWriteVirtualMemory                                                                                                                                77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtCreateUserProcess                                                                                                                                 77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!RtlAllocateHeap                                                                                                                                     77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!CreateProcessW                                                                                                                                   76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!CreateProcessA                                                                                                                                   76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!VirtualProtect                                                                                                                                   76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!OpenFile                                                                                                                                         7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!MoveFileW                                                                                                                                        7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!CopyFileExW                                                                                                                                      76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!CopyFileW                                                                                                                                        76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!DeleteFileW                                                                                                                                      7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!DeleteFileA                                                                                                                                      7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!MoveFileWithProgressW                                                                                                                            762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!MoveFileExW                                                                                                                                      762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!LoadLibraryExW                                                                                                                                   76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!LoadLibraryW                                                                                                                                     76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!LoadLibraryExA                                                                                                                                   762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!LoadLibraryA                                                                                                                                     762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!GetProcAddress                                                                                                                                   7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!GetModuleHandleA                                                                                                                                 762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!GetModuleHandleW                                                                                                                                 7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!CreateFileW                                                                                                                                      7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!CreateFileA                                                                                                                                      7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!MoveFileExA                                                                                                                                      76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!MoveFileWithProgressA                                                                                                                            76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!CopyFileA                                                                                                                                        76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!MoveFileA                                                                                                                                        762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!CopyFileExA                                                                                                                                      762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!WinExec                                                                                                                                          762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!LoadModule                                                                                                                                       762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ADVAPI32.dll!OpenServiceA                                                                                                                                     77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ADVAPI32.dll!OpenServiceW                                                                                                                                     77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ADVAPI32.dll!CreateServiceW                                                                                                                                   77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ADVAPI32.dll!CreateServiceA                                                                                                                                   77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] USER32.dll!EndTask                                                                                                                                            7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ole32.dll!CoGetClassObject                                                                                                                                    7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ole32.dll!CoCreateInstanceEx                                                                                                                                  76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!LdrLoadDll                                                                                                                   77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!LdrUnloadDll                                                                                                                 77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!LdrGetProcedureAddress                                                                                                       77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtAllocateVirtualMemory                                                                                                      77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtClose                                                                                                                      77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtCreateFile                                                                                                                 77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtCreateProcess                                                                                                              77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtCreateProcessEx                                                                                                            77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtDeleteFile                                                                                                                 77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtFreeVirtualMemory                                                                                                          77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtLoadDriver                                                                                                                 77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtOpenFile                                                                                                                   77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtProtectVirtualMemory                                                                                                       77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtSetInformationProcess                                                                                                      77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtUnloadDriver                                                                                                               77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtWriteVirtualMemory                                                                                                         77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtCreateUserProcess                                                                                                          77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!RtlAllocateHeap                                                                                                              77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!CreateProcessW                                                                                                            76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!CreateProcessA                                                                                                            76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!VirtualProtect                                                                                                            76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!OpenFile                                                                                                                  7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!MoveFileW                                                                                                                 7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!CopyFileExW                                                                                                               76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!CopyFileW                                                                                                                 76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!DeleteFileW                                                                                                               7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!DeleteFileA                                                                                                               7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!MoveFileWithProgressW                                                                                                     762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!MoveFileExW                                                                                                               762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!LoadLibraryExW                                                                                                            76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!LoadLibraryW                                                                                                              76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!LoadLibraryExA                                                                                                            762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!LoadLibraryA                                                                                                              762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!GetProcAddress                                                                                                            7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!GetModuleHandleA                                                                                                          762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!GetModuleHandleW                                                                                                          7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!CreateFileW                                                                                                               7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!CreateFileA                                                                                                               7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!MoveFileExA                                                                                                               76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!MoveFileWithProgressA                                                                                                     76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!CopyFileA                                                                                                                 76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!MoveFileA                                                                                                                 762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!CopyFileExA                                                                                                               762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!WinExec                                                                                                                   762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!LoadModule                                                                                                                762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ADVAPI32.dll!OpenServiceA                                                                                                              77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ADVAPI32.dll!OpenServiceW                                                                                                              77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ADVAPI32.dll!CreateServiceW                                                                                                            77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ADVAPI32.dll!CreateServiceA                                                                                                            77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] USER32.dll!EndTask                                                                                                                     7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ole32.dll!CoGetClassObject                                                                                                             7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ole32.dll!CoCreateInstanceEx                                                                                                           76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] WS2_32.dll!WSASocketW                                                                                                                  77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] WS2_32.dll!WSASocketA                                                                                                                  77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!LdrLoadDll                                                                                                          77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!LdrUnloadDll                                                                                                        77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!LdrGetProcedureAddress                                                                                              77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtAllocateVirtualMemory                                                                                             77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtClose                                                                                                             77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtCreateFile                                                                                                        77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtCreateProcess                                                                                                     77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtCreateProcessEx                                                                                                   77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtDeleteFile                                                                                                        77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtFreeVirtualMemory                                                                                                 77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtLoadDriver                                                                                                        77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtOpenFile                                                                                                          77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtProtectVirtualMemory                                                                                              77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtSetInformationProcess                                                                                             77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtUnloadDriver                                                                                                      77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtWriteVirtualMemory                                                                                                77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtCreateUserProcess                                                                                                 77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!RtlAllocateHeap                                                                                                     77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!CreateProcessW                                                                                                   76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!CreateProcessA                                                                                                   76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!VirtualProtect                                                                                                   76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!OpenFile                                                                                                         7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!MoveFileW                                                                                                        7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!CopyFileExW                                                                                                      76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!CopyFileW                                                                                                        76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!DeleteFileW                                                                                                      7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!DeleteFileA                                                                                                      7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!MoveFileWithProgressW                                                                                            762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!MoveFileExW                                                                                                      762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!LoadLibraryExW                                                                                                   76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!LoadLibraryW                                                                                                     76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!LoadLibraryExA                                                                                                   762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!LoadLibraryA                                                                                                     762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!GetProcAddress                                                                                                   7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!GetModuleHandleA                                                                                                 762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!GetModuleHandleW                                                                                                 7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!CreateFileW                                                                                                      7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!CreateFileA                                                                                                      7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!MoveFileExA                                                                                                      76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!MoveFileWithProgressA                                                                                            76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!CopyFileA                                                                                                        76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!MoveFileA                                                                                                        762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!CopyFileExA                                                                                                      762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!WinExec                                                                                                          762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!LoadModule                                                                                                       762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ADVAPI32.dll!OpenServiceA                                                                                                     77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ADVAPI32.dll!OpenServiceW                                                                                                     77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ADVAPI32.dll!CreateServiceW                                                                                                   77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ADVAPI32.dll!CreateServiceA                                                                                                   77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] USER32.dll!EndTask                                                                                                            7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] SHELL32.dll!ShellExecuteW                                                                                                     764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] SHELL32.dll!ShellExecuteExW                                                                                                   7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] SHELL32.dll!ShellExecuteEx                                                                                                    766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] SHELL32.dll!ShellExecuteA                                                                                                     766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] WS2_32.dll!WSASocketW                                                                                                         77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] WS2_32.dll!WSASocketA                                                                                                         77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ole32.dll!CoGetClassObject                                                                                                    7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ole32.dll!CoCreateInstanceEx                                                                                                  76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!LdrLoadDll                                                                                                                                     77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!LdrUnloadDll                                                                                                                                   77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!LdrGetProcedureAddress                                                                                                                         77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtAllocateVirtualMemory                                                                                                                        77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtClose                                                                                                                                        77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtCreateFile                                                                                                                                   77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtCreateProcess                                                                                                                                77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtCreateProcessEx                                                                                                                              77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtDeleteFile                                                                                                                                   77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtFreeVirtualMemory                                                                                                                            77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtLoadDriver                                                                                                                                   77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtOpenFile                                                                                                                                     77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtProtectVirtualMemory                                                                                                                         77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtSetInformationProcess                                                                                                                        77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtUnloadDriver                                                                                                                                 77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtWriteVirtualMemory                                                                                                                           77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtCreateUserProcess                                                                                                                            77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!RtlAllocateHeap                                                                                                                                77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!CreateProcessW                                                                                                                              76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!CreateProcessA                                                                                                                              76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!VirtualProtect                                                                                                                              76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!OpenFile                                                                                                                                    7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!MoveFileW                                                                                                                                   7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!CopyFileExW                                                                                                                                 76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!CopyFileW                                                                                                                                   76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!DeleteFileW                                                                                                                                 7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!DeleteFileA                                                                                                                                 7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!MoveFileWithProgressW                                                                                                                       762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!MoveFileExW                                                                                                                                 762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!LoadLibraryExW                                                                                                                              76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!LoadLibraryW                                                                                                                                76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!LoadLibraryExA                                                                                                                              762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!LoadLibraryA                                                                                                                                762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!GetProcAddress                                                                                                                              7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!GetModuleHandleA                                                                                                                            762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!GetModuleHandleW                                                                                                                            7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!CreateFileW                                                                                                                                 7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!CreateFileA                                                                                                                                 7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!MoveFileExA                                                                                                                                 76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!MoveFileWithProgressA                                                                                                                       76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!CopyFileA                                                                                                                                   76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!MoveFileA                                                                                                                                   762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!CopyFileExA                                                                                                                                 762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!WinExec                                                                                                                                     762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!LoadModule                                                                                                                                  762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ADVAPI32.dll!OpenServiceA                                                                                                                                77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ADVAPI32.dll!OpenServiceW                                                                                                                                77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ADVAPI32.dll!CreateServiceW                                                                                                                              77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ADVAPI32.dll!CreateServiceA                                                                                                                              77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] USER32.dll!EndTask                                                                                                                                       7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] SHELL32.dll!ShellExecuteW                                                                                                                                764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] SHELL32.dll!ShellExecuteExW                                                                                                                              7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] SHELL32.dll!ShellExecuteEx                                                                                                                               766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] SHELL32.dll!ShellExecuteA                                                                                                                                766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ole32.dll!CoGetClassObject                                                                                                                               7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ole32.dll!CoCreateInstanceEx                                                                                                                             76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\COMODO Internet Security\cfp.exe[83164] ntdll.dll!NtAllocateVirtualMemory                                                                                               77BA4134 5 Bytes  JMP 0050E060 C:\Program Files\Comodo\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!LdrLoadDll                 77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!LdrUnloadDll               77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!LdrGetProcedureAddress     77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtAllocateVirtualMemory    77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtClose                    77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtCreateFile               77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtCreateProcess            77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtCreateProcessEx          77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtDeleteFile               77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtFreeVirtualMemory        77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtLoadDriver               77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtOpenFile                 77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtProtectVirtualMemory     77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtSetInformationProcess    77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtUnloadDriver             77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtWriteVirtualMemory       77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtCreateUserProcess        77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!RtlAllocateHeap            77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!CreateProcessW          76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!CreateProcessA          76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!VirtualProtect          76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!OpenFile                7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!MoveFileW               7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!CopyFileExW             76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!CopyFileW               76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!DeleteFileW             7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!DeleteFileA             7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!MoveFileWithProgressW   762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!MoveFileExW             762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!LoadLibraryExW          76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!LoadLibraryW            76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!LoadLibraryExA          762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!LoadLibraryA            762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!GetProcAddress          7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!GetModuleHandleA        762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!GetModuleHandleW        7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!CreateFileW             7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!CreateFileA             7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!MoveFileExA             76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!MoveFileWithProgressA   76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!CopyFileA               76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!MoveFileA               762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!CopyFileExA             762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!WinExec                 762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!LoadModule              762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ADVAPI32.dll!OpenServiceA            77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ADVAPI32.dll!OpenServiceW            77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ADVAPI32.dll!CreateServiceW          77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ADVAPI32.dll!CreateServiceA          77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] USER32.dll!EndTask                   7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] SHELL32.dll!ShellExecuteW            764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] SHELL32.dll!ShellExecuteExW          7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] SHELL32.dll!ShellExecuteEx           766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] SHELL32.dll!ShellExecuteA            766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ole32.dll!CoGetClassObject           7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ole32.dll!CoCreateInstanceEx         76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] WININET.dll!InternetConnectA         7744DEAE 5 Bytes  JMP 10001E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] WININET.dll!InternetConnectW         7744F862 5 Bytes  JMP 10001E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!LdrLoadDll                77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!LdrUnloadDll              77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!LdrGetProcedureAddress    77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtAllocateVirtualMemory   77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtClose                   77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtCreateFile              77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtCreateProcess           77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtCreateProcessEx         77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtDeleteFile              77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtFreeVirtualMemory       77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtLoadDriver              77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtOpenFile                77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtProtectVirtualMemory    77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtSetInformationProcess   77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtUnloadDriver            77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtWriteVirtualMemory      77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtCreateUserProcess       77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!RtlAllocateHeap           77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!CreateProcessW         76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!CreateProcessA         76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!VirtualProtect         76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!OpenFile               7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!MoveFileW              7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!CopyFileExW            76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!CopyFileW              76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!DeleteFileW            7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!DeleteFileA            7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!MoveFileWithProgressW  762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!MoveFileExW            762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!LoadLibraryExW         76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!LoadLibraryW           76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!LoadLibraryExA         762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!LoadLibraryA           762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!GetProcAddress         7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!GetModuleHandleA       762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!GetModuleHandleW       7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!CreateFileW            7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!CreateFileA            7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!MoveFileExA            76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!MoveFileWithProgressA  76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!CopyFileA              76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!MoveFileA              762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!CopyFileExA            762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!WinExec                762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!LoadModule             762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ADVAPI32.dll!OpenServiceA           77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ADVAPI32.dll!OpenServiceW           77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ADVAPI32.dll!CreateServiceW         77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ADVAPI32.dll!CreateServiceA         77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] USER32.dll!EndTask                  7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] shell32.dll!ShellExecuteW           764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] shell32.dll!ShellExecuteExW         7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] shell32.dll!ShellExecuteEx          766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] shell32.dll!ShellExecuteA           766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ole32.dll!CoGetClassObject          7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ole32.dll!CoCreateInstanceEx        76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown]                                                                                                           [74B97817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage]                                                                                                            [74BEA86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI]                                                                                                        [74B9BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode]                                                                                                  [74B8F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup]                                                                                                            [74B975E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC]                                                                                                         [74B8E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM]                                                                                             [74BC8395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream]                                                                                                [74B9DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight]                                                                                                        [74B8FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth]                                                                                                         [74B8FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage]                                                                                                          [74B871CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM]                                                                                                  [74C1CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile]                                                                                                     [74BBC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics]                                                                                                        [74B8D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree]                                                                                                                  [74B86853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc]                                                                                                                 [74B8687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode]                                                                                                    [74B92AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread]                                                                                                     [00482300] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread]                                                                                         [00481B30] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress]                                                                                                   [00482690] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA]                                                                                                     [00481290] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress]                                                                                [00443D90] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA]                                                                                  [00443C00] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW]                                                                                  [00443C40] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA]                                                                              [00443D00] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateThread]                                                                                  [00443730] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]                                                                              [00443D90] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA]                                                                                [00443C00] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA]                                                                            [00443D00] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW]                                                                              [00443CC0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread]                                                                                [00443730] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW]                                                                                [00443C40] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress]                                                                                [00443D90] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA]                                                                                  [00443C00] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW]                                                                                  [00443C40] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateThread]                                                                                  [00443730] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW]                                                                                 [00443C40] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread]                                                                                 [00443730] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA]                                                                             [00443D00] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW]                                                                               [00443CC0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA]                                                                                 [00443C00] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]                                                                               [00443D90] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [GDI32.dll!DeleteObject]                                                                                    [00442EB0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!GetSysColor]                                                                                    [00442E60] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!RegisterClassW]                                                                                 [00443880] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!RegisterClassA]                                                                                 [004437C0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW]                                                                                 [00443320] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA]                                                                                 [00443290] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW]                                                                               [00443CC0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateThread]                                                                                 [00443730] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress]                                                                               [00443D90] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW]                                                                                 [00443C40] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA]                                                                                 [00443C00] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!DeleteObject]                                                                                    [00442EB0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!AdjustWindowRectEx]                                                                             [00443A20] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!CallWindowProcW]                                                                                [00443150] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetScrollInfo]                                                                                  [004430E0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!SystemParametersInfoW]                                                                          [00443940] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DrawEdge]                                                                                       [00443B80] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DrawFrameControl]                                                                               [00443BA0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetSysColorBrush]                                                                               [00442EF0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetSysColor]                                                                                    [00442E60] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!RegisterClassW]                                                                                 [00443880] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!FillRect]                                                                                       [00443B30] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DefWindowProcW]                                                                                 [00443320] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!SetScrollInfo]                                                                                  [00442FD0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [GDI32.dll!DeleteObject]                                                                                      [00442EB0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateThread]                                                                                   [00443730] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW]                                                                                 [00443CC0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW]                                                                                   [00443C40] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA]                                                                                   [00443C00] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress]                                                                                 [00443D90] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [USER32.dll!SystemParametersInfoW]                                                                            [00443940] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [USER32.dll!GetSysColor]                                                                                      [00442E60] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [USER32.dll!CallWindowProcW]                                                                                  [00443150] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [USER32.dll!RegisterClassW]                                                                                   [00443880] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [USER32.dll!DefWindowProcW]                                                                                   [00443320] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)

---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                                                                                                                         Wdf01000.sys (WDF dinamico/Microsoft Corporation)
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                                                                                                                         Wdf01000.sys (WDF dinamico/Microsoft Corporation)
AttachedDevice  \Driver\tdx \Device\Tcp                                                                                                                                                                         cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice  \Driver\tdx \Device\Udp                                                                                                                                                                         cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice  \Driver\tdx \Device\RawIp                                                                                                                                                                       cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)

---- Processes - GMER 1.0.15 ----

Process         hidden process (*** hidden *** )                                                                                                                                                                4908                                                                                                                                                                 
Process         hidden process (*** hidden *** )                                                                                                                                                                4948                                                                                                                                                                 
Process         hidden process (*** hidden *** )                                                                                                                                                                17628                                                                                                                                                                
Process         hidden process (*** hidden *** )                                                                                                                                                                19600                                                                                                                                                                
Process         wmpnscfg.exe (*** hidden *** )                                                                                                                                                                  26248                                                                                                                                                                
Process         hidden process (*** hidden *** )                                                                                                                                                                36456                                                                                                                                                                
Process         hidden process (*** hidden *** )                                                                                                                                                                36484                                                                                                                                                                
Process         hidden process (*** hidden *** )                                                                                                                                                                36512                                                                                                                                                                

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch                                                                                                                                 78733

---- EOF - GMER 1.0.15 ----
ivant87 è offline   Rispondi citando il messaggio o parte di esso
Old 08-04-2010, 12:51   #308
ivant87
Junior Member
 
Iscritto dal: Apr 2010
Messaggi: 30
Ciao, qualcuno potrebbe dare uno sguardo al mio LOG di gmer?

Anche Avira (nella scansione antirootkit approfondita) mi rileva delle voci nascoste ma poi non trova nulla di malevolo;

Invece Gmer mi allerta dicendo che trova modifiche attribuibili a modifiche da rootkits ed evidenzia in rosso dei processi (variabili in muero da 4 in su)

Le voci che mi preoccupano sono queste:
---- Processes - GMER 1.0.15 ----

Process hidden process (*** hidden *** ) 4908
Process hidden process (*** hidden *** ) 4948
Process hidden process (*** hidden *** ) 17628
Process hidden process (*** hidden *** ) 19600
Process wmpnscfg.exe (*** hidden *** ) 26248
Process hidden process (*** hidden *** ) 36456
Process hidden process (*** hidden *** ) 36484
Process hidden process (*** hidden *** ) 36512

Se qualcuno potesse dargli un'occhiata gliene sarei grato


Codice:
GMER 1.0.15.15163 - http://www.gmer.net
Rootkit scan 2010-04-08 06:47:19
Windows 6.0.6002 Service Pack 2
Running: 3zc9qcqt.exe; Driver: C:\Users\IVAN\AppData\Local\Temp\fxtdapod.sys


---- System - GMER 1.0.15 ----

SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwAdjustPrivilegesToken [0x8FB03F8E]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwAlpcConnectPort [0x8FB04F5C]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwAlpcCreatePort [0x8FB04174]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                                                                                                          ZwAssignProcessToJobObject [0x8FFF1464]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwConnectPort [0x8FB033FA]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwCreateFile [0x8FEB1952]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwCreatePort [0x8FB032DC]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwCreateSection [0x8FB03A82]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwCreateSymbolicLinkObject [0x8FB04C16]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwCreateThread [0x8FEB1158]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwDeleteKey [0x8FEB1740]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwDeleteValueKey [0x8FEB1612]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwDuplicateObject [0x8FB02CD4]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwLoadDriver [0x8FEB0F8E]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwMakeTemporaryObject [0x8FB0367E]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwMapViewOfSection [0x8FEB0D30]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwOpenFile [0x8FEB1C38]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwOpenKey [0x8FEB190C]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwOpenProcess [0x8FEB127A]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwOpenSection [0x8FEB13E0]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwOpenThread [0x8FEB132A]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                                                                                                          ZwProtectVirtualMemory [0x8FFF152A]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwQueueApcThread [0x8FEB1208]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwRequestWaitReplyPort [0x8FB053C6]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwSecureConnectPort [0x8FEB1D66]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwSetContextThread [0x8FEB0CC2]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwSetSystemInformation [0x8FEB10EA]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwSetValueKey [0x8FEB180C]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwShutdownSystem [0x8FB03618]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwSystemDebugControl [0x8FB03802]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwTerminateProcess [0x8FEB14F8]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                                                                                                          ZwTerminateThread [0x8FFF15AE]
SSDT            \??\C:\Program Files\AntiLogger\AntiLog32.sys                                                                                                                                                   ZwWriteVirtualMemory [0x8FEB0BF4]
SSDT            \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                                      ZwCreateThreadEx [0x8FB04280]

Code            89A21B0C                                                                                                                                                                                        ZwTraceEvent
Code            89A21B0B                                                                                                                                                                                        NtTraceEvent

---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!NtTraceEvent                                                                                                                                                                       82472376 5 Bytes  JMP 89A21B10 
.text           ntkrnlpa.exe!KeSetEvent + 119                                                                                                                                                                   824F387C 4 Bytes  [8E, 3F, B0, 8F]
.text           ntkrnlpa.exe!KeSetEvent + 13D                                                                                                                                                                   824F38A0 8 Bytes  [5C, 4F, B0, 8F, 74, 41, B0, ...] {POP ESP; DEC EDI; MOV AL, 0x8f; JZ 0x47; MOV AL, 0x8f}
.text           ntkrnlpa.exe!KeSetEvent + 191                                                                                                                                                                   824F38F4 4 Bytes  [64, 14, FF, 8F]
.text           ntkrnlpa.exe!KeSetEvent + 1C1                                                                                                                                                                   824F3924 4 Bytes  [FA, 33, B0, 8F]
.text           ntkrnlpa.exe!KeSetEvent + 1D9                                                                                                                                                                   824F393C 4 Bytes  [52, 19, EB, 8F]
.text           ...                                                                                                                                                                                             
PAGE            ntkrnlpa.exe!NtRequestPort + 2                                                                                                                                                                  82652E5A 5 Bytes  JMP 89A21BB0 
PAGE            ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 2                                                                                                                                                      826843DB 5 Bytes  JMP 89A21CF0 
?               C:\Users\IVAN\AppData\Local\Temp\aswArKrn.sys                                                                                                                                                   Impossibile trovare il file specificato. !

---- User code sections - GMER 1.0.15 ----

.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!LdrLoadDll                                                                                                                                       77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!LdrUnloadDll                                                                                                                                     77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!LdrGetProcedureAddress                                                                                                                           77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtAllocateVirtualMemory                                                                                                                          77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtClose                                                                                                                                          77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtCreateFile                                                                                                                                     77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtCreateProcess                                                                                                                                  77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtCreateProcessEx                                                                                                                                77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtDeleteFile                                                                                                                                     77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtFreeVirtualMemory                                                                                                                              77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtLoadDriver                                                                                                                                     77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtOpenFile                                                                                                                                       77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtProtectVirtualMemory                                                                                                                           77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtSetInformationProcess                                                                                                                          77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtUnloadDriver                                                                                                                                   77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtWriteVirtualMemory                                                                                                                             77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!NtCreateUserProcess                                                                                                                              77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ntdll.dll!RtlAllocateHeap                                                                                                                                  77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!CreateProcessW                                                                                                                                76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!CreateProcessA                                                                                                                                76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!VirtualProtect                                                                                                                                76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!OpenFile                                                                                                                                      7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!MoveFileW                                                                                                                                     7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!CopyFileExW                                                                                                                                   76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!CopyFileW                                                                                                                                     76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!DeleteFileW                                                                                                                                   7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!DeleteFileA                                                                                                                                   7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!MoveFileWithProgressW                                                                                                                         762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!MoveFileExW                                                                                                                                   762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!LoadLibraryExW                                                                                                                                76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!LoadLibraryW                                                                                                                                  76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!LoadLibraryExA                                                                                                                                762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!LoadLibraryA                                                                                                                                  762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!GetProcAddress                                                                                                                                7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!GetModuleHandleA                                                                                                                              762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!GetModuleHandleW                                                                                                                              7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!CreateFileW                                                                                                                                   7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!CreateFileA                                                                                                                                   7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!MoveFileExA                                                                                                                                   76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!MoveFileWithProgressA                                                                                                                         76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!CopyFileA                                                                                                                                     76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!MoveFileA                                                                                                                                     762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!CopyFileExA                                                                                                                                   762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!WinExec                                                                                                                                       762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] kernel32.dll!LoadModule                                                                                                                                    762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ADVAPI32.dll!OpenServiceA                                                                                                                                  77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ADVAPI32.dll!OpenServiceW                                                                                                                                  77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ADVAPI32.dll!CreateServiceW                                                                                                                                77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ADVAPI32.dll!CreateServiceA                                                                                                                                77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] USER32.dll!EndTask                                                                                                                                         7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] SHELL32.dll!ShellExecuteW                                                                                                                                  764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] SHELL32.dll!ShellExecuteExW                                                                                                                                7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] SHELL32.dll!ShellExecuteEx                                                                                                                                 766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] SHELL32.dll!ShellExecuteA                                                                                                                                  766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ole32.dll!CoGetClassObject                                                                                                                                 7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[220] ole32.dll!CoCreateInstanceEx                                                                                                                               76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!LdrLoadDll                                                                                                                                       77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!LdrUnloadDll                                                                                                                                     77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!LdrGetProcedureAddress                                                                                                                           77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtAllocateVirtualMemory                                                                                                                          77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtClose                                                                                                                                          77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtCreateFile                                                                                                                                     77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtCreateProcess                                                                                                                                  77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtCreateProcessEx                                                                                                                                77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtDeleteFile                                                                                                                                     77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtFreeVirtualMemory                                                                                                                              77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtLoadDriver                                                                                                                                     77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtOpenFile                                                                                                                                       77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtProtectVirtualMemory                                                                                                                           77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtSetInformationProcess                                                                                                                          77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtUnloadDriver                                                                                                                                   77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtWriteVirtualMemory                                                                                                                             77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!NtCreateUserProcess                                                                                                                              77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ntdll.dll!RtlAllocateHeap                                                                                                                                  77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!CreateProcessW                                                                                                                                76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!CreateProcessA                                                                                                                                76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!VirtualProtect                                                                                                                                76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!OpenFile                                                                                                                                      7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!MoveFileW                                                                                                                                     7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!CopyFileExW                                                                                                                                   76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!CopyFileW                                                                                                                                     76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!DeleteFileW                                                                                                                                   7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!DeleteFileA                                                                                                                                   7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!MoveFileWithProgressW                                                                                                                         762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!MoveFileExW                                                                                                                                   762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!LoadLibraryExW                                                                                                                                76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!LoadLibraryW                                                                                                                                  76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!LoadLibraryExA                                                                                                                                762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!LoadLibraryA                                                                                                                                  762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!GetProcAddress                                                                                                                                7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!GetModuleHandleA                                                                                                                              762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!GetModuleHandleW                                                                                                                              7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!CreateFileW                                                                                                                                   7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!CreateFileA                                                                                                                                   7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!MoveFileExA                                                                                                                                   76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!MoveFileWithProgressA                                                                                                                         76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!CopyFileA                                                                                                                                     76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!MoveFileA                                                                                                                                     762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!CopyFileExA                                                                                                                                   762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!WinExec                                                                                                                                       762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] kernel32.dll!LoadModule                                                                                                                                    762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ADVAPI32.dll!OpenServiceA                                                                                                                                  77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ADVAPI32.dll!OpenServiceW                                                                                                                                  77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ADVAPI32.dll!CreateServiceW                                                                                                                                77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ADVAPI32.dll!CreateServiceA                                                                                                                                77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] USER32.dll!EndTask                                                                                                                                         7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] WS2_32.dll!WSASocketW                                                                                                                                      77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] WS2_32.dll!WSASocketA                                                                                                                                      77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ole32.dll!CoGetClassObject                                                                                                                                 7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\spoolsv.exe[376] ole32.dll!CoCreateInstanceEx                                                                                                                               76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!LdrLoadDll                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!LdrUnloadDll                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!LdrGetProcedureAddress                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtAllocateVirtualMemory                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtClose                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtCreateFile                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtCreateProcess                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtCreateProcessEx                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtDeleteFile                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtFreeVirtualMemory                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtLoadDriver                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtOpenFile                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtProtectVirtualMemory                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtSetInformationProcess                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtUnloadDriver                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtWriteVirtualMemory                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!NtCreateUserProcess                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ntdll.dll!RtlAllocateHeap                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!CreateProcessW                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!CreateProcessA                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!VirtualProtect                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!OpenFile                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!MoveFileW                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!CopyFileExW                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!CopyFileW                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!DeleteFileW                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!DeleteFileA                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!MoveFileWithProgressW                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!MoveFileExW                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!LoadLibraryExW                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!LoadLibraryW                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!LoadLibraryExA                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!LoadLibraryA                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!GetProcAddress                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!GetModuleHandleA                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!GetModuleHandleW                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!CreateFileW                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!CreateFileA                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!MoveFileExA                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!MoveFileWithProgressA                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!CopyFileA                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!MoveFileA                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!CopyFileExA                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!WinExec                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] kernel32.dll!LoadModule                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ADVAPI32.dll!OpenServiceA                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ADVAPI32.dll!OpenServiceW                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ADVAPI32.dll!CreateServiceW                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] ADVAPI32.dll!CreateServiceA                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] WS2_32.dll!WSASocketW                                                                                                                     77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] WS2_32.dll!WSASocketA                                                                                                                     77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] USER32.dll!EndTask                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] SHELL32.dll!ShellExecuteW                                                                                                                 764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] SHELL32.dll!ShellExecuteExW                                                                                                               7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] SHELL32.dll!ShellExecuteEx                                                                                                                766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\sched.exe[520] SHELL32.dll!ShellExecuteA                                                                                                                 766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!LdrLoadDll                                                                                                                                       77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!LdrUnloadDll                                                                                                                                     77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!LdrGetProcedureAddress                                                                                                                           77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtAllocateVirtualMemory                                                                                                                          77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtClose                                                                                                                                          77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtCreateFile                                                                                                                                     77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtCreateProcess                                                                                                                                  77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtCreateProcessEx                                                                                                                                77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtDeleteFile                                                                                                                                     77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtFreeVirtualMemory                                                                                                                              77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtLoadDriver                                                                                                                                     77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtOpenFile                                                                                                                                       77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtProtectVirtualMemory                                                                                                                           77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtSetInformationProcess                                                                                                                          77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtUnloadDriver                                                                                                                                   77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtWriteVirtualMemory                                                                                                                             77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!NtCreateUserProcess                                                                                                                              77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ntdll.dll!RtlAllocateHeap                                                                                                                                  77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!CreateProcessW                                                                                                                                76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!CreateProcessA                                                                                                                                76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!VirtualProtect                                                                                                                                76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!OpenFile                                                                                                                                      7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!MoveFileW                                                                                                                                     7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!CopyFileExW                                                                                                                                   76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!CopyFileW                                                                                                                                     76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!DeleteFileW                                                                                                                                   7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!DeleteFileA                                                                                                                                   7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!MoveFileWithProgressW                                                                                                                         762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!MoveFileExW                                                                                                                                   762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!LoadLibraryExW                                                                                                                                76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!LoadLibraryW                                                                                                                                  76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!LoadLibraryExA                                                                                                                                762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!LoadLibraryA                                                                                                                                  762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!GetProcAddress                                                                                                                                7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!GetModuleHandleA                                                                                                                              762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!GetModuleHandleW                                                                                                                              7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!CreateFileW                                                                                                                                   7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!CreateFileA                                                                                                                                   7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!MoveFileExA                                                                                                                                   76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!MoveFileWithProgressA                                                                                                                         76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!CopyFileA                                                                                                                                     76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!MoveFileA                                                                                                                                     762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!CopyFileExA                                                                                                                                   762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!WinExec                                                                                                                                       762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] kernel32.dll!LoadModule                                                                                                                                    762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ADVAPI32.dll!OpenServiceA                                                                                                                                  77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ADVAPI32.dll!OpenServiceW                                                                                                                                  77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ADVAPI32.dll!CreateServiceW                                                                                                                                77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] ADVAPI32.dll!CreateServiceA                                                                                                                                77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] USER32.dll!EndTask                                                                                                                                         7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] WS2_32.dll!WSASocketW                                                                                                                                      77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wininit.exe[704] WS2_32.dll!WSASocketA                                                                                                                                      77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\services.exe[748] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!LdrLoadDll                                                                                                                                         77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!LdrUnloadDll                                                                                                                                       77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!LdrGetProcedureAddress                                                                                                                             77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtAllocateVirtualMemory                                                                                                                            77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtClose                                                                                                                                            77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtCreateFile                                                                                                                                       77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtCreateProcess                                                                                                                                    77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtCreateProcessEx                                                                                                                                  77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtDeleteFile                                                                                                                                       77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtFreeVirtualMemory                                                                                                                                77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtLoadDriver                                                                                                                                       77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtOpenFile                                                                                                                                         77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtProtectVirtualMemory                                                                                                                             77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtSetInformationProcess                                                                                                                            77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtUnloadDriver                                                                                                                                     77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtWriteVirtualMemory                                                                                                                               77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!NtCreateUserProcess                                                                                                                                77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ntdll.dll!RtlAllocateHeap                                                                                                                                    77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!CreateProcessW                                                                                                                                  76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!CreateProcessA                                                                                                                                  76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!VirtualProtect                                                                                                                                  76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!OpenFile                                                                                                                                        7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!MoveFileW                                                                                                                                       7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!CopyFileExW                                                                                                                                     76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!CopyFileW                                                                                                                                       76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!DeleteFileW                                                                                                                                     7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!DeleteFileA                                                                                                                                     7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!MoveFileWithProgressW                                                                                                                           762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!MoveFileExW                                                                                                                                     762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!LoadLibraryExW                                                                                                                                  76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!LoadLibraryW                                                                                                                                    76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!LoadLibraryExA                                                                                                                                  762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!LoadLibraryA                                                                                                                                    762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!GetProcAddress                                                                                                                                  7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!GetModuleHandleA                                                                                                                                762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!GetModuleHandleW                                                                                                                                7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!CreateFileW                                                                                                                                     7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!CreateFileA                                                                                                                                     7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!MoveFileExA                                                                                                                                     76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!MoveFileWithProgressA                                                                                                                           76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!CopyFileA                                                                                                                                       76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!MoveFileA                                                                                                                                       762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!CopyFileExA                                                                                                                                     762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!WinExec                                                                                                                                         762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] kernel32.dll!LoadModule                                                                                                                                      762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ADVAPI32.dll!OpenServiceA                                                                                                                                    77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ADVAPI32.dll!OpenServiceW                                                                                                                                    77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ADVAPI32.dll!CreateServiceW                                                                                                                                  77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] ADVAPI32.dll!CreateServiceA                                                                                                                                  77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] USER32.dll!EndTask                                                                                                                                           7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] WS2_32.dll!WSASocketW                                                                                                                                        77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsass.exe[760] WS2_32.dll!WSASocketA                                                                                                                                        77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!LdrLoadDll                                                                                                                                           77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!LdrUnloadDll                                                                                                                                         77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!LdrGetProcedureAddress                                                                                                                               77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtAllocateVirtualMemory                                                                                                                              77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtClose                                                                                                                                              77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtCreateFile                                                                                                                                         77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtCreateProcess                                                                                                                                      77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtCreateProcessEx                                                                                                                                    77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtDeleteFile                                                                                                                                         77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtFreeVirtualMemory                                                                                                                                  77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtLoadDriver                                                                                                                                         77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtOpenFile                                                                                                                                           77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtProtectVirtualMemory                                                                                                                               77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtSetInformationProcess                                                                                                                              77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtUnloadDriver                                                                                                                                       77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtWriteVirtualMemory                                                                                                                                 77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!NtCreateUserProcess                                                                                                                                  77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ntdll.dll!RtlAllocateHeap                                                                                                                                      77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!CreateProcessW                                                                                                                                    76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!CreateProcessA                                                                                                                                    76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!VirtualProtect                                                                                                                                    76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!OpenFile                                                                                                                                          7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!MoveFileW                                                                                                                                         7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!CopyFileExW                                                                                                                                       76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!CopyFileW                                                                                                                                         76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!DeleteFileW                                                                                                                                       7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!DeleteFileA                                                                                                                                       7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!MoveFileWithProgressW                                                                                                                             762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!MoveFileExW                                                                                                                                       762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!LoadLibraryExW                                                                                                                                    76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!LoadLibraryW                                                                                                                                      76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!LoadLibraryExA                                                                                                                                    762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!LoadLibraryA                                                                                                                                      762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!GetProcAddress                                                                                                                                    7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!GetModuleHandleA                                                                                                                                  762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!GetModuleHandleW                                                                                                                                  7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!CreateFileW                                                                                                                                       7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!CreateFileA                                                                                                                                       7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!MoveFileExA                                                                                                                                       76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!MoveFileWithProgressA                                                                                                                             76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!CopyFileA                                                                                                                                         76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!MoveFileA                                                                                                                                         762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!CopyFileExA                                                                                                                                       762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!WinExec                                                                                                                                           762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] kernel32.dll!LoadModule                                                                                                                                        762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ADVAPI32.dll!OpenServiceA                                                                                                                                      77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ADVAPI32.dll!OpenServiceW                                                                                                                                      77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ADVAPI32.dll!CreateServiceW                                                                                                                                    77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] ADVAPI32.dll!CreateServiceA                                                                                                                                    77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\lsm.exe[768] USER32.dll!EndTask                                                                                                                                             7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!LdrLoadDll                                                                                                                                       77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!LdrUnloadDll                                                                                                                                     77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!LdrGetProcedureAddress                                                                                                                           77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtAllocateVirtualMemory                                                                                                                          77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtClose                                                                                                                                          77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtCreateFile                                                                                                                                     77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtCreateProcess                                                                                                                                  77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtCreateProcessEx                                                                                                                                77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtDeleteFile                                                                                                                                     77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtFreeVirtualMemory                                                                                                                              77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtLoadDriver                                                                                                                                     77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtOpenFile                                                                                                                                       77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtProtectVirtualMemory                                                                                                                           77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtSetInformationProcess                                                                                                                          77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtUnloadDriver                                                                                                                                   77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtWriteVirtualMemory                                                                                                                             77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!NtCreateUserProcess                                                                                                                              77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ntdll.dll!RtlAllocateHeap                                                                                                                                  77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!CreateProcessW                                                                                                                                76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!CreateProcessA                                                                                                                                76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!VirtualProtect                                                                                                                                76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!OpenFile                                                                                                                                      7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!MoveFileW                                                                                                                                     7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!CopyFileExW                                                                                                                                   76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!CopyFileW                                                                                                                                     76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!DeleteFileW                                                                                                                                   7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!DeleteFileA                                                                                                                                   7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!MoveFileWithProgressW                                                                                                                         762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!MoveFileExW                                                                                                                                   762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!LoadLibraryExW                                                                                                                                76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!LoadLibraryW                                                                                                                                  76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!LoadLibraryExA                                                                                                                                762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!LoadLibraryA                                                                                                                                  762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!GetProcAddress                                                                                                                                7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!GetModuleHandleA                                                                                                                              762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!GetModuleHandleW                                                                                                                              7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!CreateFileW                                                                                                                                   7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!CreateFileA                                                                                                                                   7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!MoveFileExA                                                                                                                                   76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!MoveFileWithProgressA                                                                                                                         76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!CopyFileA                                                                                                                                     76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!MoveFileA                                                                                                                                     762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!CopyFileExA                                                                                                                                   762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!WinExec                                                                                                                                       762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] kernel32.dll!LoadModule                                                                                                                                    762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ADVAPI32.dll!OpenServiceA                                                                                                                                  77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ADVAPI32.dll!OpenServiceW                                                                                                                                  77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ADVAPI32.dll!CreateServiceW                                                                                                                                77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] ADVAPI32.dll!CreateServiceA                                                                                                                                77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] USER32.dll!EndTask                                                                                                                                         7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] SHELL32.dll!ShellExecuteW                                                                                                                                  764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] SHELL32.dll!ShellExecuteExW                                                                                                                                7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] SHELL32.dll!ShellExecuteEx                                                                                                                                 766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[964] SHELL32.dll!ShellExecuteA                                                                                                                                  766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!LdrLoadDll                                                                                                                                       77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!LdrUnloadDll                                                                                                                                     77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!LdrGetProcedureAddress                                                                                                                           77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtAllocateVirtualMemory                                                                                                                          77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtClose                                                                                                                                          77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtCreateFile                                                                                                                                     77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtCreateProcess                                                                                                                                  77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtCreateProcessEx                                                                                                                                77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtDeleteFile                                                                                                                                     77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtFreeVirtualMemory                                                                                                                              77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtLoadDriver                                                                                                                                     77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtOpenFile                                                                                                                                       77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtProtectVirtualMemory                                                                                                                           77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtSetInformationProcess                                                                                                                          77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtUnloadDriver                                                                                                                                   77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtWriteVirtualMemory                                                                                                                             77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!NtCreateUserProcess                                                                                                                              77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ntdll.dll!RtlAllocateHeap                                                                                                                                  77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!CreateProcessW                                                                                                                                76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!CreateProcessA                                                                                                                                76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!VirtualProtect                                                                                                                                76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!OpenFile                                                                                                                                      7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!MoveFileW                                                                                                                                     7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!CopyFileExW                                                                                                                                   76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!CopyFileW                                                                                                                                     76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!DeleteFileW                                                                                                                                   7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!DeleteFileA                                                                                                                                   7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!MoveFileWithProgressW                                                                                                                         762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!MoveFileExW                                                                                                                                   762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!LoadLibraryExW                                                                                                                                76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!LoadLibraryW                                                                                                                                  76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!LoadLibraryExA                                                                                                                                762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!LoadLibraryA                                                                                                                                  762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!GetProcAddress                                                                                                                                7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!GetModuleHandleA                                                                                                                              762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!GetModuleHandleW                                                                                                                              7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!CreateFileW                                                                                                                                   7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!CreateFileA                                                                                                                                   7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!MoveFileExA                                                                                                                                   76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!MoveFileWithProgressA                                                                                                                         76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!CopyFileA                                                                                                                                     76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!MoveFileA                                                                                                                                     762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!CopyFileExA                                                                                                                                   762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!WinExec                                                                                                                                       762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] kernel32.dll!LoadModule                                                                                                                                    762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] USER32.dll!EndTask                                                                                                                                         7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ADVAPI32.dll!OpenServiceA                                                                                                                                  77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ADVAPI32.dll!OpenServiceW                                                                                                                                  77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ADVAPI32.dll!CreateServiceW                                                                                                                                77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] ADVAPI32.dll!CreateServiceA                                                                                                                                77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] SHELL32.dll!ShellExecuteW                                                                                                                                  764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] SHELL32.dll!ShellExecuteExW                                                                                                                                7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] SHELL32.dll!ShellExecuteEx                                                                                                                                 766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\nvvsvc.exe[1036] SHELL32.dll!ShellExecuteA                                                                                                                                  766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] WS2_32.dll!WSASocketW                                                                                                                                     77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] WS2_32.dll!WSASocketA                                                                                                                                     77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1068] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe[1120] ntdll.dll!NtAllocateVirtualMemory                                                                                           77BA4134 5 Bytes  JMP 0040FD50 C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] WS2_32.dll!WSASocketW                                                                                                                                     77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] WS2_32.dll!WSASocketA                                                                                                                                     77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] SHELL32.dll!ShellExecuteW                                                                                                                                 764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] SHELL32.dll!ShellExecuteExW                                                                                                                               7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] SHELL32.dll!ShellExecuteEx                                                                                                                                766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1192] SHELL32.dll!ShellExecuteA                                                                                                                                 766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] WS2_32.dll!WSASocketW                                                                                                                                     77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] WS2_32.dll!WSASocketA                                                                                                                                     77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] shell32.dll!ShellExecuteW                                                                                                                                 764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] shell32.dll!ShellExecuteExW                                                                                                                               7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] shell32.dll!ShellExecuteEx                                                                                                                                766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1296] shell32.dll!ShellExecuteA                                                                                                                                 766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1328] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] WS2_32.dll!WSASocketW                                                                                                                                     77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] WS2_32.dll!WSASocketA                                                                                                                                     77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[1332] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] WS2_32.dll!WSASocketW                                                                                                                                     77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] WS2_32.dll!WSASocketA                                                                                                                                     77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1344] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!LdrLoadDll                                                                                                                   77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!LdrUnloadDll                                                                                                                 77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!LdrGetProcedureAddress                                                                                                       77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtAllocateVirtualMemory                                                                                                      77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtClose                                                                                                                      77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtCreateFile                                                                                                                 77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtCreateProcess                                                                                                              77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtCreateProcessEx                                                                                                            77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtDeleteFile                                                                                                                 77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtFreeVirtualMemory                                                                                                          77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtLoadDriver                                                                                                                 77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtOpenFile                                                                                                                   77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtProtectVirtualMemory                                                                                                       77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtSetInformationProcess                                                                                                      77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtUnloadDriver                                                                                                               77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtWriteVirtualMemory                                                                                                         77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!NtCreateUserProcess                                                                                                          77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ntdll.dll!RtlAllocateHeap                                                                                                              77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!CreateProcessW                                                                                                            76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!CreateProcessA                                                                                                            76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!VirtualProtect                                                                                                            76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!OpenFile                                                                                                                  7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!MoveFileW                                                                                                                 7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!CopyFileExW                                                                                                               76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!CopyFileW                                                                                                                 76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!DeleteFileW                                                                                                               7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!DeleteFileA                                                                                                               7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!MoveFileWithProgressW                                                                                                     762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!MoveFileExW                                                                                                               762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!LoadLibraryExW                                                                                                            76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!LoadLibraryW                                                                                                              76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!LoadLibraryExA                                                                                                            762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!LoadLibraryA                                                                                                              762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!GetProcAddress                                                                                                            7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!GetModuleHandleA                                                                                                          762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!GetModuleHandleW                                                                                                          7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!CreateFileW                                                                                                               7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!CreateFileA                                                                                                               7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!MoveFileExA                                                                                                               76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!MoveFileWithProgressA                                                                                                     76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!CopyFileA                                                                                                                 76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!MoveFileA                                                                                                                 762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!CopyFileExA                                                                                                               762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!WinExec                                                                                                                   762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] KERNEL32.dll!LoadModule                                                                                                                762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ADVAPI32.dll!OpenServiceA                                                                                                              77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ADVAPI32.dll!OpenServiceW                                                                                                              77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ADVAPI32.dll!CreateServiceW                                                                                                            77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ADVAPI32.dll!CreateServiceA                                                                                                            77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] USER32.dll!EndTask                                                                                                                     7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ole32.dll!CoGetClassObject                                                                                                             7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] ole32.dll!CoCreateInstanceEx                                                                                                           76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] shell32.dll!ShellExecuteW                                                                                                              764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] shell32.dll!ShellExecuteExW                                                                                                            7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] shell32.dll!ShellExecuteEx                                                                                                             766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\ePower\ePowerSvc.exe[1368] shell32.dll!ShellExecuteA                                                                                                              766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!LdrLoadDll                                                                                                                  77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!LdrUnloadDll                                                                                                                77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!LdrGetProcedureAddress                                                                                                      77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtAllocateVirtualMemory                                                                                                     77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtClose                                                                                                                     77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtCreateFile                                                                                                                77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtCreateProcess                                                                                                             77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtCreateProcessEx                                                                                                           77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtDeleteFile                                                                                                                77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtFreeVirtualMemory                                                                                                         77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtLoadDriver                                                                                                                77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtOpenFile                                                                                                                  77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtProtectVirtualMemory                                                                                                      77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtSetInformationProcess                                                                                                     77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtUnloadDriver                                                                                                              77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtWriteVirtualMemory                                                                                                        77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!NtCreateUserProcess                                                                                                         77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ntdll.dll!RtlAllocateHeap                                                                                                             77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!CreateProcessW                                                                                                           76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!CreateProcessA                                                                                                           76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!VirtualProtect                                                                                                           76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!OpenFile                                                                                                                 7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!MoveFileW                                                                                                                7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!CopyFileExW                                                                                                              76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!CopyFileW                                                                                                                76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!DeleteFileW                                                                                                              7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!DeleteFileA                                                                                                              7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!MoveFileWithProgressW                                                                                                    762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!MoveFileExW                                                                                                              762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!LoadLibraryExW                                                                                                           76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!LoadLibraryW                                                                                                             76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!LoadLibraryExA                                                                                                           762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!LoadLibraryA                                                                                                             762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!GetProcAddress                                                                                                           7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!GetModuleHandleA                                                                                                         762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!GetModuleHandleW                                                                                                         7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!CreateFileW                                                                                                              7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!CreateFileA                                                                                                              7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!MoveFileExA                                                                                                              76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!MoveFileWithProgressA                                                                                                    76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!CopyFileA                                                                                                                76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!MoveFileA                                                                                                                762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!CopyFileExA                                                                                                              762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!WinExec                                                                                                                  762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] kernel32.dll!LoadModule                                                                                                               762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] WS2_32.dll!WSASocketW                                                                                                                 77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] WS2_32.dll!WSASocketA                                                                                                                 77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ADVAPI32.dll!OpenServiceA                                                                                                             77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ADVAPI32.dll!OpenServiceW                                                                                                             77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ADVAPI32.dll!CreateServiceW                                                                                                           77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ADVAPI32.dll!CreateServiceA                                                                                                           77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ole32.dll!CoGetClassObject                                                                                                            7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] ole32.dll!CoCreateInstanceEx                                                                                                          76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] USER32.dll!EndTask                                                                                                                    7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] SHELL32.dll!ShellExecuteW                                                                                                             764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] SHELL32.dll!ShellExecuteExW                                                                                                           7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] SHELL32.dll!ShellExecuteEx                                                                                                            766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE[1404] SHELL32.dll!ShellExecuteA                                                                                                             766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] WS2_32.dll!WSASocketW                                                                                                                                     77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] WS2_32.dll!WSASocketA                                                                                                                                     77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1444] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!LdrLoadDll                                                                                                                                     77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!LdrUnloadDll                                                                                                                                   77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!LdrGetProcedureAddress                                                                                                                         77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtAllocateVirtualMemory                                                                                                                        77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtClose                                                                                                                                        77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtCreateFile                                                                                                                                   77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtCreateProcess                                                                                                                                77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtCreateProcessEx                                                                                                                              77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtDeleteFile                                                                                                                                   77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtFreeVirtualMemory                                                                                                                            77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtLoadDriver                                                                                                                                   77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtOpenFile                                                                                                                                     77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtProtectVirtualMemory                                                                                                                         77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtSetInformationProcess                                                                                                                        77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtUnloadDriver                                                                                                                                 77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtWriteVirtualMemory                                                                                                                           77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!NtCreateUserProcess                                                                                                                            77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ntdll.dll!RtlAllocateHeap                                                                                                                                77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!CreateProcessW                                                                                                                              76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!CreateProcessA                                                                                                                              76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!VirtualProtect                                                                                                                              76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!OpenFile                                                                                                                                    7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!MoveFileW                                                                                                                                   7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!CopyFileExW                                                                                                                                 76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!CopyFileW                                                                                                                                   76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!DeleteFileW                                                                                                                                 7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!DeleteFileA                                                                                                                                 7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!MoveFileWithProgressW                                                                                                                       762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!MoveFileExW                                                                                                                                 762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!LoadLibraryExW                                                                                                                              76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!LoadLibraryW                                                                                                                                76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!LoadLibraryExA                                                                                                                              762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!LoadLibraryA                                                                                                                                762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!GetModuleHandleA                                                                                                                            762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!GetModuleHandleW                                                                                                                            7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!CreateFileW                                                                                                                                 7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!CreateFileA                                                                                                                                 7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!MoveFileExA                                                                                                                                 76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!MoveFileWithProgressA                                                                                                                       76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!CopyFileA                                                                                                                                   76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!MoveFileA                                                                                                                                   762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!CopyFileExA                                                                                                                                 762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!WinExec                                                                                                                                     762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] kernel32.dll!LoadModule                                                                                                                                  762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] USER32.dll!EndTask                                                                                                                                       7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ADVAPI32.dll!OpenServiceA                                                                                                                                77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ADVAPI32.dll!OpenServiceW                                                                                                                                77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ADVAPI32.dll!CreateServiceW                                                                                                                              77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ADVAPI32.dll!CreateServiceA                                                                                                                              77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] SHELL32.dll!ShellExecuteW                                                                                                                                764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] SHELL32.dll!ShellExecuteExW                                                                                                                              7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] SHELL32.dll!ShellExecuteEx                                                                                                                               766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] SHELL32.dll!ShellExecuteA                                                                                                                                766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ole32.dll!CoGetClassObject                                                                                                                               7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\rundll32.exe[1528] ole32.dll!CoCreateInstanceEx                                                                                                                             76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] WS2_32.dll!WSASocketW                                                                                                                                     77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] WS2_32.dll!WSASocketA                                                                                                                                     77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] shell32.dll!ShellExecuteW                                                                                                                                 764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] shell32.dll!ShellExecuteExW                                                                                                                               7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] shell32.dll!ShellExecuteEx                                                                                                                                766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] shell32.dll!ShellExecuteA                                                                                                                                 766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] WinInet.dll!InternetConnectA                                                                                                                              7744DEAE 5 Bytes  JMP 10001E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[1560] WinInet.dll!InternetConnectW                                                                                                                              7744F862 5 Bytes  JMP 10001E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!LdrLoadDll                                                                                                                                77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!LdrUnloadDll                                                                                                                              77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!LdrGetProcedureAddress                                                                                                                    77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtAllocateVirtualMemory                                                                                                                   77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtClose                                                                                                                                   77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtCreateFile                                                                                                                              77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtCreateProcess                                                                                                                           77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtCreateProcessEx                                                                                                                         77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtDeleteFile                                                                                                                              77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtFreeVirtualMemory                                                                                                                       77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtLoadDriver                                                                                                                              77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtOpenFile                                                                                                                                77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtProtectVirtualMemory                                                                                                                    77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtSetInformationProcess                                                                                                                   77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtUnloadDriver                                                                                                                            77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtWriteVirtualMemory                                                                                                                      77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!NtCreateUserProcess                                                                                                                       77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ntdll.dll!RtlAllocateHeap                                                                                                                           77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!CreateProcessW                                                                                                                         76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!CreateProcessA                                                                                                                         76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!VirtualProtect                                                                                                                         76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!OpenFile                                                                                                                               7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!MoveFileW                                                                                                                              7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!CopyFileExW                                                                                                                            76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!CopyFileW                                                                                                                              76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!DeleteFileW                                                                                                                            7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!DeleteFileA                                                                                                                            7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!MoveFileWithProgressW                                                                                                                  762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!MoveFileExW                                                                                                                            762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!LoadLibraryExW                                                                                                                         76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!LoadLibraryW                                                                                                                           76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!LoadLibraryExA                                                                                                                         762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!LoadLibraryA                                                                                                                           762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!GetProcAddress                                                                                                                         7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!GetModuleHandleA                                                                                                                       762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!GetModuleHandleW                                                                                                                       7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!CreateFileW                                                                                                                            7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!CreateFileA                                                                                                                            7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!MoveFileExA                                                                                                                            76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!MoveFileWithProgressA                                                                                                                  76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!CopyFileA                                                                                                                              76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!MoveFileA                                                                                                                              762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!CopyFileExA                                                                                                                            762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!WinExec                                                                                                                                762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] kernel32.dll!LoadModule                                                                                                                             762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ADVAPI32.dll!OpenServiceA                                                                                                                           77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ADVAPI32.dll!OpenServiceW                                                                                                                           77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ADVAPI32.dll!CreateServiceW                                                                                                                         77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ADVAPI32.dll!CreateServiceA                                                                                                                         77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] USER32.dll!EndTask                                                                                                                                  7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ole32.dll!CoGetClassObject                                                                                                                          7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] ole32.dll!CoCreateInstanceEx                                                                                                                        76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] WS2_32.dll!WSASocketW                                                                                                                               77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[1948] WS2_32.dll!WSASocketA                                                                                                                               77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!LdrLoadDll                                                                                                                                          77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!LdrUnloadDll                                                                                                                                        77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!LdrGetProcedureAddress                                                                                                                              77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtAllocateVirtualMemory                                                                                                                             77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtClose                                                                                                                                             77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtCreateFile                                                                                                                                        77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtCreateProcess                                                                                                                                     77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtCreateProcessEx                                                                                                                                   77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtDeleteFile                                                                                                                                        77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtFreeVirtualMemory                                                                                                                                 77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtLoadDriver                                                                                                                                        77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtOpenFile                                                                                                                                          77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtProtectVirtualMemory                                                                                                                              77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtSetInformationProcess                                                                                                                             77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtUnloadDriver                                                                                                                                      77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtWriteVirtualMemory                                                                                                                                77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!NtCreateUserProcess                                                                                                                                 77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ntdll.dll!RtlAllocateHeap                                                                                                                                     77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!CreateProcessW                                                                                                                                   76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!CreateProcessA                                                                                                                                   76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!VirtualProtect                                                                                                                                   76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!OpenFile                                                                                                                                         7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!MoveFileW                                                                                                                                        7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!CopyFileExW                                                                                                                                      76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!CopyFileW                                                                                                                                        76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!DeleteFileW                                                                                                                                      7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!DeleteFileA                                                                                                                                      7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!MoveFileWithProgressW                                                                                                                            762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!MoveFileExW                                                                                                                                      762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!LoadLibraryExW                                                                                                                                   76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!LoadLibraryW                                                                                                                                     76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!LoadLibraryExA                                                                                                                                   762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!LoadLibraryA                                                                                                                                     762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!GetProcAddress                                                                                                                                   7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!GetModuleHandleA                                                                                                                                 762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!GetModuleHandleW                                                                                                                                 7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!CreateFileW                                                                                                                                      7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!CreateFileA                                                                                                                                      7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!MoveFileExA                                                                                                                                      76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!MoveFileWithProgressA                                                                                                                            76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!CopyFileA                                                                                                                                        76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!MoveFileA                                                                                                                                        762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!CopyFileExA                                                                                                                                      762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!WinExec                                                                                                                                          762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] kernel32.dll!LoadModule                                                                                                                                       762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ADVAPI32.dll!OpenServiceA                                                                                                                                     77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ADVAPI32.dll!OpenServiceW                                                                                                                                     77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ADVAPI32.dll!CreateServiceW                                                                                                                                   77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ADVAPI32.dll!CreateServiceA                                                                                                                                   77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] USER32.dll!EndTask                                                                                                                                            7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ole32.dll!CoGetClassObject                                                                                                                                    7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\Dwm.exe[1984] ole32.dll!CoCreateInstanceEx                                                                                                                                  76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\WLANExt.exe[1992] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!LdrLoadDll                                                                                                                                              77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!LdrUnloadDll                                                                                                                                            77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!LdrGetProcedureAddress                                                                                                                                  77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtAllocateVirtualMemory                                                                                                                                 77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtClose                                                                                                                                                 77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtCreateFile                                                                                                                                            77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtCreateProcess                                                                                                                                         77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtCreateProcessEx                                                                                                                                       77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtDeleteFile                                                                                                                                            77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtFreeVirtualMemory                                                                                                                                     77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtLoadDriver                                                                                                                                            77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtOpenFile                                                                                                                                              77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtProtectVirtualMemory                                                                                                                                  77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtSetInformationProcess                                                                                                                                 77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtUnloadDriver                                                                                                                                          77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtWriteVirtualMemory                                                                                                                                    77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!NtCreateUserProcess                                                                                                                                     77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ntdll.dll!RtlAllocateHeap                                                                                                                                         77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!CreateProcessW                                                                                                                                       76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!CreateProcessA                                                                                                                                       76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!VirtualProtect                                                                                                                                       76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!OpenFile                                                                                                                                             7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!MoveFileW                                                                                                                                            7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!CopyFileExW                                                                                                                                          76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!CopyFileW                                                                                                                                            76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!DeleteFileW                                                                                                                                          7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!DeleteFileA                                                                                                                                          7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!MoveFileWithProgressW                                                                                                                                762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!MoveFileExW                                                                                                                                          762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!LoadLibraryExW                                                                                                                                       76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!LoadLibraryW                                                                                                                                         76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!LoadLibraryExA                                                                                                                                       762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!LoadLibraryA                                                                                                                                         762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!GetProcAddress                                                                                                                                       7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!GetModuleHandleA                                                                                                                                     762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!GetModuleHandleW                                                                                                                                     7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!CreateFileW                                                                                                                                          7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!CreateFileA                                                                                                                                          7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!MoveFileExA                                                                                                                                          76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!MoveFileWithProgressA                                                                                                                                76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!CopyFileA                                                                                                                                            76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!MoveFileA                                                                                                                                            762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!CopyFileExA                                                                                                                                          762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!WinExec                                                                                                                                              762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] kernel32.dll!LoadModule                                                                                                                                           762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ADVAPI32.dll!OpenServiceA                                                                                                                                         77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ADVAPI32.dll!OpenServiceW                                                                                                                                         77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ADVAPI32.dll!CreateServiceW                                                                                                                                       77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ADVAPI32.dll!CreateServiceA                                                                                                                                       77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] USER32.dll!EndTask                                                                                                                                                7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] SHELL32.dll!ShellExecuteW                                                                                                                                         764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] SHELL32.dll!SHGetFolderPathAndSubDirW + 81C9                                                                                                                      7651B364 4 Bytes  [F0, 1F, 48, 00]
.text           C:\Windows\Explorer.EXE[2028] SHELL32.dll!ShellExecuteExW                                                                                                                                       7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] SHELL32.dll!ShellExecuteEx                                                                                                                                        766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] SHELL32.dll!ShellExecuteA                                                                                                                                         766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ole32.dll!CoGetClassObject                                                                                                                                        7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\Explorer.EXE[2028] ole32.dll!CoCreateInstanceEx                                                                                                                                      76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!LdrLoadDll                                                                                                         77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!LdrUnloadDll                                                                                                       77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!LdrGetProcedureAddress                                                                                             77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtAllocateVirtualMemory                                                                                            77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtClose                                                                                                            77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtCreateFile                                                                                                       77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtCreateProcess                                                                                                    77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtCreateProcessEx                                                                                                  77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtDeleteFile                                                                                                       77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtFreeVirtualMemory                                                                                                77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtLoadDriver                                                                                                       77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtOpenFile                                                                                                         77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtProtectVirtualMemory                                                                                             77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtSetInformationProcess                                                                                            77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtUnloadDriver                                                                                                     77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtWriteVirtualMemory                                                                                               77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!NtCreateUserProcess                                                                                                77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ntdll.dll!RtlAllocateHeap                                                                                                    77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!CreateProcessW                                                                                                  76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!CreateProcessA                                                                                                  76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!VirtualProtect                                                                                                  76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!OpenFile                                                                                                        7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!MoveFileW                                                                                                       7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!CopyFileExW                                                                                                     76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!CopyFileW                                                                                                       76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!DeleteFileW                                                                                                     7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!DeleteFileA                                                                                                     7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!MoveFileWithProgressW                                                                                           762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!MoveFileExW                                                                                                     762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!LoadLibraryExW                                                                                                  76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!LoadLibraryW                                                                                                    76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!LoadLibraryExA                                                                                                  762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!LoadLibraryA                                                                                                    762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!GetProcAddress                                                                                                  7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!GetModuleHandleA                                                                                                762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!GetModuleHandleW                                                                                                7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!CreateFileW                                                                                                     7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!CreateFileA                                                                                                     7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!MoveFileExA                                                                                                     76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!MoveFileWithProgressA                                                                                           76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!CopyFileA                                                                                                       76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!MoveFileA                                                                                                       762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!CopyFileExA                                                                                                     762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!WinExec                                                                                                         762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] KERNEL32.dll!LoadModule                                                                                                      762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ADVAPI32.dll!OpenServiceA                                                                                                    77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ADVAPI32.dll!OpenServiceW                                                                                                    77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ADVAPI32.dll!CreateServiceW                                                                                                  77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ADVAPI32.dll!CreateServiceA                                                                                                  77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] USER32.dll!EndTask                                                                                                           7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] shell32.dll!ShellExecuteW                                                                                                    764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] shell32.dll!ShellExecuteExW                                                                                                  7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] shell32.dll!ShellExecuteEx                                                                                                   766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] shell32.dll!ShellExecuteA                                                                                                    766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ole32.dll!CoGetClassObject                                                                                                   7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe[2124] ole32.dll!CoCreateInstanceEx                                                                                                 76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!LdrLoadDll                                                                                                                   77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!LdrUnloadDll                                                                                                                 77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!LdrGetProcedureAddress                                                                                                       77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtAllocateVirtualMemory                                                                                                      77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtClose                                                                                                                      77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtCreateFile                                                                                                                 77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtCreateProcess                                                                                                              77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtCreateProcessEx                                                                                                            77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtDeleteFile                                                                                                                 77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtFreeVirtualMemory                                                                                                          77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtLoadDriver                                                                                                                 77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtOpenFile                                                                                                                   77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtProtectVirtualMemory                                                                                                       77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtSetInformationProcess                                                                                                      77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtUnloadDriver                                                                                                               77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtWriteVirtualMemory                                                                                                         77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!NtCreateUserProcess                                                                                                          77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ntdll.dll!RtlAllocateHeap                                                                                                              77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!CreateProcessW                                                                                                            76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!CreateProcessA                                                                                                            76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!VirtualProtect                                                                                                            76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!OpenFile                                                                                                                  7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!MoveFileW                                                                                                                 7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!CopyFileExW                                                                                                               76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!CopyFileW                                                                                                                 76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!DeleteFileW                                                                                                               7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!DeleteFileA                                                                                                               7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!MoveFileWithProgressW                                                                                                     762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!MoveFileExW                                                                                                               762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!LoadLibraryExW                                                                                                            76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!LoadLibraryW                                                                                                              76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!LoadLibraryExA                                                                                                            762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!LoadLibraryA                                                                                                              762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!GetProcAddress                                                                                                            7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!GetModuleHandleA                                                                                                          762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!GetModuleHandleW                                                                                                          7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!CreateFileW                                                                                                               7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!CreateFileA                                                                                                               7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!MoveFileExA                                                                                                               76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!MoveFileWithProgressA                                                                                                     76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!CopyFileA                                                                                                                 76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!MoveFileA                                                                                                                 762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!CopyFileExA                                                                                                               762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!WinExec                                                                                                                   762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] kernel32.dll!LoadModule                                                                                                                762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] USER32.dll!EndTask                                                                                                                     7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ADVAPI32.dll!OpenServiceA                                                                                                              77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ADVAPI32.dll!OpenServiceW                                                                                                              77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ADVAPI32.dll!CreateServiceW                                                                                                            77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] ADVAPI32.dll!CreateServiceA                                                                                                            77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] SHELL32.dll!ShellExecuteW                                                                                                              764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] SHELL32.dll!ShellExecuteExW                                                                                                            7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] SHELL32.dll!ShellExecuteEx                                                                                                             766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avguard.exe[2128] SHELL32.dll!ShellExecuteA                                                                                                              766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!LdrLoadDll                                                                                                                                77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!LdrUnloadDll                                                                                                                              77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!LdrGetProcedureAddress                                                                                                                    77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtAllocateVirtualMemory                                                                                                                   77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtClose                                                                                                                                   77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtCreateFile                                                                                                                              77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtCreateProcess                                                                                                                           77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtCreateProcessEx                                                                                                                         77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtDeleteFile                                                                                                                              77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtFreeVirtualMemory                                                                                                                       77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtLoadDriver                                                                                                                              77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtOpenFile                                                                                                                                77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtProtectVirtualMemory                                                                                                                    77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtSetInformationProcess                                                                                                                   77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtUnloadDriver                                                                                                                            77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtWriteVirtualMemory                                                                                                                      77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!NtCreateUserProcess                                                                                                                       77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ntdll.dll!RtlAllocateHeap                                                                                                                           77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!CreateProcessW                                                                                                                         76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!CreateProcessA                                                                                                                         76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!VirtualProtect                                                                                                                         76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!OpenFile                                                                                                                               7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!MoveFileW                                                                                                                              7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!CopyFileExW                                                                                                                            76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!CopyFileW                                                                                                                              76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!DeleteFileW                                                                                                                            7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!DeleteFileA                                                                                                                            7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!MoveFileWithProgressW                                                                                                                  762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!MoveFileExW                                                                                                                            762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!LoadLibraryExW                                                                                                                         76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!LoadLibraryW                                                                                                                           76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!LoadLibraryExA                                                                                                                         762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!LoadLibraryA                                                                                                                           762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!GetProcAddress                                                                                                                         7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!GetModuleHandleA                                                                                                                       762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!GetModuleHandleW                                                                                                                       7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!CreateFileW                                                                                                                            7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!CreateFileA                                                                                                                            7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!MoveFileExA                                                                                                                            76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!MoveFileWithProgressA                                                                                                                  76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!CopyFileA                                                                                                                              76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!MoveFileA                                                                                                                              762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!CopyFileExA                                                                                                                            762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!WinExec                                                                                                                                762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] kernel32.dll!LoadModule                                                                                                                             762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ADVAPI32.dll!OpenServiceA                                                                                                                           77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ADVAPI32.dll!OpenServiceW                                                                                                                           77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ADVAPI32.dll!CreateServiceW                                                                                                                         77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ADVAPI32.dll!CreateServiceA                                                                                                                         77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ole32.dll!CoGetClassObject                                                                                                                          7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] ole32.dll!CoCreateInstanceEx                                                                                                                        76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[2156] USER32.dll!EndTask                                                                                                                                  7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!LdrLoadDll                                                                                                         77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!LdrUnloadDll                                                                                                       77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!LdrGetProcedureAddress                                                                                             77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtAllocateVirtualMemory                                                                                            77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtClose                                                                                                            77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtCreateFile                                                                                                       77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtCreateProcess                                                                                                    77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtCreateProcessEx                                                                                                  77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtDeleteFile                                                                                                       77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtFreeVirtualMemory                                                                                                77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtLoadDriver                                                                                                       77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtOpenFile                                                                                                         77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtProtectVirtualMemory                                                                                             77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtSetInformationProcess                                                                                            77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtUnloadDriver                                                                                                     77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtWriteVirtualMemory                                                                                               77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!NtCreateUserProcess                                                                                                77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ntdll.dll!RtlAllocateHeap                                                                                                    77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!CreateProcessW                                                                                                  76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!CreateProcessA                                                                                                  76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!VirtualProtect                                                                                                  76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!OpenFile                                                                                                        7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!MoveFileW                                                                                                       7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!CopyFileExW                                                                                                     76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!CopyFileW                                                                                                       76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!DeleteFileW                                                                                                     7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!DeleteFileA                                                                                                     7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!MoveFileWithProgressW                                                                                           762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!MoveFileExW                                                                                                     762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!LoadLibraryExW                                                                                                  76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!LoadLibraryW                                                                                                    76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!LoadLibraryExA                                                                                                  762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!LoadLibraryA                                                                                                    762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!GetProcAddress                                                                                                  7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!GetModuleHandleA                                                                                                762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!GetModuleHandleW                                                                                                7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!CreateFileW                                                                                                     7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!CreateFileA                                                                                                     7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!MoveFileExA                                                                                                     76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!MoveFileWithProgressA                                                                                           76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!CopyFileA                                                                                                       76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!MoveFileA                                                                                                       762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!CopyFileExA                                                                                                     762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!WinExec                                                                                                         762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] KERNEL32.dll!LoadModule                                                                                                      762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ADVAPI32.dll!OpenServiceA                                                                                                    77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ADVAPI32.dll!OpenServiceW                                                                                                    77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ADVAPI32.dll!CreateServiceW                                                                                                  77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ADVAPI32.dll!CreateServiceA                                                                                                  77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] USER32.dll!EndTask                                                                                                           7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] shell32.dll!ShellExecuteW                                                                                                    764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] shell32.dll!ShellExecuteExW                                                                                                  7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] shell32.dll!ShellExecuteEx                                                                                                   766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] shell32.dll!ShellExecuteA                                                                                                    766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ole32.dll!CoGetClassObject                                                                                                   7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe[2176] ole32.dll!CoCreateInstanceEx                                                                                                 76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!LdrLoadDll                                                                                                                                     77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!LdrUnloadDll                                                                                                                                   77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!LdrGetProcedureAddress                                                                                                                         77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtAllocateVirtualMemory                                                                                                                        77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtClose                                                                                                                                        77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtCreateFile                                                                                                                                   77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtCreateProcess                                                                                                                                77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtCreateProcessEx                                                                                                                              77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtDeleteFile                                                                                                                                   77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtFreeVirtualMemory                                                                                                                            77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtLoadDriver                                                                                                                                   77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtOpenFile                                                                                                                                     77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtProtectVirtualMemory                                                                                                                         77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtSetInformationProcess                                                                                                                        77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtUnloadDriver                                                                                                                                 77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtWriteVirtualMemory                                                                                                                           77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!NtCreateUserProcess                                                                                                                            77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ntdll.dll!RtlAllocateHeap                                                                                                                                77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!CreateProcessW                                                                                                                              76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!CreateProcessA                                                                                                                              76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!VirtualProtect                                                                                                                              76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!OpenFile                                                                                                                                    7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!MoveFileW                                                                                                                                   7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!CopyFileExW                                                                                                                                 76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!CopyFileW                                                                                                                                   76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!DeleteFileW                                                                                                                                 7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!DeleteFileA                                                                                                                                 7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!MoveFileWithProgressW                                                                                                                       762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!MoveFileExW                                                                                                                                 762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!LoadLibraryExW                                                                                                                              76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!LoadLibraryW                                                                                                                                76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!LoadLibraryExA                                                                                                                              762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!LoadLibraryA                                                                                                                                762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!GetProcAddress                                                                                                                              7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!GetModuleHandleA                                                                                                                            762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!GetModuleHandleW                                                                                                                            7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!CreateFileW                                                                                                                                 7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!CreateFileA                                                                                                                                 7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!MoveFileExA                                                                                                                                 76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!MoveFileWithProgressA                                                                                                                       76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!CopyFileA                                                                                                                                   76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!MoveFileA                                                                                                                                   762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!CopyFileExA                                                                                                                                 762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!WinExec                                                                                                                                     762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] kernel32.dll!LoadModule                                                                                                                                  762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ADVAPI32.dll!OpenServiceA                                                                                                                                77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ADVAPI32.dll!OpenServiceW                                                                                                                                77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ADVAPI32.dll!CreateServiceW                                                                                                                              77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ADVAPI32.dll!CreateServiceA                                                                                                                              77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] USER32.dll!EndTask                                                                                                                                       7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] SHELL32.dll!ShellExecuteW                                                                                                                                764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] SHELL32.dll!ShellExecuteExW                                                                                                                              7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] SHELL32.dll!ShellExecuteEx                                                                                                                               766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] SHELL32.dll!ShellExecuteA                                                                                                                                766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] WS2_32.dll!WSASocketW                                                                                                                                    77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] WS2_32.dll!WSASocketA                                                                                                                                    77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ole32.dll!CoGetClassObject                                                                                                                               7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2180] ole32.dll!CoCreateInstanceEx                                                                                                                             76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!LdrLoadDll                                                                                                       77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!LdrUnloadDll                                                                                                     77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!LdrGetProcedureAddress                                                                                           77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtAllocateVirtualMemory                                                                                          77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtClose                                                                                                          77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtCreateFile                                                                                                     77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtCreateProcess                                                                                                  77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtCreateProcessEx                                                                                                77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtDeleteFile                                                                                                     77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtFreeVirtualMemory                                                                                              77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtLoadDriver                                                                                                     77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtOpenFile                                                                                                       77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtProtectVirtualMemory                                                                                           77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtSetInformationProcess                                                                                          77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtUnloadDriver                                                                                                   77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtWriteVirtualMemory                                                                                             77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!NtCreateUserProcess                                                                                              77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ntdll.dll!RtlAllocateHeap                                                                                                  77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!CreateProcessW                                                                                                76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!CreateProcessA                                                                                                76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!VirtualProtect                                                                                                76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!OpenFile                                                                                                      7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!MoveFileW                                                                                                     7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!CopyFileExW                                                                                                   76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!CopyFileW                                                                                                     76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!DeleteFileW                                                                                                   7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!DeleteFileA                                                                                                   7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!MoveFileWithProgressW                                                                                         762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!MoveFileExW                                                                                                   762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!LoadLibraryExW                                                                                                76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!LoadLibraryW                                                                                                  76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!LoadLibraryExA                                                                                                762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!LoadLibraryA                                                                                                  762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!GetProcAddress                                                                                                7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!GetModuleHandleA                                                                                              762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!GetModuleHandleW                                                                                              7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!CreateFileW                                                                                                   7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!CreateFileA                                                                                                   7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!MoveFileExA                                                                                                   76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!MoveFileWithProgressA                                                                                         76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!CopyFileA                                                                                                     76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!MoveFileA                                                                                                     762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!CopyFileExA                                                                                                   762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!WinExec                                                                                                       762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] kernel32.dll!LoadModule                                                                                                    762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] WS2_32.dll!WSASocketW                                                                                                      77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] WS2_32.dll!WSASocketA                                                                                                      77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ADVAPI32.dll!OpenServiceA                                                                                                  77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ADVAPI32.dll!OpenServiceW                                                                                                  77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ADVAPI32.dll!CreateServiceW                                                                                                77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ADVAPI32.dll!CreateServiceA                                                                                                77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] WININET.dll!InternetConnectA                                                                                               7744DEAE 5 Bytes  JMP 10001E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] WININET.dll!InternetConnectW                                                                                               7744F862 5 Bytes  JMP 10001E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] USER32.dll!EndTask                                                                                                         7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ole32.dll!CoGetClassObject                                                                                                 7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2368] ole32.dll!CoCreateInstanceEx                                                                                               76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!LdrLoadDll                                                                                                            77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!LdrUnloadDll                                                                                                          77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!LdrGetProcedureAddress                                                                                                77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtAllocateVirtualMemory                                                                                               77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtClose                                                                                                               77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtCreateFile                                                                                                          77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtCreateProcess                                                                                                       77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtCreateProcessEx                                                                                                     77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtDeleteFile                                                                                                          77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtFreeVirtualMemory                                                                                                   77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtLoadDriver                                                                                                          77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtOpenFile                                                                                                            77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtProtectVirtualMemory                                                                                                77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtSetInformationProcess                                                                                               77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtUnloadDriver                                                                                                        77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtWriteVirtualMemory                                                                                                  77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!NtCreateUserProcess                                                                                                   77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ntdll.dll!RtlAllocateHeap                                                                                                       77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!CreateProcessW                                                                                                     76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!CreateProcessA                                                                                                     76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!VirtualProtect                                                                                                     76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!OpenFile                                                                                                           7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!MoveFileW                                                                                                          7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!CopyFileExW                                                                                                        76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!CopyFileW                                                                                                          76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!DeleteFileW                                                                                                        7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!DeleteFileA                                                                                                        7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!MoveFileWithProgressW                                                                                              762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!MoveFileExW                                                                                                        762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!LoadLibraryExW                                                                                                     76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!LoadLibraryW                                                                                                       76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!LoadLibraryExA                                                                                                     762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!LoadLibraryA                                                                                                       762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!GetProcAddress                                                                                                     7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!GetModuleHandleA                                                                                                   762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!GetModuleHandleW                                                                                                   7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!CreateFileW                                                                                                        7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!CreateFileA                                                                                                        7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!MoveFileExA                                                                                                        76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!MoveFileWithProgressA                                                                                              76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!CopyFileA                                                                                                          76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!MoveFileA                                                                                                          762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!CopyFileExA                                                                                                        762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!WinExec                                                                                                            762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] KERNEL32.dll!LoadModule                                                                                                         762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ADVAPI32.dll!OpenServiceA                                                                                                       77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ADVAPI32.dll!OpenServiceW                                                                                                       77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ADVAPI32.dll!CreateServiceW                                                                                                     77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ADVAPI32.dll!CreateServiceA                                                                                                     77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] USER32.dll!EndTask                                                                                                              7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] shell32.dll!ShellExecuteW                                                                                                       764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] shell32.dll!ShellExecuteExW                                                                                                     7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] shell32.dll!ShellExecuteEx                                                                                                      766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] shell32.dll!ShellExecuteA                                                                                                       766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ole32.dll!CoGetClassObject                                                                                                      7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[2424] ole32.dll!CoCreateInstanceEx                                                                                                    76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!LdrLoadDll                                                                                                                                     77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!LdrUnloadDll                                                                                                                                   77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!LdrGetProcedureAddress                                                                                                                         77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtAllocateVirtualMemory                                                                                                                        77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtClose                                                                                                                                        77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtCreateFile                                                                                                                                   77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtCreateProcess                                                                                                                                77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtCreateProcessEx                                                                                                                              77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtDeleteFile                                                                                                                                   77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtFreeVirtualMemory                                                                                                                            77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtLoadDriver                                                                                                                                   77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtOpenFile                                                                                                                                     77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtProtectVirtualMemory                                                                                                                         77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtSetInformationProcess                                                                                                                        77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtUnloadDriver                                                                                                                                 77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtWriteVirtualMemory                                                                                                                           77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!NtCreateUserProcess                                                                                                                            77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ntdll.dll!RtlAllocateHeap                                                                                                                                77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!CreateProcessW                                                                                                                              76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!CreateProcessA                                                                                                                              76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!VirtualProtect                                                                                                                              76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!OpenFile                                                                                                                                    7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!MoveFileW                                                                                                                                   7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!CopyFileExW                                                                                                                                 76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!CopyFileW                                                                                                                                   76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!DeleteFileW                                                                                                                                 7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!DeleteFileA                                                                                                                                 7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!MoveFileWithProgressW                                                                                                                       762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!MoveFileExW                                                                                                                                 762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!LoadLibraryExW                                                                                                                              76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!LoadLibraryW                                                                                                                                76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!LoadLibraryExA                                                                                                                              762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!LoadLibraryA                                                                                                                                762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!GetProcAddress                                                                                                                              7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!GetModuleHandleA                                                                                                                            762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!GetModuleHandleW                                                                                                                            7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!CreateFileW                                                                                                                                 7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!CreateFileA                                                                                                                                 7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!MoveFileExA                                                                                                                                 76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!MoveFileWithProgressA                                                                                                                       76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!CopyFileA                                                                                                                                   76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!MoveFileA                                                                                                                                   762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!CopyFileExA                                                                                                                                 762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!WinExec                                                                                                                                     762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] kernel32.dll!LoadModule                                                                                                                                  762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ADVAPI32.dll!OpenServiceA                                                                                                                                77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ADVAPI32.dll!OpenServiceW                                                                                                                                77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ADVAPI32.dll!CreateServiceW                                                                                                                              77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ADVAPI32.dll!CreateServiceA                                                                                                                              77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] USER32.dll!EndTask                                                                                                                                       7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] SHELL32.dll!ShellExecuteW                                                                                                                                764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] SHELL32.dll!ShellExecuteExW                                                                                                                              7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] SHELL32.dll!ShellExecuteEx                                                                                                                               766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] SHELL32.dll!ShellExecuteA                                                                                                                                766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] WS2_32.dll!WSASocketW                                                                                                                                    77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] WS2_32.dll!WSASocketA                                                                                                                                    77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ole32.dll!CoGetClassObject                                                                                                                               7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Prevx\prevx.exe[2508] ole32.dll!CoCreateInstanceEx                                                                                                                             76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!LdrLoadDll                                                                                                                        77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!LdrUnloadDll                                                                                                                      77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!LdrGetProcedureAddress                                                                                                            77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtAllocateVirtualMemory                                                                                                           77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtClose                                                                                                                           77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtCreateFile                                                                                                                      77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtCreateProcess                                                                                                                   77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtCreateProcessEx                                                                                                                 77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtDeleteFile                                                                                                                      77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtFreeVirtualMemory                                                                                                               77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtLoadDriver                                                                                                                      77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtOpenFile                                                                                                                        77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtProtectVirtualMemory                                                                                                            77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtSetInformationProcess                                                                                                           77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtUnloadDriver                                                                                                                    77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtWriteVirtualMemory                                                                                                              77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!NtCreateUserProcess                                                                                                               77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ntdll.dll!RtlAllocateHeap                                                                                                                   77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!CreateProcessW                                                                                                                 76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!CreateProcessA                                                                                                                 76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!VirtualProtect                                                                                                                 76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!OpenFile                                                                                                                       7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!MoveFileW                                                                                                                      7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!CopyFileExW                                                                                                                    76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!CopyFileW                                                                                                                      76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!DeleteFileW                                                                                                                    7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!DeleteFileA                                                                                                                    7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!MoveFileWithProgressW                                                                                                          762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!MoveFileExW                                                                                                                    762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!LoadLibraryExW                                                                                                                 76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!LoadLibraryW                                                                                                                   76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!LoadLibraryExA                                                                                                                 762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!LoadLibraryA                                                                                                                   762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!GetProcAddress                                                                                                                 7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!GetModuleHandleA                                                                                                               762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!GetModuleHandleW                                                                                                               7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!CreateFileW                                                                                                                    7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!CreateFileA                                                                                                                    7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!MoveFileExA                                                                                                                    76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!MoveFileWithProgressA                                                                                                          76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!CopyFileA                                                                                                                      76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!MoveFileA                                                                                                                      762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!CopyFileExA                                                                                                                    762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!WinExec                                                                                                                        762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] kernel32.dll!LoadModule                                                                                                                     762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ADVAPI32.dll!OpenServiceA                                                                                                                   77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ADVAPI32.dll!OpenServiceW                                                                                                                   77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ADVAPI32.dll!CreateServiceW                                                                                                                 77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ADVAPI32.dll!CreateServiceA                                                                                                                 77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] USER32.dll!EndTask                                                                                                                          7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] SHELL32.dll!ShellExecuteW                                                                                                                   764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] SHELL32.dll!ShellExecuteExW                                                                                                                 7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] SHELL32.dll!ShellExecuteEx                                                                                                                  766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] SHELL32.dll!ShellExecuteA                                                                                                                   766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ole32.dll!CoGetClassObject                                                                                                                  7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Defender\MSASCui.exe[2536] ole32.dll!CoCreateInstanceEx                                                                                                                76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!LdrLoadDll                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!LdrUnloadDll                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!LdrGetProcedureAddress                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtAllocateVirtualMemory                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtClose                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtCreateFile                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtCreateProcess                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtCreateProcessEx                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtDeleteFile                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtFreeVirtualMemory                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtLoadDriver                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtOpenFile                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtProtectVirtualMemory                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtSetInformationProcess                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtUnloadDriver                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtWriteVirtualMemory                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!NtCreateUserProcess                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ntdll.dll!RtlAllocateHeap                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!CreateProcessW                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!CreateProcessA                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!VirtualProtect                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!OpenFile                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!MoveFileW                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!CopyFileExW                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!CopyFileW                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!DeleteFileW                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!DeleteFileA                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!MoveFileWithProgressW                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!MoveFileExW                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!LoadLibraryExW                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!LoadLibraryW                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!LoadLibraryExA                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!LoadLibraryA                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!GetProcAddress                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!GetModuleHandleA                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!GetModuleHandleW                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!CreateFileW                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!CreateFileA                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!MoveFileExA                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!MoveFileWithProgressA                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!CopyFileA                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!MoveFileA                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!CopyFileExA                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!WinExec                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] kernel32.dll!LoadModule                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] USER32.dll!EndTask                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ADVAPI32.dll!OpenServiceA                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ADVAPI32.dll!OpenServiceW                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ADVAPI32.dll!CreateServiceW                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ADVAPI32.dll!CreateServiceA                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] SHELL32.dll!ShellExecuteW                                                                                                                 764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] SHELL32.dll!ShellExecuteExW                                                                                                               7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] SHELL32.dll!ShellExecuteEx                                                                                                                766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] SHELL32.dll!ShellExecuteA                                                                                                                 766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ole32.dll!CoGetClassObject                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPStart.exe[2544] ole32.dll!CoCreateInstanceEx                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!LdrLoadDll                                                                                                        77B69390 5 Bytes  JMP 01A34550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!LdrUnloadDll                                                                                                      77B7BA50 7 Bytes  JMP 01A381E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!LdrGetProcedureAddress                                                                                            77B85A88 5 Bytes  JMP 01A319F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtAllocateVirtualMemory                                                                                           77BA4134 5 Bytes  JMP 01A31950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtClose                                                                                                           77BA4314 5 Bytes  JMP 01A382B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtCreateFile                                                                                                      77BA43D4 5 Bytes  JMP 01A318D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtCreateProcess                                                                                                   77BA4494 5 Bytes  JMP 01A31890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtCreateProcessEx                                                                                                 77BA44A4 5 Bytes  JMP 01A319B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtDeleteFile                                                                                                      77BA47B4 5 Bytes  JMP 01A31910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtFreeVirtualMemory                                                                                               77BA4944 5 Bytes  JMP 01A31A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtLoadDriver                                                                                                      77BA4A64 5 Bytes  JMP 01A31970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtOpenFile                                                                                                        77BA4BB4 5 Bytes  JMP 01A318F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtProtectVirtualMemory                                                                                            77BA4D34 5 Bytes  JMP 01A31930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtSetInformationProcess                                                                                           77BA5324 5 Bytes  JMP 01A319D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtUnloadDriver                                                                                                    77BA5574 5 Bytes  JMP 01A31990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtWriteVirtualMemory                                                                                              77BA5674 5 Bytes  JMP 01A318B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!NtCreateUserProcess                                                                                               77BA5804 5 Bytes  JMP 01A37040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ntdll.dll!RtlAllocateHeap                                                                                                   77BA6570 5 Bytes  JMP 01A31A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!CreateProcessW                                                                                                 76221BF3 5 Bytes  JMP 01A31A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!CreateProcessA                                                                                                 76221C28 5 Bytes  JMP 01A31A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!VirtualProtect                                                                                                 76221DC3 5 Bytes  JMP 01A31D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!OpenFile                                                                                                       7622355A 5 Bytes  JMP 01A31B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!MoveFileW                                                                                                      7622A2F2 5 Bytes  JMP 01A31C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!CopyFileExW                                                                                                    76230211 7 Bytes  JMP 01A31BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!CopyFileW                                                                                                      76230299 5 Bytes  JMP 01A31B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!DeleteFileW                                                                                                    7623F4B6 5 Bytes  JMP 01A31CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!DeleteFileA                                                                                                    7623F5D2 5 Bytes  JMP 01A31CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!MoveFileWithProgressW                                                                                          762410A4 5 Bytes  JMP 01A31C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!MoveFileExW                                                                                                    762410C8 5 Bytes  JMP 01A31C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!LoadLibraryExW                                                                                                 76249109 7 Bytes  JMP 01A31AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!LoadLibraryW                                                                                                   76249362 5 Bytes  JMP 01A31D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!LoadLibraryExA                                                                                                 762494B4 5 Bytes  JMP 01A31AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!LoadLibraryA                                                                                                   762494DC 5 Bytes  JMP 01A31D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!GetProcAddress                                                                                                 7626903B 5 Bytes  JMP 01A31A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!GetModuleHandleA                                                                                               762692A5 5 Bytes  JMP 01A31CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!GetModuleHandleW                                                                                               7626A804 5 Bytes  JMP 01A31D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!CreateFileW                                                                                                    7626AECB 5 Bytes  JMP 01A31B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!CreateFileA                                                                                                    7626CE5F 5 Bytes  JMP 01A31B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!MoveFileExA                                                                                                    76270F0A 5 Bytes  JMP 01A31C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!MoveFileWithProgressA                                                                                          76270F2A 5 Bytes  JMP 01A31C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!CopyFileA                                                                                                      76272433 5 Bytes  JMP 01A31B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!MoveFileA                                                                                                      762AF641 5 Bytes  JMP 01A31BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!CopyFileExA                                                                                                    762B19F9 5 Bytes  JMP 01A31BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!WinExec                                                                                                        762B5CF7 5 Bytes  JMP 01A31D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] kernel32.dll!LoadModule                                                                                                     762B5E4F 5 Bytes  JMP 01A31AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ADVAPI32.dll!OpenServiceA                                                                                                   77CF2EBD 7 Bytes  JMP 01A31640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ADVAPI32.dll!OpenServiceW                                                                                                   77CF8354 7 Bytes  JMP 01A31480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ADVAPI32.dll!CreateServiceW                                                                                                 77D19EB4 7 Bytes  JMP 01A31250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ADVAPI32.dll!CreateServiceA                                                                                                 77D572A1 7 Bytes  JMP 01A31000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] USER32.dll!EndTask                                                                                                          7790AD32 5 Bytes  JMP 01A37E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] SHELL32.dll!ShellExecuteW                                                                                                   764F9725 5 Bytes  JMP 01A31DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] SHELL32.dll!ShellExecuteExW                                                                                                 7654C135 5 Bytes  JMP 01A31E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] SHELL32.dll!ShellExecuteEx                                                                                                  766F9FE2 5 Bytes  JMP 01A31DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] SHELL32.dll!ShellExecuteA                                                                                                   766FA07D 5 Bytes  JMP 01A31DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ole32.dll!CoGetClassObject                                                                                                  7633FABC 5 Bytes  JMP 01A37D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] ole32.dll!CoCreateInstanceEx                                                                                                76359EE9 5 Bytes  JMP 01A37BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] WININET.dll!InternetConnectA                                                                                                7744DEAE 5 Bytes  JMP 01A31E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] WININET.dll!InternetConnectW                                                                                                7744F862 5 Bytes  JMP 01A31E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] WS2_32.dll!WSASocketW                                                                                                       77C834EB 7 Bytes  JMP 01A31E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[2556] WS2_32.dll!WSASocketA                                                                                                       77C88FA9 5 Bytes  JMP 01A31E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!LdrLoadDll                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!LdrUnloadDll                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!LdrGetProcedureAddress                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtAllocateVirtualMemory                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtClose                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtCreateFile                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtCreateProcess                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtCreateProcessEx                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtDeleteFile                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtFreeVirtualMemory                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtLoadDriver                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtOpenFile                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtProtectVirtualMemory                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtSetInformationProcess                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtUnloadDriver                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtWriteVirtualMemory                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!NtCreateUserProcess                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ntdll.dll!RtlAllocateHeap                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!CreateProcessW                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!CreateProcessA                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!VirtualProtect                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!OpenFile                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!MoveFileW                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!CopyFileExW                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!CopyFileW                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!DeleteFileW                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!DeleteFileA                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!MoveFileWithProgressW                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!MoveFileExW                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!LoadLibraryExW                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!LoadLibraryW                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!LoadLibraryExA                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!LoadLibraryA                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!GetProcAddress                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!GetModuleHandleA                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!GetModuleHandleW                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!CreateFileW                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!CreateFileA                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!MoveFileExA                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!MoveFileWithProgressA                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!CopyFileA                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!MoveFileA                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!CopyFileExA                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!WinExec                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] kernel32.dll!LoadModule                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] USER32.dll!EndTask                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ADVAPI32.dll!OpenServiceA                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ADVAPI32.dll!OpenServiceW                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ADVAPI32.dll!CreateServiceW                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ADVAPI32.dll!CreateServiceA                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ole32.dll!CoGetClassObject                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] ole32.dll!CoCreateInstanceEx                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] SHELL32.dll!ShellExecuteW                                                                                                                 764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] SHELL32.dll!ShellExecuteExW                                                                                                               7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] SHELL32.dll!ShellExecuteEx                                                                                                                766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eAudio\eAudio.exe[2600] SHELL32.dll!ShellExecuteA                                                                                                                 766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!LdrLoadDll                                                                                                     77B69390 5 Bytes  JMP 00334550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!LdrUnloadDll                                                                                                   77B7BA50 7 Bytes  JMP 003381E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!LdrGetProcedureAddress                                                                                         77B85A88 5 Bytes  JMP 003319F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtAllocateVirtualMemory                                                                                        77BA4134 5 Bytes  JMP 00331950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtClose                                                                                                        77BA4314 5 Bytes  JMP 003382B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtCreateFile                                                                                                   77BA43D4 5 Bytes  JMP 003318D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtCreateProcess                                                                                                77BA4494 5 Bytes  JMP 00331890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtCreateProcessEx                                                                                              77BA44A4 5 Bytes  JMP 003319B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtDeleteFile                                                                                                   77BA47B4 5 Bytes  JMP 00331910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtFreeVirtualMemory                                                                                            77BA4944 5 Bytes  JMP 00331A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtLoadDriver                                                                                                   77BA4A64 5 Bytes  JMP 00331970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtOpenFile                                                                                                     77BA4BB4 5 Bytes  JMP 003318F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtProtectVirtualMemory                                                                                         77BA4D34 5 Bytes  JMP 00331930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtSetInformationProcess                                                                                        77BA5324 5 Bytes  JMP 003319D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtUnloadDriver                                                                                                 77BA5574 5 Bytes  JMP 00331990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtWriteVirtualMemory                                                                                           77BA5674 5 Bytes  JMP 003318B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!NtCreateUserProcess                                                                                            77BA5804 5 Bytes  JMP 00337040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ntdll.dll!RtlAllocateHeap                                                                                                77BA6570 5 Bytes  JMP 00331A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!CreateProcessW                                                                                              76221BF3 5 Bytes  JMP 00331A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!CreateProcessA                                                                                              76221C28 5 Bytes  JMP 00331A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!VirtualProtect                                                                                              76221DC3 5 Bytes  JMP 00331D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!OpenFile                                                                                                    7622355A 5 Bytes  JMP 00331B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!MoveFileW                                                                                                   7622A2F2 5 Bytes  JMP 00331C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!CopyFileExW                                                                                                 76230211 7 Bytes  JMP 00331BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!CopyFileW                                                                                                   76230299 5 Bytes  JMP 00331B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!DeleteFileW                                                                                                 7623F4B6 5 Bytes  JMP 00331CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!DeleteFileA                                                                                                 7623F5D2 5 Bytes  JMP 00331CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!MoveFileWithProgressW                                                                                       762410A4 5 Bytes  JMP 00331C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!MoveFileExW                                                                                                 762410C8 5 Bytes  JMP 00331C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!LoadLibraryExW                                                                                              76249109 7 Bytes  JMP 00331AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!LoadLibraryW                                                                                                76249362 5 Bytes  JMP 00331D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!LoadLibraryExA                                                                                              762494B4 5 Bytes  JMP 00331AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!LoadLibraryA                                                                                                762494DC 5 Bytes  JMP 00331D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!GetProcAddress                                                                                              7626903B 5 Bytes  JMP 00331A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!GetModuleHandleA                                                                                            762692A5 5 Bytes  JMP 00331CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!GetModuleHandleW                                                                                            7626A804 5 Bytes  JMP 00331D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!CreateFileW                                                                                                 7626AECB 5 Bytes  JMP 00331B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!CreateFileA                                                                                                 7626CE5F 5 Bytes  JMP 00331B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!MoveFileExA                                                                                                 76270F0A 5 Bytes  JMP 00331C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!MoveFileWithProgressA                                                                                       76270F2A 5 Bytes  JMP 00331C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!CopyFileA                                                                                                   76272433 5 Bytes  JMP 00331B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!MoveFileA                                                                                                   762AF641 5 Bytes  JMP 00331BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!CopyFileExA                                                                                                 762B19F9 5 Bytes  JMP 00331BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!WinExec                                                                                                     762B5CF7 5 Bytes  JMP 00331D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] kernel32.dll!LoadModule                                                                                                  762B5E4F 5 Bytes  JMP 00331AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] USER32.dll!EndTask                                                                                                       7790AD32 5 Bytes  JMP 00337E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ADVAPI32.dll!OpenServiceA                                                                                                77CF2EBD 7 Bytes  JMP 00331640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ADVAPI32.dll!OpenServiceW                                                                                                77CF8354 7 Bytes  JMP 00331480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ADVAPI32.dll!CreateServiceW                                                                                              77D19EB4 7 Bytes  JMP 00331250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ADVAPI32.dll!CreateServiceA                                                                                              77D572A1 7 Bytes  JMP 00331000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] SHELL32.dll!ShellExecuteW                                                                                                764F9725 5 Bytes  JMP 00331DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] SHELL32.dll!ShellExecuteExW                                                                                              7654C135 5 Bytes  JMP 00331E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] SHELL32.dll!ShellExecuteEx                                                                                               766F9FE2 5 Bytes  JMP 00331DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] SHELL32.dll!ShellExecuteA                                                                                                766FA07D 5 Bytes  JMP 00331DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ole32.dll!CoGetClassObject                                                                                               7633FABC 5 Bytes  JMP 00337D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[2632] ole32.dll!CoCreateInstanceEx                                                                                             76359EE9 5 Bytes  JMP 00337BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!LdrLoadDll                                                                                                                                77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!LdrUnloadDll                                                                                                                              77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!LdrGetProcedureAddress                                                                                                                    77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtAllocateVirtualMemory                                                                                                                   77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtClose                                                                                                                                   77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtCreateFile                                                                                                                              77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtCreateProcess                                                                                                                           77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtCreateProcessEx                                                                                                                         77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtDeleteFile                                                                                                                              77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtFreeVirtualMemory                                                                                                                       77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtLoadDriver                                                                                                                              77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtOpenFile                                                                                                                                77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtProtectVirtualMemory                                                                                                                    77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtSetInformationProcess                                                                                                                   77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtUnloadDriver                                                                                                                            77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtWriteVirtualMemory                                                                                                                      77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!NtCreateUserProcess                                                                                                                       77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ntdll.dll!RtlAllocateHeap                                                                                                                           77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!CreateProcessW                                                                                                                         76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!CreateProcessA                                                                                                                         76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!VirtualProtect                                                                                                                         76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!OpenFile                                                                                                                               7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!MoveFileW                                                                                                                              7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!CopyFileExW                                                                                                                            76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!CopyFileW                                                                                                                              76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!DeleteFileW                                                                                                                            7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!DeleteFileA                                                                                                                            7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!MoveFileWithProgressW                                                                                                                  762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!MoveFileExW                                                                                                                            762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!LoadLibraryExW                                                                                                                         76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!LoadLibraryW                                                                                                                           76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!LoadLibraryExA                                                                                                                         762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!LoadLibraryA                                                                                                                           762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!GetProcAddress                                                                                                                         7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!GetModuleHandleA                                                                                                                       762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!GetModuleHandleW                                                                                                                       7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!CreateFileW                                                                                                                            7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!CreateFileA                                                                                                                            7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!MoveFileExA                                                                                                                            76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!MoveFileWithProgressA                                                                                                                  76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!CopyFileA                                                                                                                              76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!MoveFileA                                                                                                                              762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!CopyFileExA                                                                                                                            762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!WinExec                                                                                                                                762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] kernel32.dll!LoadModule                                                                                                                             762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ADVAPI32.dll!OpenServiceA                                                                                                                           77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ADVAPI32.dll!OpenServiceW                                                                                                                           77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ADVAPI32.dll!CreateServiceW                                                                                                                         77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ADVAPI32.dll!CreateServiceA                                                                                                                         77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] USER32.dll!EndTask                                                                                                                                  7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ole32.dll!CoGetClassObject                                                                                                                          7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] ole32.dll!CoCreateInstanceEx                                                                                                                        76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] WS2_32.dll!WSASocketW                                                                                                                               77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\wmiprvse.exe[2664] WS2_32.dll!WSASocketA                                                                                                                               77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!LdrLoadDll                                                                                                                                              77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!LdrUnloadDll                                                                                                                                            77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!LdrGetProcedureAddress                                                                                                                                  77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtAllocateVirtualMemory                                                                                                                                 77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtClose                                                                                                                                                 77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtCreateFile                                                                                                                                            77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtCreateProcess                                                                                                                                         77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtCreateProcessEx                                                                                                                                       77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtDeleteFile                                                                                                                                            77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtFreeVirtualMemory                                                                                                                                     77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtLoadDriver                                                                                                                                            77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtOpenFile                                                                                                                                              77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtProtectVirtualMemory                                                                                                                                  77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtSetInformationProcess                                                                                                                                 77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtUnloadDriver                                                                                                                                          77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtWriteVirtualMemory                                                                                                                                    77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!NtCreateUserProcess                                                                                                                                     77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ntdll.dll!RtlAllocateHeap                                                                                                                                         77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!CreateProcessW                                                                                                                                       76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!CreateProcessA                                                                                                                                       76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!VirtualProtect                                                                                                                                       76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!OpenFile                                                                                                                                             7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!MoveFileW                                                                                                                                            7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!CopyFileExW                                                                                                                                          76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!CopyFileW                                                                                                                                            76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!DeleteFileW                                                                                                                                          7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!DeleteFileA                                                                                                                                          7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!MoveFileWithProgressW                                                                                                                                762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!MoveFileExW                                                                                                                                          762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!LoadLibraryExW                                                                                                                                       76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!LoadLibraryW                                                                                                                                         76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!LoadLibraryExA                                                                                                                                       762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!LoadLibraryA                                                                                                                                         762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!GetProcAddress                                                                                                                                       7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!GetModuleHandleA                                                                                                                                     762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!GetModuleHandleW                                                                                                                                     7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!CreateFileW                                                                                                                                          7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!CreateFileA                                                                                                                                          7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!MoveFileExA                                                                                                                                          76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!MoveFileWithProgressA                                                                                                                                76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!CopyFileA                                                                                                                                            76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!MoveFileA                                                                                                                                            762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!CopyFileExA                                                                                                                                          762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!WinExec                                                                                                                                              762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] kernel32.dll!LoadModule                                                                                                                                           762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ADVAPI32.dll!OpenServiceA                                                                                                                                         77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ADVAPI32.dll!OpenServiceW                                                                                                                                         77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ADVAPI32.dll!CreateServiceW                                                                                                                                       77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ADVAPI32.dll!CreateServiceA                                                                                                                                       77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] USER32.dll!EndTask                                                                                                                                                7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ole32.dll!CoGetClassObject                                                                                                                                        7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] ole32.dll!CoCreateInstanceEx                                                                                                                                      76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] SHELL32.dll!ShellExecuteW                                                                                                                                         764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] SHELL32.dll!ShellExecuteExW                                                                                                                                       7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] SHELL32.dll!ShellExecuteEx                                                                                                                                        766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\RtHDVCpl.exe[2668] SHELL32.dll!ShellExecuteA                                                                                                                                         766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!LdrLoadDll                                                                                                                  77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!LdrUnloadDll                                                                                                                77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!LdrGetProcedureAddress                                                                                                      77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtAllocateVirtualMemory                                                                                                     77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtClose                                                                                                                     77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtCreateFile                                                                                                                77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtCreateProcess                                                                                                             77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtCreateProcessEx                                                                                                           77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtDeleteFile                                                                                                                77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtFreeVirtualMemory                                                                                                         77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtLoadDriver                                                                                                                77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtOpenFile                                                                                                                  77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtProtectVirtualMemory                                                                                                      77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtSetInformationProcess                                                                                                     77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtUnloadDriver                                                                                                              77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtWriteVirtualMemory                                                                                                        77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!NtCreateUserProcess                                                                                                         77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ntdll.dll!RtlAllocateHeap                                                                                                             77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!CreateProcessW                                                                                                           76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!CreateProcessA                                                                                                           76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!VirtualProtect                                                                                                           76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!OpenFile                                                                                                                 7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!MoveFileW                                                                                                                7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!CopyFileExW                                                                                                              76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!CopyFileW                                                                                                                76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!DeleteFileW                                                                                                              7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!DeleteFileA                                                                                                              7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!MoveFileWithProgressW                                                                                                    762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!MoveFileExW                                                                                                              762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!LoadLibraryExW                                                                                                           76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!LoadLibraryW                                                                                                             76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!LoadLibraryExA                                                                                                           762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!LoadLibraryA                                                                                                             762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!GetProcAddress                                                                                                           7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!GetModuleHandleA                                                                                                         762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!GetModuleHandleW                                                                                                         7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!CreateFileW                                                                                                              7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!CreateFileA                                                                                                              7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!MoveFileExA                                                                                                              76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!MoveFileWithProgressA                                                                                                    76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!CopyFileA                                                                                                                76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!MoveFileA                                                                                                                762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!CopyFileExA                                                                                                              762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!WinExec                                                                                                                  762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] KERNEL32.dll!LoadModule                                                                                                               762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ADVAPI32.dll!OpenServiceA                                                                                                             77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ADVAPI32.dll!OpenServiceW                                                                                                             77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ADVAPI32.dll!CreateServiceW                                                                                                           77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ADVAPI32.dll!CreateServiceA                                                                                                           77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] WS2_32.dll!WSASocketW                                                                                                                 77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] WS2_32.dll!WSASocketA                                                                                                                 77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] USER32.dll!EndTask                                                                                                                    7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ole32.dll!CoGetClassObject                                                                                                            7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] ole32.dll!CoCreateInstanceEx                                                                                                          76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] SHELL32.dll!ShellExecuteW                                                                                                             764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] SHELL32.dll!ShellExecuteExW                                                                                                           7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] SHELL32.dll!ShellExecuteEx                                                                                                            766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Empowering Technology\eNet\eNet Service.exe[2696] SHELL32.dll!ShellExecuteA                                                                                                             766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!LdrLoadDll                                                                                                                           77B69390 5 Bytes  JMP 00674550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!LdrUnloadDll                                                                                                                         77B7BA50 7 Bytes  JMP 006781E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!LdrGetProcedureAddress                                                                                                               77B85A88 5 Bytes  JMP 006719F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtAllocateVirtualMemory                                                                                                              77BA4134 5 Bytes  JMP 00671950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtClose                                                                                                                              77BA4314 5 Bytes  JMP 006782B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtCreateFile                                                                                                                         77BA43D4 5 Bytes  JMP 006718D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtCreateProcess                                                                                                                      77BA4494 5 Bytes  JMP 00671890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtCreateProcessEx                                                                                                                    77BA44A4 5 Bytes  JMP 006719B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtDeleteFile                                                                                                                         77BA47B4 5 Bytes  JMP 00671910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtFreeVirtualMemory                                                                                                                  77BA4944 5 Bytes  JMP 00671A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtLoadDriver                                                                                                                         77BA4A64 5 Bytes  JMP 00671970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtOpenFile                                                                                                                           77BA4BB4 5 Bytes  JMP 006718F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtProtectVirtualMemory                                                                                                               77BA4D34 5 Bytes  JMP 00671930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtSetInformationProcess                                                                                                              77BA5324 5 Bytes  JMP 006719D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtUnloadDriver                                                                                                                       77BA5574 5 Bytes  JMP 00671990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtWriteVirtualMemory                                                                                                                 77BA5674 5 Bytes  JMP 006718B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!NtCreateUserProcess                                                                                                                  77BA5804 5 Bytes  JMP 00677040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ntdll.dll!RtlAllocateHeap                                                                                                                      77BA6570 5 Bytes  JMP 00671A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!CreateProcessW                                                                                                                    76221BF3 5 Bytes  JMP 00671A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!CreateProcessA                                                                                                                    76221C28 5 Bytes  JMP 00671A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!VirtualProtect                                                                                                                    76221DC3 5 Bytes  JMP 00671D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!OpenFile                                                                                                                          7622355A 5 Bytes  JMP 00671B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!MoveFileW                                                                                                                         7622A2F2 5 Bytes  JMP 00671C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!CopyFileExW                                                                                                                       76230211 7 Bytes  JMP 00671BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!CopyFileW                                                                                                                         76230299 5 Bytes  JMP 00671B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!DeleteFileW                                                                                                                       7623F4B6 5 Bytes  JMP 00671CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!DeleteFileA                                                                                                                       7623F5D2 5 Bytes  JMP 00671CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!MoveFileWithProgressW                                                                                                             762410A4 5 Bytes  JMP 00671C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!MoveFileExW                                                                                                                       762410C8 5 Bytes  JMP 00671C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!LoadLibraryExW                                                                                                                    76249109 7 Bytes  JMP 00671AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!LoadLibraryW                                                                                                                      76249362 5 Bytes  JMP 00671D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!LoadLibraryExA                                                                                                                    762494B4 5 Bytes  JMP 00671AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!LoadLibraryA                                                                                                                      762494DC 5 Bytes  JMP 00671D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!GetProcAddress                                                                                                                    7626903B 5 Bytes  JMP 00671A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!GetModuleHandleA                                                                                                                  762692A5 5 Bytes  JMP 00671CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!GetModuleHandleW                                                                                                                  7626A804 5 Bytes  JMP 00671D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!CreateFileW                                                                                                                       7626AECB 5 Bytes  JMP 00671B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!CreateFileA                                                                                                                       7626CE5F 5 Bytes  JMP 00671B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!MoveFileExA                                                                                                                       76270F0A 5 Bytes  JMP 00671C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!MoveFileWithProgressA                                                                                                             76270F2A 5 Bytes  JMP 00671C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!CopyFileA                                                                                                                         76272433 5 Bytes  JMP 00671B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!MoveFileA                                                                                                                         762AF641 5 Bytes  JMP 00671BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!CopyFileExA                                                                                                                       762B19F9 5 Bytes  JMP 00671BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!WinExec                                                                                                                           762B5CF7 5 Bytes  JMP 00671D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] kernel32.dll!LoadModule                                                                                                                        762B5E4F 5 Bytes  JMP 00671AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ADVAPI32.dll!OpenServiceA                                                                                                                      77CF2EBD 7 Bytes  JMP 00671640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ADVAPI32.dll!OpenServiceW                                                                                                                      77CF8354 7 Bytes  JMP 00671480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ADVAPI32.dll!CreateServiceW                                                                                                                    77D19EB4 7 Bytes  JMP 00671250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ADVAPI32.dll!CreateServiceA                                                                                                                    77D572A1 7 Bytes  JMP 00671000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] USER32.dll!EndTask                                                                                                                             7790AD32 5 Bytes  JMP 00677E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] SHELL32.dll!ShellExecuteW                                                                                                                      764F9725 5 Bytes  JMP 00671DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] SHELL32.dll!ShellExecuteExW                                                                                                                    7654C135 5 Bytes  JMP 00671E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] SHELL32.dll!ShellExecuteEx                                                                                                                     766F9FE2 5 Bytes  JMP 00671DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] SHELL32.dll!ShellExecuteA                                                                                                                      766FA07D 5 Bytes  JMP 00671DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ole32.dll!CoGetClassObject                                                                                                                     7633FABC 5 Bytes  JMP 00677D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] ole32.dll!CoCreateInstanceEx                                                                                                                   76359EE9 5 Bytes  JMP 00677BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] WS2_32.dll!WSASocketW                                                                                                                          77C834EB 7 Bytes  JMP 00671E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2948] WS2_32.dll!WSASocketA                                                                                                                          77C88FA9 5 Bytes  JMP 00671E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!LdrLoadDll                                                                                                     77B69390 5 Bytes  JMP 003A4550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!LdrUnloadDll                                                                                                   77B7BA50 7 Bytes  JMP 003A81E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!LdrGetProcedureAddress                                                                                         77B85A88 5 Bytes  JMP 003A19F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtAllocateVirtualMemory                                                                                        77BA4134 5 Bytes  JMP 003A1950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtClose                                                                                                        77BA4314 5 Bytes  JMP 003A82B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtCreateFile                                                                                                   77BA43D4 5 Bytes  JMP 003A18D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtCreateProcess                                                                                                77BA4494 5 Bytes  JMP 003A1890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtCreateProcessEx                                                                                              77BA44A4 5 Bytes  JMP 003A19B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtDeleteFile                                                                                                   77BA47B4 5 Bytes  JMP 003A1910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtFreeVirtualMemory                                                                                            77BA4944 5 Bytes  JMP 003A1A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtLoadDriver                                                                                                   77BA4A64 5 Bytes  JMP 003A1970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtOpenFile                                                                                                     77BA4BB4 5 Bytes  JMP 003A18F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtProtectVirtualMemory                                                                                         77BA4D34 5 Bytes  JMP 003A1930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtSetInformationProcess                                                                                        77BA5324 5 Bytes  JMP 003A19D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtUnloadDriver                                                                                                 77BA5574 5 Bytes  JMP 003A1990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtWriteVirtualMemory                                                                                           77BA5674 5 Bytes  JMP 003A18B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!NtCreateUserProcess                                                                                            77BA5804 5 Bytes  JMP 003A7040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ntdll.dll!RtlAllocateHeap                                                                                                77BA6570 5 Bytes  JMP 003A1A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!CreateProcessW                                                                                              76221BF3 5 Bytes  JMP 003A1A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!CreateProcessA                                                                                              76221C28 5 Bytes  JMP 003A1A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!VirtualProtect                                                                                              76221DC3 5 Bytes  JMP 003A1D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!OpenFile                                                                                                    7622355A 5 Bytes  JMP 003A1B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!MoveFileW                                                                                                   7622A2F2 5 Bytes  JMP 003A1C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!CopyFileExW                                                                                                 76230211 7 Bytes  JMP 003A1BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!CopyFileW                                                                                                   76230299 5 Bytes  JMP 003A1B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!DeleteFileW                                                                                                 7623F4B6 5 Bytes  JMP 003A1CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!DeleteFileA                                                                                                 7623F5D2 5 Bytes  JMP 003A1CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!MoveFileWithProgressW                                                                                       762410A4 5 Bytes  JMP 003A1C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!MoveFileExW                                                                                                 762410C8 5 Bytes  JMP 003A1C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!LoadLibraryExW                                                                                              76249109 7 Bytes  JMP 003A1AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!LoadLibraryW                                                                                                76249362 5 Bytes  JMP 003A1D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!LoadLibraryExA                                                                                              762494B4 5 Bytes  JMP 003A1AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!LoadLibraryA                                                                                                762494DC 5 Bytes  JMP 003A1D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!GetProcAddress                                                                                              7626903B 5 Bytes  JMP 003A1A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!GetModuleHandleA                                                                                            762692A5 5 Bytes  JMP 003A1CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!GetModuleHandleW                                                                                            7626A804 5 Bytes  JMP 003A1D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!CreateFileW                                                                                                 7626AECB 5 Bytes  JMP 003A1B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!CreateFileA                                                                                                 7626CE5F 5 Bytes  JMP 003A1B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!MoveFileExA                                                                                                 76270F0A 5 Bytes  JMP 003A1C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!MoveFileWithProgressA                                                                                       76270F2A 5 Bytes  JMP 003A1C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!CopyFileA                                                                                                   76272433 5 Bytes  JMP 003A1B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!MoveFileA                                                                                                   762AF641 5 Bytes  JMP 003A1BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!CopyFileExA                                                                                                 762B19F9 5 Bytes  JMP 003A1BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!WinExec                                                                                                     762B5CF7 5 Bytes  JMP 003A1D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] kernel32.dll!LoadModule                                                                                                  762B5E4F 5 Bytes  JMP 003A1AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] USER32.dll!EndTask                                                                                                       7790AD32 5 Bytes  JMP 003A7E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ADVAPI32.dll!OpenServiceA                                                                                                77CF2EBD 7 Bytes  JMP 003A1640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ADVAPI32.dll!OpenServiceW                                                                                                77CF8354 7 Bytes  JMP 003A1480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ADVAPI32.dll!CreateServiceW                                                                                              77D19EB4 7 Bytes  JMP 003A1250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ADVAPI32.dll!CreateServiceA                                                                                              77D572A1 7 Bytes  JMP 003A1000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] SHELL32.dll!ShellExecuteW                                                                                                764F9725 5 Bytes  JMP 003A1DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] SHELL32.dll!ShellExecuteExW                                                                                              7654C135 5 Bytes  JMP 003A1E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] SHELL32.dll!ShellExecuteEx                                                                                               766F9FE2 5 Bytes  JMP 003A1DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] SHELL32.dll!ShellExecuteA                                                                                                766FA07D 5 Bytes  JMP 003A1DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ole32.dll!CoGetClassObject                                                                                               7633FABC 5 Bytes  JMP 003A7D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3108] ole32.dll!CoCreateInstanceEx                                                                                             76359EE9 5 Bytes  JMP 003A7BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] SHELL32.dll!ShellExecuteW                                                                                                                                 764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] SHELL32.dll!ShellExecuteExW                                                                                                                               7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] SHELL32.dll!ShellExecuteEx                                                                                                                                766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] SHELL32.dll!ShellExecuteA                                                                                                                                 766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\taskeng.exe[3448] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!LdrLoadDll                                                                                                                 77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!LdrUnloadDll                                                                                                               77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!LdrGetProcedureAddress                                                                                                     77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtAllocateVirtualMemory                                                                                                    77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtClose                                                                                                                    77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtCreateFile                                                                                                               77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtCreateProcess                                                                                                            77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtCreateProcessEx                                                                                                          77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtDeleteFile                                                                                                               77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtFreeVirtualMemory                                                                                                        77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtLoadDriver                                                                                                               77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtOpenFile                                                                                                                 77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtProtectVirtualMemory                                                                                                     77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtSetInformationProcess                                                                                                    77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtUnloadDriver                                                                                                             77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtWriteVirtualMemory                                                                                                       77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!NtCreateUserProcess                                                                                                        77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ntdll.dll!RtlAllocateHeap                                                                                                            77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!CreateProcessW                                                                                                          76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!CreateProcessA                                                                                                          76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!VirtualProtect                                                                                                          76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!OpenFile                                                                                                                7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!MoveFileW                                                                                                               7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!CopyFileExW                                                                                                             76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!CopyFileW                                                                                                               76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!DeleteFileW                                                                                                             7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!DeleteFileA                                                                                                             7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!MoveFileWithProgressW                                                                                                   762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!MoveFileExW                                                                                                             762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!LoadLibraryExW                                                                                                          76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!LoadLibraryW                                                                                                            76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!LoadLibraryExA                                                                                                          762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!LoadLibraryA                                                                                                            762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!GetProcAddress                                                                                                          7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!GetModuleHandleA                                                                                                        762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!GetModuleHandleW                                                                                                        7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!CreateFileW                                                                                                             7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!CreateFileA                                                                                                             7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!MoveFileExA                                                                                                             76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!MoveFileWithProgressA                                                                                                   76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!CopyFileA                                                                                                               76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!MoveFileA                                                                                                               762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!CopyFileExA                                                                                                             762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!WinExec                                                                                                                 762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] kernel32.dll!LoadModule                                                                                                              762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] USER32.dll!EndTask                                                                                                                   7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ADVAPI32.dll!OpenServiceA                                                                                                            77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ADVAPI32.dll!OpenServiceW                                                                                                            77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ADVAPI32.dll!CreateServiceW                                                                                                          77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] ADVAPI32.dll!CreateServiceA                                                                                                          77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] SHELL32.dll!ShellExecuteW                                                                                                            764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] SHELL32.dll!ShellExecuteExW                                                                                                          7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] SHELL32.dll!ShellExecuteEx                                                                                                           766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\LightScribe\LSSrvc.exe[3528] SHELL32.dll!ShellExecuteA                                                                                                            766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!LdrLoadDll                                                                                                                          77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!LdrUnloadDll                                                                                                                        77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!LdrGetProcedureAddress                                                                                                              77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtAllocateVirtualMemory                                                                                                             77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtClose                                                                                                                             77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtCreateFile                                                                                                                        77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtCreateProcess                                                                                                                     77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtCreateProcessEx                                                                                                                   77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtDeleteFile                                                                                                                        77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtFreeVirtualMemory                                                                                                                 77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtLoadDriver                                                                                                                        77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtOpenFile                                                                                                                          77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtProtectVirtualMemory                                                                                                              77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtSetInformationProcess                                                                                                             77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtUnloadDriver                                                                                                                      77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtWriteVirtualMemory                                                                                                                77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!NtCreateUserProcess                                                                                                                 77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ntdll.dll!RtlAllocateHeap                                                                                                                     77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!CreateProcessW                                                                                                                   76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!CreateProcessA                                                                                                                   76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!VirtualProtect                                                                                                                   76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!OpenFile                                                                                                                         7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!MoveFileW                                                                                                                        7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!CopyFileExW                                                                                                                      76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!CopyFileW                                                                                                                        76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!DeleteFileW                                                                                                                      7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!DeleteFileA                                                                                                                      7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!MoveFileWithProgressW                                                                                                            762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!MoveFileExW                                                                                                                      762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!LoadLibraryExW                                                                                                                   76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!LoadLibraryW                                                                                                                     76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!LoadLibraryExA                                                                                                                   762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!LoadLibraryA                                                                                                                     762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!GetProcAddress                                                                                                                   7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!GetModuleHandleA                                                                                                                 762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!GetModuleHandleW                                                                                                                 7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!CreateFileW                                                                                                                      7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!CreateFileA                                                                                                                      7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!MoveFileExA                                                                                                                      76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!MoveFileWithProgressA                                                                                                            76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!CopyFileA                                                                                                                        76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!MoveFileA                                                                                                                        762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!CopyFileExA                                                                                                                      762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!WinExec                                                                                                                          762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] KERNEL32.dll!LoadModule                                                                                                                       762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ADVAPI32.dll!OpenServiceA                                                                                                                     77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ADVAPI32.dll!OpenServiceW                                                                                                                     77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ADVAPI32.dll!CreateServiceW                                                                                                                   77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ADVAPI32.dll!CreateServiceA                                                                                                                   77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] USER32.dll!EndTask                                                                                                                            7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] SHELL32.dll!ShellExecuteW                                                                                                                     764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] SHELL32.dll!ShellExecuteExW                                                                                                                   7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] SHELL32.dll!ShellExecuteEx                                                                                                                    766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] SHELL32.dll!ShellExecuteA                                                                                                                     766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ole32.dll!CoGetClassObject                                                                                                                    7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Acer\Mobility Center\MobilityService.exe[3556] ole32.dll!CoCreateInstanceEx                                                                                                                  76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] WS2_32.dll!WSASocketW                                                                                                                                     77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3720] WS2_32.dll!WSASocketA                                                                                                                                     77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!LdrLoadDll                                                                                                                  77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!LdrUnloadDll                                                                                                                77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!LdrGetProcedureAddress                                                                                                      77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtAllocateVirtualMemory                                                                                                     77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtClose                                                                                                                     77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtCreateFile                                                                                                                77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtCreateProcess                                                                                                             77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtCreateProcessEx                                                                                                           77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtDeleteFile                                                                                                                77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtFreeVirtualMemory                                                                                                         77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtLoadDriver                                                                                                                77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtOpenFile                                                                                                                  77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtProtectVirtualMemory                                                                                                      77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtSetInformationProcess                                                                                                     77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtUnloadDriver                                                                                                              77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtWriteVirtualMemory                                                                                                        77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!NtCreateUserProcess                                                                                                         77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ntdll.dll!RtlAllocateHeap                                                                                                             77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!CreateProcessW                                                                                                           76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!CreateProcessA                                                                                                           76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!VirtualProtect                                                                                                           76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!OpenFile                                                                                                                 7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!MoveFileW                                                                                                                7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!CopyFileExW                                                                                                              76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!CopyFileW                                                                                                                76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!DeleteFileW                                                                                                              7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!DeleteFileA                                                                                                              7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!MoveFileWithProgressW                                                                                                    762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!MoveFileExW                                                                                                              762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!LoadLibraryExW                                                                                                           76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!LoadLibraryW                                                                                                             76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!LoadLibraryExA                                                                                                           762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!LoadLibraryA                                                                                                             762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!GetProcAddress                                                                                                           7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!GetModuleHandleA                                                                                                         762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!GetModuleHandleW                                                                                                         7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!CreateFileW                                                                                                              7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!CreateFileA                                                                                                              7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!MoveFileExA                                                                                                              76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!MoveFileWithProgressA                                                                                                    76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!CopyFileA                                                                                                                76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!MoveFileA                                                                                                                762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!CopyFileExA                                                                                                              762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!WinExec                                                                                                                  762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] kernel32.dll!LoadModule                                                                                                               762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] USER32.dll!EndTask                                                                                                                    7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ADVAPI32.dll!OpenServiceA                                                                                                             77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ADVAPI32.dll!OpenServiceW                                                                                                             77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ADVAPI32.dll!CreateServiceW                                                                                                           77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ADVAPI32.dll!CreateServiceA                                                                                                           77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ole32.dll!CoGetClassObject                                                                                                            7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Macrium\Reflect\ReflectService.exe[3744] ole32.dll!CoCreateInstanceEx                                                                                                          76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!LdrLoadDll                                                                                                                        77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!LdrUnloadDll                                                                                                                      77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!LdrGetProcedureAddress                                                                                                            77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtAllocateVirtualMemory                                                                                                           77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtClose                                                                                                                           77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtCreateFile                                                                                                                      77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtCreateProcess                                                                                                                   77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtCreateProcessEx                                                                                                                 77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtDeleteFile                                                                                                                      77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtFreeVirtualMemory                                                                                                               77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtLoadDriver                                                                                                                      77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtOpenFile                                                                                                                        77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtProtectVirtualMemory                                                                                                            77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtSetInformationProcess                                                                                                           77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtUnloadDriver                                                                                                                    77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtWriteVirtualMemory                                                                                                              77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!NtCreateUserProcess                                                                                                               77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ntdll.dll!RtlAllocateHeap                                                                                                                   77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!CreateProcessW                                                                                                                 76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!CreateProcessA                                                                                                                 76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!VirtualProtect                                                                                                                 76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!OpenFile                                                                                                                       7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!MoveFileW                                                                                                                      7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!CopyFileExW                                                                                                                    76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!CopyFileW                                                                                                                      76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!DeleteFileW                                                                                                                    7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!DeleteFileA                                                                                                                    7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!MoveFileWithProgressW                                                                                                          762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!MoveFileExW                                                                                                                    762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!LoadLibraryExW                                                                                                                 76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!LoadLibraryW                                                                                                                   76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!LoadLibraryExA                                                                                                                 762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!LoadLibraryA                                                                                                                   762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!GetProcAddress                                                                                                                 7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!GetModuleHandleA                                                                                                               762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!GetModuleHandleW                                                                                                               7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!CreateFileW                                                                                                                    7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!CreateFileA                                                                                                                    7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!MoveFileExA                                                                                                                    76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!MoveFileWithProgressA                                                                                                          76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!CopyFileA                                                                                                                      76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!MoveFileA                                                                                                                      762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!CopyFileExA                                                                                                                    762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!WinExec                                                                                                                        762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] kernel32.dll!LoadModule                                                                                                                     762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ADVAPI32.dll!OpenServiceA                                                                                                                   77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ADVAPI32.dll!OpenServiceW                                                                                                                   77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ADVAPI32.dll!CreateServiceW                                                                                                                 77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ADVAPI32.dll!CreateServiceA                                                                                                                 77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] USER32.dll!EndTask                                                                                                                          7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ole32.dll!CoGetClassObject                                                                                                                  7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Users\IVAN\AppData\Local\Temp\RtkBtMnt.exe[3776] ole32.dll!CoCreateInstanceEx                                                                                                                76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!LdrLoadDll                                                                                                                77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!LdrUnloadDll                                                                                                              77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!LdrGetProcedureAddress                                                                                                    77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtAllocateVirtualMemory                                                                                                   77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtClose                                                                                                                   77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtCreateFile                                                                                                              77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtCreateProcess                                                                                                           77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtCreateProcessEx                                                                                                         77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtDeleteFile                                                                                                              77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtFreeVirtualMemory                                                                                                       77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtLoadDriver                                                                                                              77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtOpenFile                                                                                                                77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtProtectVirtualMemory                                                                                                    77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtSetInformationProcess                                                                                                   77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtUnloadDriver                                                                                                            77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtWriteVirtualMemory                                                                                                      77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!NtCreateUserProcess                                                                                                       77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ntdll.dll!RtlAllocateHeap                                                                                                           77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!CreateProcessW                                                                                                         76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!CreateProcessA                                                                                                         76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!VirtualProtect                                                                                                         76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!OpenFile                                                                                                               7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!MoveFileW                                                                                                              7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!CopyFileExW                                                                                                            76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!CopyFileW                                                                                                              76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!DeleteFileW                                                                                                            7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!DeleteFileA                                                                                                            7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!MoveFileWithProgressW                                                                                                  762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!MoveFileExW                                                                                                            762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!LoadLibraryExW                                                                                                         76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!LoadLibraryW                                                                                                           76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!LoadLibraryExA                                                                                                         762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!LoadLibraryA                                                                                                           762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!GetProcAddress                                                                                                         7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!GetModuleHandleA                                                                                                       762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!GetModuleHandleW                                                                                                       7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!CreateFileW                                                                                                            7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!CreateFileA                                                                                                            7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!MoveFileExA                                                                                                            76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!MoveFileWithProgressA                                                                                                  76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!CopyFileA                                                                                                              76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!MoveFileA                                                                                                              762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!CopyFileExA                                                                                                            762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!WinExec                                                                                                                762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] kernel32.dll!LoadModule                                                                                                             762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] USER32.dll!EndTask                                                                                                                  7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ADVAPI32.dll!OpenServiceA                                                                                                           77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ADVAPI32.dll!OpenServiceW                                                                                                           77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ADVAPI32.dll!CreateServiceW                                                                                                         77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ADVAPI32.dll!CreateServiceA                                                                                                         77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] SHELL32.dll!ShellExecuteW                                                                                                           764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] SHELL32.dll!ShellExecuteExW                                                                                                         7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] SHELL32.dll!ShellExecuteEx                                                                                                          766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] SHELL32.dll!ShellExecuteA                                                                                                           766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ole32.dll!CoGetClassObject                                                                                                          7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[3784] ole32.dll!CoCreateInstanceEx                                                                                                        76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] SHELL32.dll!ShellExecuteW                                                                                                                                 764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] SHELL32.dll!ShellExecuteExW                                                                                                                               7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] SHELL32.dll!ShellExecuteEx                                                                                                                                766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\svchost.exe[3884] SHELL32.dll!ShellExecuteA                                                                                                                                 766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!LdrLoadDll                                                                                                                                      77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!LdrUnloadDll                                                                                                                                    77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!LdrGetProcedureAddress                                                                                                                          77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtAllocateVirtualMemory                                                                                                                         77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtClose                                                                                                                                         77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtCreateFile                                                                                                                                    77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtCreateProcess                                                                                                                                 77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtCreateProcessEx                                                                                                                               77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtDeleteFile                                                                                                                                    77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtFreeVirtualMemory                                                                                                                             77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtLoadDriver                                                                                                                                    77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtOpenFile                                                                                                                                      77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtProtectVirtualMemory                                                                                                                          77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtSetInformationProcess                                                                                                                         77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtUnloadDriver                                                                                                                                  77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtWriteVirtualMemory                                                                                                                            77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!NtCreateUserProcess                                                                                                                             77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ntdll.dll!RtlAllocateHeap                                                                                                                                 77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!CreateProcessW                                                                                                                               76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!CreateProcessA                                                                                                                               76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!VirtualProtect                                                                                                                               76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!OpenFile                                                                                                                                     7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!MoveFileW                                                                                                                                    7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!CopyFileExW                                                                                                                                  76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!CopyFileW                                                                                                                                    76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!DeleteFileW                                                                                                                                  7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!DeleteFileA                                                                                                                                  7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!MoveFileWithProgressW                                                                                                                        762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!MoveFileExW                                                                                                                                  762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!LoadLibraryExW                                                                                                                               76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!LoadLibraryW                                                                                                                                 76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!LoadLibraryExA                                                                                                                               762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!LoadLibraryA                                                                                                                                 762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!GetProcAddress                                                                                                                               7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!GetModuleHandleA                                                                                                                             762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!GetModuleHandleW                                                                                                                             7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!CreateFileW                                                                                                                                  7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!CreateFileA                                                                                                                                  7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!MoveFileExA                                                                                                                                  76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!MoveFileWithProgressA                                                                                                                        76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!CopyFileA                                                                                                                                    76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!MoveFileA                                                                                                                                    762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!CopyFileExA                                                                                                                                  762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!WinExec                                                                                                                                      762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] kernel32.dll!LoadModule                                                                                                                                   762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ADVAPI32.dll!OpenServiceA                                                                                                                                 77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ADVAPI32.dll!OpenServiceW                                                                                                                                 77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ADVAPI32.dll!CreateServiceW                                                                                                                               77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ADVAPI32.dll!CreateServiceA                                                                                                                               77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] USER32.dll!EndTask                                                                                                                                        7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ole32.dll!CoGetClassObject                                                                                                                                7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] ole32.dll!CoCreateInstanceEx                                                                                                                              76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] SHELL32.dll!ShellExecuteW                                                                                                                                 764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] SHELL32.dll!ShellExecuteExW                                                                                                                               7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] SHELL32.dll!ShellExecuteEx                                                                                                                                766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\svchost.exe[3920] SHELL32.dll!ShellExecuteA                                                                                                                                 766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!LdrLoadDll                                                                                                                                77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!LdrUnloadDll                                                                                                                              77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!LdrGetProcedureAddress                                                                                                                    77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtAllocateVirtualMemory                                                                                                                   77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtClose                                                                                                                                   77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtCreateFile                                                                                                                              77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtCreateProcess                                                                                                                           77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtCreateProcessEx                                                                                                                         77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtDeleteFile                                                                                                                              77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtFreeVirtualMemory                                                                                                                       77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtLoadDriver                                                                                                                              77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtOpenFile                                                                                                                                77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtProtectVirtualMemory                                                                                                                    77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtSetInformationProcess                                                                                                                   77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtUnloadDriver                                                                                                                            77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtWriteVirtualMemory                                                                                                                      77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!NtCreateUserProcess                                                                                                                       77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ntdll.dll!RtlAllocateHeap                                                                                                                           77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!CreateProcessW                                                                                                                         76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!CreateProcessA                                                                                                                         76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!VirtualProtect                                                                                                                         76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!OpenFile                                                                                                                               7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!MoveFileW                                                                                                                              7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!CopyFileExW                                                                                                                            76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!CopyFileW                                                                                                                              76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!DeleteFileW                                                                                                                            7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!DeleteFileA                                                                                                                            7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!MoveFileWithProgressW                                                                                                                  762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!MoveFileExW                                                                                                                            762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!LoadLibraryExW                                                                                                                         76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!LoadLibraryW                                                                                                                           76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!LoadLibraryExA                                                                                                                         762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!LoadLibraryA                                                                                                                           762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!GetProcAddress                                                                                                                         7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!GetModuleHandleA                                                                                                                       762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!GetModuleHandleW                                                                                                                       7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!CreateFileW                                                                                                                            7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!CreateFileA                                                                                                                            7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!MoveFileExA                                                                                                                            76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!MoveFileWithProgressA                                                                                                                  76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!CopyFileA                                                                                                                              76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!MoveFileA                                                                                                                              762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!CopyFileExA                                                                                                                            762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!WinExec                                                                                                                                762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] kernel32.dll!LoadModule                                                                                                                             762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ADVAPI32.dll!OpenServiceA                                                                                                                           77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ADVAPI32.dll!OpenServiceW                                                                                                                           77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ADVAPI32.dll!CreateServiceW                                                                                                                         77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ADVAPI32.dll!CreateServiceA                                                                                                                         77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] USER32.dll!EndTask                                                                                                                                  7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ole32.dll!CoGetClassObject                                                                                                                          7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] ole32.dll!CoCreateInstanceEx                                                                                                                        76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] SHELL32.dll!ShellExecuteW                                                                                                                           764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] SHELL32.dll!ShellExecuteExW                                                                                                                         7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] SHELL32.dll!ShellExecuteEx                                                                                                                          766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] SHELL32.dll!ShellExecuteA                                                                                                                           766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] WS2_32.dll!WSASocketW                                                                                                                               77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\SearchIndexer.exe[3964] WS2_32.dll!WSASocketA                                                                                                                               77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!LdrLoadDll                                                                                                                               77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!LdrUnloadDll                                                                                                                             77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!LdrGetProcedureAddress                                                                                                                   77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtAllocateVirtualMemory                                                                                                                  77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtClose                                                                                                                                  77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtCreateFile                                                                                                                             77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtCreateProcess                                                                                                                          77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtCreateProcessEx                                                                                                                        77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtDeleteFile                                                                                                                             77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtFreeVirtualMemory                                                                                                                      77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtLoadDriver                                                                                                                             77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtOpenFile                                                                                                                               77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtProtectVirtualMemory                                                                                                                   77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtSetInformationProcess                                                                                                                  77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtUnloadDriver                                                                                                                           77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtWriteVirtualMemory                                                                                                                     77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!NtCreateUserProcess                                                                                                                      77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ntdll.dll!RtlAllocateHeap                                                                                                                          77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!CreateProcessW                                                                                                                        76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!CreateProcessA                                                                                                                        76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!VirtualProtect                                                                                                                        76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!OpenFile                                                                                                                              7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!MoveFileW                                                                                                                             7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!CopyFileExW                                                                                                                           76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!CopyFileW                                                                                                                             76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!DeleteFileW                                                                                                                           7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!DeleteFileA                                                                                                                           7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!MoveFileWithProgressW                                                                                                                 762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!MoveFileExW                                                                                                                           762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!LoadLibraryExW                                                                                                                        76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!LoadLibraryW                                                                                                                          76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!LoadLibraryExA                                                                                                                        762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!LoadLibraryA                                                                                                                          762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!GetProcAddress                                                                                                                        7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!GetModuleHandleA                                                                                                                      762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!GetModuleHandleW                                                                                                                      7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!CreateFileW                                                                                                                           7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!CreateFileA                                                                                                                           7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!MoveFileExA                                                                                                                           76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!MoveFileWithProgressA                                                                                                                 76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!CopyFileA                                                                                                                             76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!MoveFileA                                                                                                                             762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!CopyFileExA                                                                                                                           762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!WinExec                                                                                                                               762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] kernel32.dll!LoadModule                                                                                                                            762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ADVAPI32.dll!OpenServiceA                                                                                                                          77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ADVAPI32.dll!OpenServiceW                                                                                                                          77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ADVAPI32.dll!CreateServiceW                                                                                                                        77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ADVAPI32.dll!CreateServiceA                                                                                                                        77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ole32.dll!CoGetClassObject                                                                                                                         7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] ole32.dll!CoCreateInstanceEx                                                                                                                       76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\DRIVERS\xaudio.exe[4048] USER32.dll!EndTask                                                                                                                                 7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!LdrLoadDll                                                                                                                   77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!LdrUnloadDll                                                                                                                 77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!LdrGetProcedureAddress                                                                                                       77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtAllocateVirtualMemory                                                                                                      77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtClose                                                                                                                      77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtCreateFile                                                                                                                 77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtCreateProcess                                                                                                              77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtCreateProcessEx                                                                                                            77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtDeleteFile                                                                                                                 77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtFreeVirtualMemory                                                                                                          77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtLoadDriver                                                                                                                 77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtOpenFile                                                                                                                   77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtProtectVirtualMemory                                                                                                       77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtSetInformationProcess                                                                                                      77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtUnloadDriver                                                                                                               77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtWriteVirtualMemory                                                                                                         77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!NtCreateUserProcess                                                                                                          77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ntdll.dll!RtlAllocateHeap                                                                                                              77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!CreateProcessW                                                                                                            76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!CreateProcessA                                                                                                            76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!VirtualProtect                                                                                                            76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!OpenFile                                                                                                                  7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!MoveFileW                                                                                                                 7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!CopyFileExW                                                                                                               76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!CopyFileW                                                                                                                 76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!DeleteFileW                                                                                                               7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!DeleteFileA                                                                                                               7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!MoveFileWithProgressW                                                                                                     762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!MoveFileExW                                                                                                               762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!LoadLibraryExW                                                                                                            76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!LoadLibraryW                                                                                                              76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!LoadLibraryExA                                                                                                            762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!LoadLibraryA                                                                                                              762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!GetProcAddress                                                                                                            7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!GetModuleHandleA                                                                                                          762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!GetModuleHandleW                                                                                                          7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!CreateFileW                                                                                                               7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!CreateFileA                                                                                                               7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!MoveFileExA                                                                                                               76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!MoveFileWithProgressA                                                                                                     76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!CopyFileA                                                                                                                 76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!MoveFileA                                                                                                                 762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!CopyFileExA                                                                                                               762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!WinExec                                                                                                                   762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] kernel32.dll!LoadModule                                                                                                                762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] WS2_32.dll!WSASocketW                                                                                                                  77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] WS2_32.dll!WSASocketA                                                                                                                  77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ADVAPI32.dll!OpenServiceA                                                                                                              77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ADVAPI32.dll!OpenServiceW                                                                                                              77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ADVAPI32.dll!CreateServiceW                                                                                                            77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] ADVAPI32.dll!CreateServiceA                                                                                                            77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] USER32.dll!EndTask                                                                                                                     7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] SHELL32.dll!ShellExecuteW                                                                                                              764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] SHELL32.dll!ShellExecuteExW                                                                                                            7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] SHELL32.dll!ShellExecuteEx                                                                                                             766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avmailc.exe[4084] SHELL32.dll!ShellExecuteA                                                                                                              766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!LdrLoadDll                                                                                                                         77B69390 5 Bytes  JMP 004E4550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!LdrUnloadDll                                                                                                                       77B7BA50 7 Bytes  JMP 004E81E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!LdrGetProcedureAddress                                                                                                             77B85A88 5 Bytes  JMP 004E19F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtAllocateVirtualMemory                                                                                                            77BA4134 5 Bytes  JMP 004E1950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtClose                                                                                                                            77BA4314 5 Bytes  JMP 004E82B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtCreateFile                                                                                                                       77BA43D4 5 Bytes  JMP 004E18D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtCreateProcess                                                                                                                    77BA4494 5 Bytes  JMP 004E1890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtCreateProcessEx                                                                                                                  77BA44A4 5 Bytes  JMP 004E19B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtDeleteFile                                                                                                                       77BA47B4 5 Bytes  JMP 004E1910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtFreeVirtualMemory                                                                                                                77BA4944 5 Bytes  JMP 004E1A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtLoadDriver                                                                                                                       77BA4A64 5 Bytes  JMP 004E1970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtOpenFile                                                                                                                         77BA4BB4 5 Bytes  JMP 004E18F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtProtectVirtualMemory                                                                                                             77BA4D34 5 Bytes  JMP 004E1930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtSetInformationProcess                                                                                                            77BA5324 5 Bytes  JMP 004E19D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtUnloadDriver                                                                                                                     77BA5574 5 Bytes  JMP 004E1990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtWriteVirtualMemory                                                                                                               77BA5674 5 Bytes  JMP 004E18B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!NtCreateUserProcess                                                                                                                77BA5804 5 Bytes  JMP 004E7040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ntdll.dll!RtlAllocateHeap                                                                                                                    77BA6570 5 Bytes  JMP 004E1A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!CreateProcessW                                                                                                                  76221BF3 5 Bytes  JMP 004E1A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!CreateProcessA                                                                                                                  76221C28 5 Bytes  JMP 004E1A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!VirtualProtect                                                                                                                  76221DC3 5 Bytes  JMP 004E1D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!OpenFile                                                                                                                        7622355A 5 Bytes  JMP 004E1B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!MoveFileW                                                                                                                       7622A2F2 5 Bytes  JMP 004E1C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!CopyFileExW                                                                                                                     76230211 7 Bytes  JMP 004E1BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!CopyFileW                                                                                                                       76230299 5 Bytes  JMP 004E1B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!DeleteFileW                                                                                                                     7623F4B6 5 Bytes  JMP 004E1CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!DeleteFileA                                                                                                                     7623F5D2 5 Bytes  JMP 004E1CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!MoveFileWithProgressW                                                                                                           762410A4 5 Bytes  JMP 004E1C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!MoveFileExW                                                                                                                     762410C8 5 Bytes  JMP 004E1C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!LoadLibraryExW                                                                                                                  76249109 7 Bytes  JMP 004E1AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!LoadLibraryW                                                                                                                    76249362 5 Bytes  JMP 004E1D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!LoadLibraryExA                                                                                                                  762494B4 5 Bytes  JMP 004E1AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!LoadLibraryA                                                                                                                    762494DC 5 Bytes  JMP 004E1D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!GetProcAddress                                                                                                                  7626903B 5 Bytes  JMP 004E1A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!GetModuleHandleA                                                                                                                762692A5 5 Bytes  JMP 004E1CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!GetModuleHandleW                                                                                                                7626A804 5 Bytes  JMP 004E1D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!CreateFileW                                                                                                                     7626AECB 5 Bytes  JMP 004E1B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!CreateFileA                                                                                                                     7626CE5F 5 Bytes  JMP 004E1B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!MoveFileExA                                                                                                                     76270F0A 5 Bytes  JMP 004E1C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!MoveFileWithProgressA                                                                                                           76270F2A 5 Bytes  JMP 004E1C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!CopyFileA                                                                                                                       76272433 5 Bytes  JMP 004E1B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!MoveFileA                                                                                                                       762AF641 5 Bytes  JMP 004E1BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!CopyFileExA                                                                                                                     762B19F9 5 Bytes  JMP 004E1BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!WinExec                                                                                                                         762B5CF7 5 Bytes  JMP 004E1D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] kernel32.dll!LoadModule                                                                                                                      762B5E4F 5 Bytes  JMP 004E1AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] USER32.dll!EndTask                                                                                                                           7790AD32 5 Bytes  JMP 004E7E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ADVAPI32.dll!OpenServiceA                                                                                                                    77CF2EBD 7 Bytes  JMP 004E1640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ADVAPI32.dll!OpenServiceW                                                                                                                    77CF8354 7 Bytes  JMP 004E1480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ADVAPI32.dll!CreateServiceW                                                                                                                  77D19EB4 7 Bytes  JMP 004E1250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ADVAPI32.dll!CreateServiceA                                                                                                                  77D572A1 7 Bytes  JMP 004E1000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] SHELL32.dll!ShellExecuteW                                                                                                                    764F9725 5 Bytes  JMP 004E1DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] SHELL32.dll!ShellExecuteExW                                                                                                                  7654C135 5 Bytes  JMP 004E1E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] SHELL32.dll!ShellExecuteEx                                                                                                                   766F9FE2 5 Bytes  JMP 004E1DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] SHELL32.dll!ShellExecuteA                                                                                                                    766FA07D 5 Bytes  JMP 004E1DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ole32.dll!CoGetClassObject                                                                                                                   7633FABC 5 Bytes  JMP 004E7D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Launch Manager\QtZgAcer.EXE[4304] ole32.dll!CoCreateInstanceEx                                                                                                                 76359EE9 5 Bytes  JMP 004E7BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!LdrLoadDll                                                                                                                                               77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!LdrUnloadDll                                                                                                                                             77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!LdrGetProcedureAddress                                                                                                                                   77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtAllocateVirtualMemory                                                                                                                                  77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtClose                                                                                                                                                  77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtCreateFile                                                                                                                                             77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtCreateProcess                                                                                                                                          77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtCreateProcessEx                                                                                                                                        77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtDeleteFile                                                                                                                                             77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtFreeVirtualMemory                                                                                                                                      77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtLoadDriver                                                                                                                                             77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtOpenFile                                                                                                                                               77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtProtectVirtualMemory                                                                                                                                   77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtSetInformationProcess                                                                                                                                  77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtUnloadDriver                                                                                                                                           77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtWriteVirtualMemory                                                                                                                                     77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!NtCreateUserProcess                                                                                                                                      77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ntdll.dll!RtlAllocateHeap                                                                                                                                          77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!CreateProcessW                                                                                                                                        76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!CreateProcessA                                                                                                                                        76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!VirtualProtect                                                                                                                                        76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!OpenFile                                                                                                                                              7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!MoveFileW                                                                                                                                             7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!CopyFileExW                                                                                                                                           76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!CopyFileW                                                                                                                                             76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!DeleteFileW                                                                                                                                           7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!DeleteFileA                                                                                                                                           7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!MoveFileWithProgressW                                                                                                                                 762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!MoveFileExW                                                                                                                                           762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!LoadLibraryExW                                                                                                                                        76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!LoadLibraryW                                                                                                                                          76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!LoadLibraryExA                                                                                                                                        762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!LoadLibraryA                                                                                                                                          762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!GetProcAddress                                                                                                                                        7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!GetModuleHandleA                                                                                                                                      762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!GetModuleHandleW                                                                                                                                      7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!CreateFileW                                                                                                                                           7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!CreateFileA                                                                                                                                           7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!MoveFileExA                                                                                                                                           76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!MoveFileWithProgressA                                                                                                                                 76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!CopyFileA                                                                                                                                             76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!MoveFileA                                                                                                                                             762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!CopyFileExA                                                                                                                                           762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!WinExec                                                                                                                                               762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] kernel32.dll!LoadModule                                                                                                                                            762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] USER32.dll!EndTask                                                                                                                                                 7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ADVAPI32.dll!OpenServiceA                                                                                                                                          77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ADVAPI32.dll!OpenServiceW                                                                                                                                          77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ADVAPI32.dll!CreateServiceW                                                                                                                                        77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ADVAPI32.dll!CreateServiceA                                                                                                                                        77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] SHELL32.dll!ShellExecuteW                                                                                                                                          764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] SHELL32.dll!ShellExecuteExW                                                                                                                                        7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] SHELL32.dll!ShellExecuteEx                                                                                                                                         766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] SHELL32.dll!ShellExecuteA                                                                                                                                          766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ole32.dll!CoGetClassObject                                                                                                                                         7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\PLFSetI.exe[4340] ole32.dll!CoCreateInstanceEx                                                                                                                                       76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!LdrLoadDll                                                                                                                     77B69390 5 Bytes  JMP 00394550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!LdrUnloadDll                                                                                                                   77B7BA50 7 Bytes  JMP 003981E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!LdrGetProcedureAddress                                                                                                         77B85A88 5 Bytes  JMP 003919F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtAllocateVirtualMemory                                                                                                        77BA4134 5 Bytes  JMP 00391950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtClose                                                                                                                        77BA4314 5 Bytes  JMP 003982B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtCreateFile                                                                                                                   77BA43D4 5 Bytes  JMP 003918D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtCreateProcess                                                                                                                77BA4494 5 Bytes  JMP 00391890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtCreateProcessEx                                                                                                              77BA44A4 5 Bytes  JMP 003919B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtDeleteFile                                                                                                                   77BA47B4 5 Bytes  JMP 00391910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtFreeVirtualMemory                                                                                                            77BA4944 5 Bytes  JMP 00391A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtLoadDriver                                                                                                                   77BA4A64 5 Bytes  JMP 00391970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtOpenFile                                                                                                                     77BA4BB4 5 Bytes  JMP 003918F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtProtectVirtualMemory                                                                                                         77BA4D34 5 Bytes  JMP 00391930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtSetInformationProcess                                                                                                        77BA5324 5 Bytes  JMP 003919D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtUnloadDriver                                                                                                                 77BA5574 5 Bytes  JMP 00391990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtWriteVirtualMemory                                                                                                           77BA5674 5 Bytes  JMP 003918B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!NtCreateUserProcess                                                                                                            77BA5804 5 Bytes  JMP 00397040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ntdll.dll!RtlAllocateHeap                                                                                                                77BA6570 5 Bytes  JMP 00391A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!CreateProcessW                                                                                                              76221BF3 5 Bytes  JMP 00391A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!CreateProcessA                                                                                                              76221C28 5 Bytes  JMP 00391A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!VirtualProtect                                                                                                              76221DC3 5 Bytes  JMP 00391D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!OpenFile                                                                                                                    7622355A 5 Bytes  JMP 00391B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!MoveFileW                                                                                                                   7622A2F2 5 Bytes  JMP 00391C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!CopyFileExW                                                                                                                 76230211 7 Bytes  JMP 00391BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!CopyFileW                                                                                                                   76230299 5 Bytes  JMP 00391B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!DeleteFileW                                                                                                                 7623F4B6 5 Bytes  JMP 00391CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!DeleteFileA                                                                                                                 7623F5D2 5 Bytes  JMP 00391CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!MoveFileWithProgressW                                                                                                       762410A4 5 Bytes  JMP 00391C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!MoveFileExW                                                                                                                 762410C8 5 Bytes  JMP 00391C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!LoadLibraryExW                                                                                                              76249109 7 Bytes  JMP 00391AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!LoadLibraryW                                                                                                                76249362 5 Bytes  JMP 00391D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!LoadLibraryExA                                                                                                              762494B4 5 Bytes  JMP 00391AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!LoadLibraryA                                                                                                                762494DC 5 Bytes  JMP 00391D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!GetProcAddress                                                                                                              7626903B 5 Bytes  JMP 00391A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!GetModuleHandleA                                                                                                            762692A5 5 Bytes  JMP 00391CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!GetModuleHandleW                                                                                                            7626A804 5 Bytes  JMP 00391D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!CreateFileW                                                                                                                 7626AECB 5 Bytes  JMP 00391B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!CreateFileA                                                                                                                 7626CE5F 5 Bytes  JMP 00391B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!MoveFileExA                                                                                                                 76270F0A 5 Bytes  JMP 00391C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!MoveFileWithProgressA                                                                                                       76270F2A 5 Bytes  JMP 00391C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!CopyFileA                                                                                                                   76272433 5 Bytes  JMP 00391B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!MoveFileA                                                                                                                   762AF641 5 Bytes  JMP 00391BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!CopyFileExA                                                                                                                 762B19F9 5 Bytes  JMP 00391BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!WinExec                                                                                                                     762B5CF7 5 Bytes  JMP 00391D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] kernel32.dll!LoadModule                                                                                                                  762B5E4F 5 Bytes  JMP 00391AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] USER32.dll!EndTask                                                                                                                       7790AD32 5 Bytes  JMP 00397E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ADVAPI32.dll!OpenServiceA                                                                                                                77CF2EBD 7 Bytes  JMP 00391640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ADVAPI32.dll!OpenServiceW                                                                                                                77CF8354 7 Bytes  JMP 00391480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ADVAPI32.dll!CreateServiceW                                                                                                              77D19EB4 7 Bytes  JMP 00391250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ADVAPI32.dll!CreateServiceA                                                                                                              77D572A1 7 Bytes  JMP 00391000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] SHELL32.dll!ShellExecuteW                                                                                                                764F9725 5 Bytes  JMP 00391DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] SHELL32.dll!ShellExecuteExW                                                                                                              7654C135 5 Bytes  JMP 00391E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] SHELL32.dll!ShellExecuteEx                                                                                                               766F9FE2 5 Bytes  JMP 00391DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] SHELL32.dll!ShellExecuteA                                                                                                                766FA07D 5 Bytes  JMP 00391DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ole32.dll!CoGetClassObject                                                                                                               7633FABC 5 Bytes  JMP 00397D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[4364] ole32.dll!CoCreateInstanceEx                                                                                                             76359EE9 5 Bytes  JMP 00397BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!LdrLoadDll                                                                                                                                77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!LdrUnloadDll                                                                                                                              77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!LdrGetProcedureAddress                                                                                                                    77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtAllocateVirtualMemory                                                                                                                   77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtClose                                                                                                                                   77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtCreateFile                                                                                                                              77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtCreateProcess                                                                                                                           77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtCreateProcessEx                                                                                                                         77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtDeleteFile                                                                                                                              77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtFreeVirtualMemory                                                                                                                       77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtLoadDriver                                                                                                                              77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtOpenFile                                                                                                                                77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtProtectVirtualMemory                                                                                                                    77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtSetInformationProcess                                                                                                                   77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtUnloadDriver                                                                                                                            77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtWriteVirtualMemory                                                                                                                      77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!NtCreateUserProcess                                                                                                                       77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ntdll.dll!RtlAllocateHeap                                                                                                                           77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!CreateProcessW                                                                                                                         76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!CreateProcessA                                                                                                                         76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!VirtualProtect                                                                                                                         76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!OpenFile                                                                                                                               7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!MoveFileW                                                                                                                              7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!CopyFileExW                                                                                                                            76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!CopyFileW                                                                                                                              76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!DeleteFileW                                                                                                                            7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!DeleteFileA                                                                                                                            7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!MoveFileWithProgressW                                                                                                                  762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!MoveFileExW                                                                                                                            762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!LoadLibraryExW                                                                                                                         76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!LoadLibraryW                                                                                                                           76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!LoadLibraryExA                                                                                                                         762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!LoadLibraryA                                                                                                                           762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!GetProcAddress                                                                                                                         7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!GetModuleHandleA                                                                                                                       762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!GetModuleHandleW                                                                                                                       7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!CreateFileW                                                                                                                            7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!CreateFileA                                                                                                                            7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!MoveFileExA                                                                                                                            76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!MoveFileWithProgressA                                                                                                                  76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!CopyFileA                                                                                                                              76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!MoveFileA                                                                                                                              762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!CopyFileExA                                                                                                                            762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!WinExec                                                                                                                                762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] kernel32.dll!LoadModule                                                                                                                             762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ADVAPI32.dll!OpenServiceA                                                                                                                           77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ADVAPI32.dll!OpenServiceW                                                                                                                           77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ADVAPI32.dll!CreateServiceW                                                                                                                         77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ADVAPI32.dll!CreateServiceA                                                                                                                         77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ole32.dll!CoGetClassObject                                                                                                                          7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] ole32.dll!CoCreateInstanceEx                                                                                                                        76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\wbem\unsecapp.exe[4376] USER32.dll!EndTask                                                                                                                                  7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!LdrLoadDll                                                                                                                        77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!LdrUnloadDll                                                                                                                      77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!LdrGetProcedureAddress                                                                                                            77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtAllocateVirtualMemory                                                                                                           77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtClose                                                                                                                           77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtCreateFile                                                                                                                      77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtCreateProcess                                                                                                                   77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtCreateProcessEx                                                                                                                 77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtDeleteFile                                                                                                                      77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtFreeVirtualMemory                                                                                                               77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtLoadDriver                                                                                                                      77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtOpenFile                                                                                                                        77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtProtectVirtualMemory                                                                                                            77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtSetInformationProcess                                                                                                           77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtUnloadDriver                                                                                                                    77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtWriteVirtualMemory                                                                                                              77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!NtCreateUserProcess                                                                                                               77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ntdll.dll!RtlAllocateHeap                                                                                                                   77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!CreateProcessW                                                                                                                 76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!CreateProcessA                                                                                                                 76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!VirtualProtect                                                                                                                 76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!OpenFile                                                                                                                       7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!MoveFileW                                                                                                                      7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!CopyFileExW                                                                                                                    76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!CopyFileW                                                                                                                      76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!DeleteFileW                                                                                                                    7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!DeleteFileA                                                                                                                    7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!MoveFileWithProgressW                                                                                                          762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!MoveFileExW                                                                                                                    762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!LoadLibraryExW                                                                                                                 76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!LoadLibraryW                                                                                                                   76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!LoadLibraryExA                                                                                                                 762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!LoadLibraryA                                                                                                                   762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!GetProcAddress                                                                                                                 7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!GetModuleHandleA                                                                                                               762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!GetModuleHandleW                                                                                                               7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!CreateFileW                                                                                                                    7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!CreateFileA                                                                                                                    7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!MoveFileExA                                                                                                                    76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!MoveFileWithProgressA                                                                                                          76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!CopyFileA                                                                                                                      76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!MoveFileA                                                                                                                      762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!CopyFileExA                                                                                                                    762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!WinExec                                                                                                                        762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] kernel32.dll!LoadModule                                                                                                                     762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] USER32.dll!EndTask                                                                                                                          7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ADVAPI32.dll!OpenServiceA                                                                                                                   77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ADVAPI32.dll!OpenServiceW                                                                                                                   77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ADVAPI32.dll!CreateServiceW                                                                                                                 77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ADVAPI32.dll!CreateServiceA                                                                                                                 77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ole32.dll!CoGetClassObject                                                                                                                  7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] ole32.dll!CoCreateInstanceEx                                                                                                                76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] SHELL32.dll!ShellExecuteW                                                                                                                   764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] SHELL32.dll!ShellExecuteExW                                                                                                                 7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] SHELL32.dll!ShellExecuteEx                                                                                                                  766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4420] SHELL32.dll!ShellExecuteA                                                                                                                   766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!LdrLoadDll                                                                                                                          77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!LdrUnloadDll                                                                                                                        77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!LdrGetProcedureAddress                                                                                                              77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtAllocateVirtualMemory                                                                                                             77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtClose                                                                                                                             77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtCreateFile                                                                                                                        77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtCreateProcess                                                                                                                     77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtCreateProcessEx                                                                                                                   77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtDeleteFile                                                                                                                        77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtFreeVirtualMemory                                                                                                                 77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtLoadDriver                                                                                                                        77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtOpenFile                                                                                                                          77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtProtectVirtualMemory                                                                                                              77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtSetInformationProcess                                                                                                             77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtUnloadDriver                                                                                                                      77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtWriteVirtualMemory                                                                                                                77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!NtCreateUserProcess                                                                                                                 77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ntdll.dll!RtlAllocateHeap                                                                                                                     77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!CreateProcessW                                                                                                                   76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!CreateProcessA                                                                                                                   76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!VirtualProtect                                                                                                                   76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!OpenFile                                                                                                                         7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!MoveFileW                                                                                                                        7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!CopyFileExW                                                                                                                      76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!CopyFileW                                                                                                                        76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!DeleteFileW                                                                                                                      7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!DeleteFileA                                                                                                                      7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!MoveFileWithProgressW                                                                                                            762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!MoveFileExW                                                                                                                      762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!LoadLibraryExW                                                                                                                   76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!LoadLibraryW                                                                                                                     76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!LoadLibraryExA                                                                                                                   762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!LoadLibraryA                                                                                                                     762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!GetProcAddress                                                                                                                   7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!GetModuleHandleA                                                                                                                 762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!GetModuleHandleW                                                                                                                 7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!CreateFileW                                                                                                                      7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!CreateFileA                                                                                                                      7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!MoveFileExA                                                                                                                      76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!MoveFileWithProgressA                                                                                                            76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!CopyFileA                                                                                                                        76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!MoveFileA                                                                                                                        762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!CopyFileExA                                                                                                                      762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!WinExec                                                                                                                          762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] kernel32.dll!LoadModule                                                                                                                       762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] USER32.dll!EndTask                                                                                                                            7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ADVAPI32.dll!OpenServiceA                                                                                                                     77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ADVAPI32.dll!OpenServiceW                                                                                                                     77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ADVAPI32.dll!CreateServiceW                                                                                                                   77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ADVAPI32.dll!CreateServiceA                                                                                                                   77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] SHELL32.dll!ShellExecuteW                                                                                                                     764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] SHELL32.dll!ShellExecuteExW                                                                                                                   7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] SHELL32.dll!ShellExecuteEx                                                                                                                    766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] SHELL32.dll!ShellExecuteA                                                                                                                     766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ole32.dll!CoGetClassObject                                                                                                                    7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] ole32.dll!CoCreateInstanceEx                                                                                                                  76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] WININET.dll!InternetConnectA                                                                                                                  7744DEAE 5 Bytes  JMP 10001E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\VEngine\VEngine.exe[4456] WININET.dll!InternetConnectW                                                                                                                  7744F862 5 Bytes  JMP 10001E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!LdrLoadDll                                                                                                                           77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!LdrUnloadDll                                                                                                                         77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!LdrGetProcedureAddress                                                                                                               77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtAllocateVirtualMemory                                                                                                              77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtClose                                                                                                                              77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtCreateFile                                                                                                                         77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtCreateProcess                                                                                                                      77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtCreateProcessEx                                                                                                                    77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtDeleteFile                                                                                                                         77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtFreeVirtualMemory                                                                                                                  77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtLoadDriver                                                                                                                         77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtOpenFile                                                                                                                           77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtProtectVirtualMemory                                                                                                               77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtSetInformationProcess                                                                                                              77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtUnloadDriver                                                                                                                       77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtWriteVirtualMemory                                                                                                                 77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!NtCreateUserProcess                                                                                                                  77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ntdll.dll!RtlAllocateHeap                                                                                                                      77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!CreateProcessW                                                                                                                    76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!CreateProcessA                                                                                                                    76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!VirtualProtect                                                                                                                    76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!OpenFile                                                                                                                          7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!MoveFileW                                                                                                                         7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!CopyFileExW                                                                                                                       76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!CopyFileW                                                                                                                         76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!DeleteFileW                                                                                                                       7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!DeleteFileA                                                                                                                       7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!MoveFileWithProgressW                                                                                                             762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!MoveFileExW                                                                                                                       762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!LoadLibraryExW                                                                                                                    76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!LoadLibraryW                                                                                                                      76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!LoadLibraryExA                                                                                                                    762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!LoadLibraryA                                                                                                                      762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!GetProcAddress                                                                                                                    7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!GetModuleHandleA                                                                                                                  762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!GetModuleHandleW                                                                                                                  7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!CreateFileW                                                                                                                       7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!CreateFileA                                                                                                                       7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!MoveFileExA                                                                                                                       76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!MoveFileWithProgressA                                                                                                             76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!CopyFileA                                                                                                                         76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!MoveFileA                                                                                                                         762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!CopyFileExA                                                                                                                       762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!WinExec                                                                                                                           762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] kernel32.dll!LoadModule                                                                                                                        762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ADVAPI32.dll!OpenServiceA                                                                                                                      77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ADVAPI32.dll!OpenServiceW                                                                                                                      77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ADVAPI32.dll!CreateServiceW                                                                                                                    77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ADVAPI32.dll!CreateServiceA                                                                                                                    77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] USER32.dll!EndTask                                                                                                                             7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] WS2_32.dll!WSASocketW                                                                                                                          77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] WS2_32.dll!WSASocketA                                                                                                                          77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] SHELL32.dll!ShellExecuteW                                                                                                                      764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] SHELL32.dll!ShellExecuteExW                                                                                                                    7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] SHELL32.dll!ShellExecuteEx                                                                                                                     766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] SHELL32.dll!ShellExecuteA                                                                                                                      766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ole32.dll!CoGetClassObject                                                                                                                     7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] ole32.dll!CoCreateInstanceEx                                                                                                                   76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] wininet.dll!InternetConnectA                                                                                                                   7744DEAE 5 Bytes  JMP 10001E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\AntiLogger\AntiLogger.exe[4496] wininet.dll!InternetConnectW                                                                                                                   7744F862 5 Bytes  JMP 10001E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!LdrLoadDll                                                                                                                                     77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!LdrUnloadDll                                                                                                                                   77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!LdrGetProcedureAddress                                                                                                                         77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtAllocateVirtualMemory                                                                                                                        77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtClose                                                                                                                                        77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtCreateFile                                                                                                                                   77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtCreateProcess                                                                                                                                77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtCreateProcessEx                                                                                                                              77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtDeleteFile                                                                                                                                   77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtFreeVirtualMemory                                                                                                                            77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtLoadDriver                                                                                                                                   77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtOpenFile                                                                                                                                     77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtProtectVirtualMemory                                                                                                                         77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtSetInformationProcess                                                                                                                        77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtUnloadDriver                                                                                                                                 77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtWriteVirtualMemory                                                                                                                           77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!NtCreateUserProcess                                                                                                                            77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ntdll.dll!RtlAllocateHeap                                                                                                                                77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!CreateProcessW                                                                                                                              76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!CreateProcessA                                                                                                                              76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!VirtualProtect                                                                                                                              76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!OpenFile                                                                                                                                    7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!MoveFileW                                                                                                                                   7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!CopyFileExW                                                                                                                                 76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!CopyFileW                                                                                                                                   76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!DeleteFileW                                                                                                                                 7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!DeleteFileA                                                                                                                                 7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!MoveFileWithProgressW                                                                                                                       762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!MoveFileExW                                                                                                                                 762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!LoadLibraryExW                                                                                                                              76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!LoadLibraryW                                                                                                                                76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!LoadLibraryExA                                                                                                                              762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!LoadLibraryA                                                                                                                                762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!GetModuleHandleA                                                                                                                            762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!GetModuleHandleW                                                                                                                            7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!CreateFileW                                                                                                                                 7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!CreateFileA                                                                                                                                 7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!MoveFileExA                                                                                                                                 76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!MoveFileWithProgressA                                                                                                                       76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!CopyFileA                                                                                                                                   76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!MoveFileA                                                                                                                                   762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!CopyFileExA                                                                                                                                 762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!WinExec                                                                                                                                     762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] kernel32.dll!LoadModule                                                                                                                                  762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] USER32.dll!EndTask                                                                                                                                       7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ADVAPI32.dll!OpenServiceA                                                                                                                                77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ADVAPI32.dll!OpenServiceW                                                                                                                                77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ADVAPI32.dll!CreateServiceW                                                                                                                              77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ADVAPI32.dll!CreateServiceA                                                                                                                              77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] SHELL32.dll!ShellExecuteW                                                                                                                                764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] SHELL32.dll!ShellExecuteExW                                                                                                                              7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] SHELL32.dll!ShellExecuteEx                                                                                                                               766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] SHELL32.dll!ShellExecuteA                                                                                                                                766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ole32.dll!CoGetClassObject                                                                                                                               7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\System32\rundll32.exe[4512] ole32.dll!CoCreateInstanceEx                                                                                                                             76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!LdrLoadDll                                                                                                           77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!LdrUnloadDll                                                                                                         77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!LdrGetProcedureAddress                                                                                               77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtAllocateVirtualMemory                                                                                              77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtClose                                                                                                              77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtCreateFile                                                                                                         77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtCreateProcess                                                                                                      77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtCreateProcessEx                                                                                                    77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtDeleteFile                                                                                                         77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtFreeVirtualMemory                                                                                                  77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtLoadDriver                                                                                                         77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtOpenFile                                                                                                           77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtProtectVirtualMemory                                                                                               77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtSetInformationProcess                                                                                              77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtUnloadDriver                                                                                                       77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtWriteVirtualMemory                                                                                                 77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!NtCreateUserProcess                                                                                                  77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ntdll.dll!RtlAllocateHeap                                                                                                      77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!CreateProcessW                                                                                                    76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!CreateProcessA                                                                                                    76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!VirtualProtect                                                                                                    76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!OpenFile                                                                                                          7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!MoveFileW                                                                                                         7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!CopyFileExW                                                                                                       76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!CopyFileW                                                                                                         76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!DeleteFileW                                                                                                       7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!DeleteFileA                                                                                                       7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!MoveFileWithProgressW                                                                                             762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!MoveFileExW                                                                                                       762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!LoadLibraryExW                                                                                                    76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!LoadLibraryW                                                                                                      76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!LoadLibraryExA                                                                                                    762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!LoadLibraryA                                                                                                      762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!GetProcAddress                                                                                                    7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!GetModuleHandleA                                                                                                  762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!GetModuleHandleW                                                                                                  7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!CreateFileW                                                                                                       7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!CreateFileA                                                                                                       7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!MoveFileExA                                                                                                       76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!MoveFileWithProgressA                                                                                             76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!CopyFileA                                                                                                         76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!MoveFileA                                                                                                         762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!CopyFileExA                                                                                                       762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!WinExec                                                                                                           762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] kernel32.dll!LoadModule                                                                                                        762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ADVAPI32.dll!OpenServiceA                                                                                                      77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ADVAPI32.dll!OpenServiceW                                                                                                      77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ADVAPI32.dll!CreateServiceW                                                                                                    77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ADVAPI32.dll!CreateServiceA                                                                                                    77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] USER32.dll!EndTask                                                                                                             7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] WININET.dll!InternetConnectA                                                                                                   7744DEAE 5 Bytes  JMP 10001E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] WININET.dll!InternetConnectW                                                                                                   7744F862 5 Bytes  JMP 10001E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ole32.dll!CoGetClassObject                                                                                                     7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] ole32.dll!CoCreateInstanceEx                                                                                                   76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] SHELL32.dll!ShellExecuteW                                                                                                      764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] SHELL32.dll!ShellExecuteExW                                                                                                    7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] SHELL32.dll!ShellExecuteEx                                                                                                     766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[4520] SHELL32.dll!ShellExecuteA                                                                                                      766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!LdrLoadDll                                                                                                                         77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!LdrUnloadDll                                                                                                                       77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!LdrGetProcedureAddress                                                                                                             77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtAllocateVirtualMemory                                                                                                            77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtClose                                                                                                                            77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtCreateFile                                                                                                                       77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtCreateProcess                                                                                                                    77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtCreateProcessEx                                                                                                                  77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtDeleteFile                                                                                                                       77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtFreeVirtualMemory                                                                                                                77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtLoadDriver                                                                                                                       77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtOpenFile                                                                                                                         77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtProtectVirtualMemory                                                                                                             77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtSetInformationProcess                                                                                                            77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtUnloadDriver                                                                                                                     77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtWriteVirtualMemory                                                                                                               77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!NtCreateUserProcess                                                                                                                77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ntdll.dll!RtlAllocateHeap                                                                                                                    77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!CreateProcessW                                                                                                                  76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!CreateProcessA                                                                                                                  76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!VirtualProtect                                                                                                                  76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!OpenFile                                                                                                                        7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!MoveFileW                                                                                                                       7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!CopyFileExW                                                                                                                     76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!CopyFileW                                                                                                                       76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!DeleteFileW                                                                                                                     7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!DeleteFileA                                                                                                                     7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!MoveFileWithProgressW                                                                                                           762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!MoveFileExW                                                                                                                     762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!LoadLibraryExW                                                                                                                  76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!LoadLibraryW                                                                                                                    76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!LoadLibraryExA                                                                                                                  762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!LoadLibraryA                                                                                                                    762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!GetProcAddress                                                                                                                  7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!GetModuleHandleA                                                                                                                762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!GetModuleHandleW                                                                                                                7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!CreateFileW                                                                                                                     7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!CreateFileA                                                                                                                     7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!MoveFileExA                                                                                                                     76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!MoveFileWithProgressA                                                                                                           76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!CopyFileA                                                                                                                       76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!MoveFileA                                                                                                                       762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!CopyFileExA                                                                                                                     762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!WinExec                                                                                                                         762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] kernel32.dll!LoadModule                                                                                                                      762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ADVAPI32.dll!OpenServiceA                                                                                                                    77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ADVAPI32.dll!OpenServiceW                                                                                                                    77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ADVAPI32.dll!CreateServiceW                                                                                                                  77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ADVAPI32.dll!CreateServiceA                                                                                                                  77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] USER32.dll!EndTask                                                                                                                           7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ole32.dll!CoGetClassObject                                                                                                                   7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] ole32.dll!CoCreateInstanceEx                                                                                                                 76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] SHELL32.dll!ShellExecuteW                                                                                                                    764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] SHELL32.dll!ShellExecuteExW                                                                                                                  7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] SHELL32.dll!ShellExecuteEx                                                                                                                   766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] SHELL32.dll!ShellExecuteA                                                                                                                    766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] WS2_32.dll!WSASocketW                                                                                                                        77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] WS2_32.dll!WSASocketA                                                                                                                        77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] WININET.dll!InternetConnectA                                                                                                                 7744DEAE 5 Bytes  JMP 10001E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Sidebar\sidebar.exe[4552] WININET.dll!InternetConnectW                                                                                                                 7744F862 5 Bytes  JMP 10001E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!LdrLoadDll                                                                                                                  77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!LdrUnloadDll                                                                                                                77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!LdrGetProcedureAddress                                                                                                      77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtAllocateVirtualMemory                                                                                                     77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtClose                                                                                                                     77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtCreateFile                                                                                                                77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtCreateProcess                                                                                                             77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtCreateProcessEx                                                                                                           77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtDeleteFile                                                                                                                77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtFreeVirtualMemory                                                                                                         77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtLoadDriver                                                                                                                77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtOpenFile                                                                                                                  77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtProtectVirtualMemory                                                                                                      77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtSetInformationProcess                                                                                                     77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtUnloadDriver                                                                                                              77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtWriteVirtualMemory                                                                                                        77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!NtCreateUserProcess                                                                                                         77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!KiUserExceptionDispatcher                                                                                                   77BA5DC8 5 Bytes  JMP 100022D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ntdll.dll!RtlAllocateHeap                                                                                                             77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!CreateProcessW                                                                                                           76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!CreateProcessA                                                                                                           76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!VirtualProtect                                                                                                           76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!OpenFile                                                                                                                 7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!MoveFileW                                                                                                                7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!CopyFileExW                                                                                                              76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!CopyFileW                                                                                                                76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!DeleteFileW                                                                                                              7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!DeleteFileA                                                                                                              7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!MoveFileWithProgressW                                                                                                    762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!MoveFileExW                                                                                                              762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!LoadLibraryExW                                                                                                           76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!LoadLibraryW                                                                                                             76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!LoadLibraryExA                                                                                                           762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!LoadLibraryA                                                                                                             762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!GetProcAddress                                                                                                           7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!GetModuleHandleA                                                                                                         762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!GetModuleHandleW                                                                                                         7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!CreateFileW                                                                                                              7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!CreateFileA                                                                                                              7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!MoveFileExA                                                                                                              76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!MoveFileWithProgressA                                                                                                    76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!CopyFileA                                                                                                                76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!MoveFileA                                                                                                                762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!CopyFileExA                                                                                                              762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!WinExec                                                                                                                  762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] kernel32.dll!LoadModule                                                                                                               762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ADVAPI32.dll!OpenServiceA                                                                                                             77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ADVAPI32.dll!OpenServiceW                                                                                                             77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ADVAPI32.dll!CreateServiceW                                                                                                           77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ADVAPI32.dll!CreateServiceA                                                                                                           77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] USER32.dll!EndTask                                                                                                                    7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] WS2_32.dll!WSASocketW                                                                                                                 77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] WS2_32.dll!WSASocketA                                                                                                                 77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] SHELL32.dll!ShellExecuteW                                                                                                             764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] SHELL32.dll!ShellExecuteExW                                                                                                           7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] SHELL32.dll!ShellExecuteEx                                                                                                            766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] SHELL32.dll!ShellExecuteA                                                                                                             766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ole32.dll!CoGetClassObject                                                                                                            7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] ole32.dll!CoCreateInstanceEx                                                                                                          76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] WININET.dll!InternetConnectA                                                                                                          7744DEAE 5 Bytes  JMP 10001E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4564] WININET.dll!InternetConnectW                                                                                                          7744F862 5 Bytes  JMP 10001E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!LdrLoadDll                                                                                                                                          77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!LdrUnloadDll                                                                                                                                        77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!LdrGetProcedureAddress                                                                                                                              77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtAllocateVirtualMemory                                                                                                                             77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtClose                                                                                                                                             77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtCreateFile                                                                                                                                        77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtCreateProcess                                                                                                                                     77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtCreateProcessEx                                                                                                                                   77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtDeleteFile                                                                                                                                        77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtFreeVirtualMemory                                                                                                                                 77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtLoadDriver                                                                                                                                        77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtOpenFile                                                                                                                                          77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtProtectVirtualMemory                                                                                                                              77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtSetInformationProcess                                                                                                                             77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtUnloadDriver                                                                                                                                      77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtWriteVirtualMemory                                                                                                                                77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!NtCreateUserProcess                                                                                                                                 77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ntdll.dll!RtlAllocateHeap                                                                                                                                     77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!CreateProcessW                                                                                                                                   76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!CreateProcessA                                                                                                                                   76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!VirtualProtect                                                                                                                                   76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!OpenFile                                                                                                                                         7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!MoveFileW                                                                                                                                        7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!CopyFileExW                                                                                                                                      76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!CopyFileW                                                                                                                                        76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!DeleteFileW                                                                                                                                      7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!DeleteFileA                                                                                                                                      7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!MoveFileWithProgressW                                                                                                                            762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!MoveFileExW                                                                                                                                      762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!LoadLibraryExW                                                                                                                                   76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!LoadLibraryW                                                                                                                                     76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!LoadLibraryExA                                                                                                                                   762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!LoadLibraryA                                                                                                                                     762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!GetProcAddress                                                                                                                                   7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!GetModuleHandleA                                                                                                                                 762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!GetModuleHandleW                                                                                                                                 7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!CreateFileW                                                                                                                                      7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!CreateFileA                                                                                                                                      7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!MoveFileExA                                                                                                                                      76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!MoveFileWithProgressA                                                                                                                            76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!CopyFileA                                                                                                                                        76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!MoveFileA                                                                                                                                        762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!CopyFileExA                                                                                                                                      762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!WinExec                                                                                                                                          762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] kernel32.dll!LoadModule                                                                                                                                       762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ADVAPI32.dll!OpenServiceA                                                                                                                                     77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ADVAPI32.dll!OpenServiceW                                                                                                                                     77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ADVAPI32.dll!CreateServiceW                                                                                                                                   77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ADVAPI32.dll!CreateServiceA                                                                                                                                   77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] USER32.dll!EndTask                                                                                                                                            7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] SHELL32.dll!ShellExecuteW                                                                                                                                     764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] SHELL32.dll!ShellExecuteExW                                                                                                                                   7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] SHELL32.dll!ShellExecuteEx                                                                                                                                    766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] SHELL32.dll!ShellExecuteA                                                                                                                                     766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ole32.dll!CoGetClassObject                                                                                                                                    7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehtray.exe[4596] ole32.dll!CoCreateInstanceEx                                                                                                                                  76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!LdrLoadDll                                                                                                                   77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!LdrUnloadDll                                                                                                                 77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!LdrGetProcedureAddress                                                                                                       77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtAllocateVirtualMemory                                                                                                      77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtClose                                                                                                                      77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtCreateFile                                                                                                                 77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtCreateProcess                                                                                                              77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtCreateProcessEx                                                                                                            77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtDeleteFile                                                                                                                 77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtFreeVirtualMemory                                                                                                          77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtLoadDriver                                                                                                                 77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtOpenFile                                                                                                                   77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtProtectVirtualMemory                                                                                                       77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtSetInformationProcess                                                                                                      77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtUnloadDriver                                                                                                               77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtWriteVirtualMemory                                                                                                         77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!NtCreateUserProcess                                                                                                          77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ntdll.dll!RtlAllocateHeap                                                                                                              77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!CreateProcessW                                                                                                            76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!CreateProcessA                                                                                                            76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!VirtualProtect                                                                                                            76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!OpenFile                                                                                                                  7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!MoveFileW                                                                                                                 7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!CopyFileExW                                                                                                               76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!CopyFileW                                                                                                                 76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!DeleteFileW                                                                                                               7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!DeleteFileA                                                                                                               7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!MoveFileWithProgressW                                                                                                     762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!MoveFileExW                                                                                                               762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!LoadLibraryExW                                                                                                            76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!LoadLibraryW                                                                                                              76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!LoadLibraryExA                                                                                                            762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!LoadLibraryA                                                                                                              762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!GetProcAddress                                                                                                            7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!GetModuleHandleA                                                                                                          762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!GetModuleHandleW                                                                                                          7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!CreateFileW                                                                                                               7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!CreateFileA                                                                                                               7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!MoveFileExA                                                                                                               76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!MoveFileWithProgressA                                                                                                     76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!CopyFileA                                                                                                                 76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!MoveFileA                                                                                                                 762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!CopyFileExA                                                                                                               762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!WinExec                                                                                                                   762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] kernel32.dll!LoadModule                                                                                                                762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ADVAPI32.dll!OpenServiceA                                                                                                              77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ADVAPI32.dll!OpenServiceW                                                                                                              77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ADVAPI32.dll!CreateServiceW                                                                                                            77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ADVAPI32.dll!CreateServiceA                                                                                                            77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] USER32.dll!EndTask                                                                                                                     7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ole32.dll!CoGetClassObject                                                                                                             7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[4612] ole32.dll!CoCreateInstanceEx                                                                                                           76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!LdrLoadDll                                                                                                                                          77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!LdrUnloadDll                                                                                                                                        77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!LdrGetProcedureAddress                                                                                                                              77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtAllocateVirtualMemory                                                                                                                             77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtClose                                                                                                                                             77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtCreateFile                                                                                                                                        77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtCreateProcess                                                                                                                                     77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtCreateProcessEx                                                                                                                                   77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtDeleteFile                                                                                                                                        77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtFreeVirtualMemory                                                                                                                                 77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtLoadDriver                                                                                                                                        77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtOpenFile                                                                                                                                          77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtProtectVirtualMemory                                                                                                                              77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtSetInformationProcess                                                                                                                             77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtUnloadDriver                                                                                                                                      77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtWriteVirtualMemory                                                                                                                                77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!NtCreateUserProcess                                                                                                                                 77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ntdll.dll!RtlAllocateHeap                                                                                                                                     77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!CreateProcessW                                                                                                                                   76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!CreateProcessA                                                                                                                                   76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!VirtualProtect                                                                                                                                   76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!OpenFile                                                                                                                                         7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!MoveFileW                                                                                                                                        7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!CopyFileExW                                                                                                                                      76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!CopyFileW                                                                                                                                        76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!DeleteFileW                                                                                                                                      7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!DeleteFileA                                                                                                                                      7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!MoveFileWithProgressW                                                                                                                            762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!MoveFileExW                                                                                                                                      762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!LoadLibraryExW                                                                                                                                   76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!LoadLibraryW                                                                                                                                     76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!LoadLibraryExA                                                                                                                                   762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!LoadLibraryA                                                                                                                                     762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!GetProcAddress                                                                                                                                   7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!GetModuleHandleA                                                                                                                                 762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!GetModuleHandleW                                                                                                                                 7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!CreateFileW                                                                                                                                      7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!CreateFileA                                                                                                                                      7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!MoveFileExA                                                                                                                                      76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!MoveFileWithProgressA                                                                                                                            76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!CopyFileA                                                                                                                                        76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!MoveFileA                                                                                                                                        762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!CopyFileExA                                                                                                                                      762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!WinExec                                                                                                                                          762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] kernel32.dll!LoadModule                                                                                                                                       762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ADVAPI32.dll!OpenServiceA                                                                                                                                     77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ADVAPI32.dll!OpenServiceW                                                                                                                                     77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ADVAPI32.dll!CreateServiceW                                                                                                                                   77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ADVAPI32.dll!CreateServiceA                                                                                                                                   77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] USER32.dll!EndTask                                                                                                                                            7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ole32.dll!CoGetClassObject                                                                                                                                    7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\ehome\ehmsas.exe[4688] ole32.dll!CoCreateInstanceEx                                                                                                                                  76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!LdrLoadDll                                                                                                                   77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!LdrUnloadDll                                                                                                                 77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!LdrGetProcedureAddress                                                                                                       77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtAllocateVirtualMemory                                                                                                      77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtClose                                                                                                                      77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtCreateFile                                                                                                                 77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtCreateProcess                                                                                                              77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtCreateProcessEx                                                                                                            77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtDeleteFile                                                                                                                 77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtFreeVirtualMemory                                                                                                          77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtLoadDriver                                                                                                                 77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtOpenFile                                                                                                                   77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtProtectVirtualMemory                                                                                                       77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtSetInformationProcess                                                                                                      77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtUnloadDriver                                                                                                               77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtWriteVirtualMemory                                                                                                         77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!NtCreateUserProcess                                                                                                          77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ntdll.dll!RtlAllocateHeap                                                                                                              77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!CreateProcessW                                                                                                            76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!CreateProcessA                                                                                                            76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!VirtualProtect                                                                                                            76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!OpenFile                                                                                                                  7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!MoveFileW                                                                                                                 7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!CopyFileExW                                                                                                               76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!CopyFileW                                                                                                                 76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!DeleteFileW                                                                                                               7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!DeleteFileA                                                                                                               7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!MoveFileWithProgressW                                                                                                     762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!MoveFileExW                                                                                                               762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!LoadLibraryExW                                                                                                            76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!LoadLibraryW                                                                                                              76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!LoadLibraryExA                                                                                                            762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!LoadLibraryA                                                                                                              762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!GetProcAddress                                                                                                            7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!GetModuleHandleA                                                                                                          762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!GetModuleHandleW                                                                                                          7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!CreateFileW                                                                                                               7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!CreateFileA                                                                                                               7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!MoveFileExA                                                                                                               76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!MoveFileWithProgressA                                                                                                     76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!CopyFileA                                                                                                                 76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!MoveFileA                                                                                                                 762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!CopyFileExA                                                                                                               762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!WinExec                                                                                                                   762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] kernel32.dll!LoadModule                                                                                                                762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ADVAPI32.dll!OpenServiceA                                                                                                              77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ADVAPI32.dll!OpenServiceW                                                                                                              77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ADVAPI32.dll!CreateServiceW                                                                                                            77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ADVAPI32.dll!CreateServiceA                                                                                                            77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] USER32.dll!EndTask                                                                                                                     7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ole32.dll!CoGetClassObject                                                                                                             7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] ole32.dll!CoCreateInstanceEx                                                                                                           76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] WS2_32.dll!WSASocketW                                                                                                                  77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Windows Media Player\wmpnetwk.exe[4764] WS2_32.dll!WSASocketA                                                                                                                  77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!LdrLoadDll                                                                                                          77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!LdrUnloadDll                                                                                                        77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!LdrGetProcedureAddress                                                                                              77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtAllocateVirtualMemory                                                                                             77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtClose                                                                                                             77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtCreateFile                                                                                                        77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtCreateProcess                                                                                                     77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtCreateProcessEx                                                                                                   77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtDeleteFile                                                                                                        77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtFreeVirtualMemory                                                                                                 77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtLoadDriver                                                                                                        77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtOpenFile                                                                                                          77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtProtectVirtualMemory                                                                                              77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtSetInformationProcess                                                                                             77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtUnloadDriver                                                                                                      77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtWriteVirtualMemory                                                                                                77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!NtCreateUserProcess                                                                                                 77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ntdll.dll!RtlAllocateHeap                                                                                                     77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!CreateProcessW                                                                                                   76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!CreateProcessA                                                                                                   76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!VirtualProtect                                                                                                   76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!OpenFile                                                                                                         7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!MoveFileW                                                                                                        7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!CopyFileExW                                                                                                      76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!CopyFileW                                                                                                        76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!DeleteFileW                                                                                                      7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!DeleteFileA                                                                                                      7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!MoveFileWithProgressW                                                                                            762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!MoveFileExW                                                                                                      762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!LoadLibraryExW                                                                                                   76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!LoadLibraryW                                                                                                     76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!LoadLibraryExA                                                                                                   762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!LoadLibraryA                                                                                                     762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!GetProcAddress                                                                                                   7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!GetModuleHandleA                                                                                                 762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!GetModuleHandleW                                                                                                 7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!CreateFileW                                                                                                      7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!CreateFileA                                                                                                      7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!MoveFileExA                                                                                                      76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!MoveFileWithProgressA                                                                                            76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!CopyFileA                                                                                                        76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!MoveFileA                                                                                                        762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!CopyFileExA                                                                                                      762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!WinExec                                                                                                          762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] kernel32.dll!LoadModule                                                                                                       762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ADVAPI32.dll!OpenServiceA                                                                                                     77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ADVAPI32.dll!OpenServiceW                                                                                                     77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ADVAPI32.dll!CreateServiceW                                                                                                   77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ADVAPI32.dll!CreateServiceA                                                                                                   77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] USER32.dll!EndTask                                                                                                            7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] SHELL32.dll!ShellExecuteW                                                                                                     764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] SHELL32.dll!ShellExecuteExW                                                                                                   7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] SHELL32.dll!ShellExecuteEx                                                                                                    766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] SHELL32.dll!ShellExecuteA                                                                                                     766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] WS2_32.dll!WSASocketW                                                                                                         77C834EB 7 Bytes  JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] WS2_32.dll!WSASocketA                                                                                                         77C88FA9 5 Bytes  JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ole32.dll!CoGetClassObject                                                                                                    7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6528] ole32.dll!CoCreateInstanceEx                                                                                                  76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!LdrLoadDll                                                                                                                                     77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!LdrUnloadDll                                                                                                                                   77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!LdrGetProcedureAddress                                                                                                                         77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtAllocateVirtualMemory                                                                                                                        77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtClose                                                                                                                                        77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtCreateFile                                                                                                                                   77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtCreateProcess                                                                                                                                77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtCreateProcessEx                                                                                                                              77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtDeleteFile                                                                                                                                   77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtFreeVirtualMemory                                                                                                                            77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtLoadDriver                                                                                                                                   77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtOpenFile                                                                                                                                     77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtProtectVirtualMemory                                                                                                                         77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtSetInformationProcess                                                                                                                        77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtUnloadDriver                                                                                                                                 77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtWriteVirtualMemory                                                                                                                           77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!NtCreateUserProcess                                                                                                                            77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ntdll.dll!RtlAllocateHeap                                                                                                                                77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!CreateProcessW                                                                                                                              76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!CreateProcessA                                                                                                                              76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!VirtualProtect                                                                                                                              76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!OpenFile                                                                                                                                    7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!MoveFileW                                                                                                                                   7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!CopyFileExW                                                                                                                                 76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!CopyFileW                                                                                                                                   76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!DeleteFileW                                                                                                                                 7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!DeleteFileA                                                                                                                                 7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!MoveFileWithProgressW                                                                                                                       762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!MoveFileExW                                                                                                                                 762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!LoadLibraryExW                                                                                                                              76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!LoadLibraryW                                                                                                                                76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!LoadLibraryExA                                                                                                                              762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!LoadLibraryA                                                                                                                                762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!GetProcAddress                                                                                                                              7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!GetModuleHandleA                                                                                                                            762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!GetModuleHandleW                                                                                                                            7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!CreateFileW                                                                                                                                 7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!CreateFileA                                                                                                                                 7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!MoveFileExA                                                                                                                                 76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!MoveFileWithProgressA                                                                                                                       76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!CopyFileA                                                                                                                                   76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!MoveFileA                                                                                                                                   762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!CopyFileExA                                                                                                                                 762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!WinExec                                                                                                                                     762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] kernel32.dll!LoadModule                                                                                                                                  762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ADVAPI32.dll!OpenServiceA                                                                                                                                77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ADVAPI32.dll!OpenServiceW                                                                                                                                77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ADVAPI32.dll!CreateServiceW                                                                                                                              77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ADVAPI32.dll!CreateServiceA                                                                                                                              77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] USER32.dll!EndTask                                                                                                                                       7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] SHELL32.dll!ShellExecuteW                                                                                                                                764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] SHELL32.dll!ShellExecuteExW                                                                                                                              7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] SHELL32.dll!ShellExecuteEx                                                                                                                               766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] SHELL32.dll!ShellExecuteA                                                                                                                                766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ole32.dll!CoGetClassObject                                                                                                                               7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Windows\system32\NOTEPAD.EXE[17192] ole32.dll!CoCreateInstanceEx                                                                                                                             76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           C:\Program Files\Comodo\COMODO Internet Security\cfp.exe[83164] ntdll.dll!NtAllocateVirtualMemory                                                                                               77BA4134 5 Bytes  JMP 0050E060 C:\Program Files\Comodo\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!LdrLoadDll                 77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!LdrUnloadDll               77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!LdrGetProcedureAddress     77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtAllocateVirtualMemory    77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtClose                    77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtCreateFile               77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtCreateProcess            77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtCreateProcessEx          77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtDeleteFile               77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtFreeVirtualMemory        77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtLoadDriver               77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtOpenFile                 77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtProtectVirtualMemory     77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtSetInformationProcess    77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtUnloadDriver             77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtWriteVirtualMemory       77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!NtCreateUserProcess        77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ntdll.dll!RtlAllocateHeap            77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!CreateProcessW          76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!CreateProcessA          76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!VirtualProtect          76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!OpenFile                7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!MoveFileW               7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!CopyFileExW             76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!CopyFileW               76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!DeleteFileW             7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!DeleteFileA             7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!MoveFileWithProgressW   762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!MoveFileExW             762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!LoadLibraryExW          76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!LoadLibraryW            76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!LoadLibraryExA          762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!LoadLibraryA            762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!GetProcAddress          7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!GetModuleHandleA        762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!GetModuleHandleW        7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!CreateFileW             7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!CreateFileA             7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!MoveFileExA             76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!MoveFileWithProgressA   76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!CopyFileA               76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!MoveFileA               762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!CopyFileExA             762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!WinExec                 762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] kernel32.dll!LoadModule              762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ADVAPI32.dll!OpenServiceA            77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ADVAPI32.dll!OpenServiceW            77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ADVAPI32.dll!CreateServiceW          77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ADVAPI32.dll!CreateServiceA          77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] USER32.dll!EndTask                   7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] SHELL32.dll!ShellExecuteW            764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] SHELL32.dll!ShellExecuteExW          7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] SHELL32.dll!ShellExecuteEx           766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] SHELL32.dll!ShellExecuteA            766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ole32.dll!CoGetClassObject           7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] ole32.dll!CoCreateInstanceEx         76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] WININET.dll!InternetConnectA         7744DEAE 5 Bytes  JMP 10001E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\aswar(2).exe[85136] WININET.dll!InternetConnectW         7744F862 5 Bytes  JMP 10001E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!LdrLoadDll                77B69390 5 Bytes  JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!LdrUnloadDll              77B7BA50 7 Bytes  JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!LdrGetProcedureAddress    77B85A88 5 Bytes  JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtAllocateVirtualMemory   77BA4134 5 Bytes  JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtClose                   77BA4314 5 Bytes  JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtCreateFile              77BA43D4 5 Bytes  JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtCreateProcess           77BA4494 5 Bytes  JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtCreateProcessEx         77BA44A4 5 Bytes  JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtDeleteFile              77BA47B4 5 Bytes  JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtFreeVirtualMemory       77BA4944 5 Bytes  JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtLoadDriver              77BA4A64 5 Bytes  JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtOpenFile                77BA4BB4 5 Bytes  JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtProtectVirtualMemory    77BA4D34 5 Bytes  JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtSetInformationProcess   77BA5324 5 Bytes  JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtUnloadDriver            77BA5574 5 Bytes  JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtWriteVirtualMemory      77BA5674 5 Bytes  JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!NtCreateUserProcess       77BA5804 5 Bytes  JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ntdll.dll!RtlAllocateHeap           77BA6570 5 Bytes  JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!CreateProcessW         76221BF3 5 Bytes  JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!CreateProcessA         76221C28 5 Bytes  JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!VirtualProtect         76221DC3 5 Bytes  JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!OpenFile               7622355A 5 Bytes  JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!MoveFileW              7622A2F2 5 Bytes  JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!CopyFileExW            76230211 7 Bytes  JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!CopyFileW              76230299 5 Bytes  JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!DeleteFileW            7623F4B6 5 Bytes  JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!DeleteFileA            7623F5D2 5 Bytes  JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!MoveFileWithProgressW  762410A4 5 Bytes  JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!MoveFileExW            762410C8 5 Bytes  JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!LoadLibraryExW         76249109 7 Bytes  JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!LoadLibraryW           76249362 5 Bytes  JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!LoadLibraryExA         762494B4 5 Bytes  JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!LoadLibraryA           762494DC 5 Bytes  JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!GetProcAddress         7626903B 5 Bytes  JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!GetModuleHandleA       762692A5 5 Bytes  JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!GetModuleHandleW       7626A804 5 Bytes  JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!CreateFileW            7626AECB 5 Bytes  JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!CreateFileA            7626CE5F 5 Bytes  JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!MoveFileExA            76270F0A 5 Bytes  JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!MoveFileWithProgressA  76270F2A 5 Bytes  JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!CopyFileA              76272433 5 Bytes  JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!MoveFileA              762AF641 5 Bytes  JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!CopyFileExA            762B19F9 5 Bytes  JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!WinExec                762B5CF7 5 Bytes  JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] kernel32.dll!LoadModule             762B5E4F 5 Bytes  JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ADVAPI32.dll!OpenServiceA           77CF2EBD 7 Bytes  JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ADVAPI32.dll!OpenServiceW           77CF8354 7 Bytes  JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ADVAPI32.dll!CreateServiceW         77D19EB4 7 Bytes  JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ADVAPI32.dll!CreateServiceA         77D572A1 7 Bytes  JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] USER32.dll!EndTask                  7790AD32 5 Bytes  JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] shell32.dll!ShellExecuteW           764F9725 5 Bytes  JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] shell32.dll!ShellExecuteExW         7654C135 5 Bytes  JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] shell32.dll!ShellExecuteEx          766F9FE2 5 Bytes  JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] shell32.dll!ShellExecuteA           766FA07D 5 Bytes  JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ole32.dll!CoGetClassObject          7633FABC 5 Bytes  JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text           D:\cartella ivan personale\IVAN'S FILE\Software & Driver 2009\Kit Utility Force\AntiMalware software\Emergency Tools\small urgenty kit\3zc9qcqt.exe[102048] ole32.dll!CoCreateInstanceEx        76359EE9 5 Bytes  JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown]                                                                                                           [74B97817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage]                                                                                                            [74BEA86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI]                                                                                                        [74B9BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode]                                                                                                  [74B8F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup]                                                                                                            [74B975E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC]                                                                                                         [74B8E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM]                                                                                             [74BC8395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream]                                                                                                [74B9DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight]                                                                                                        [74B8FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth]                                                                                                         [74B8FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage]                                                                                                          [74B871CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM]                                                                                                  [74C1CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile]                                                                                                     [74BBC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics]                                                                                                        [74B8D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree]                                                                                                                  [74B86853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc]                                                                                                                 [74B8687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode]                                                                                                    [74B92AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread]                                                                                                     [00482300] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread]                                                                                         [00481B30] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress]                                                                                                   [00482690] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT             C:\Windows\Explorer.EXE[2028] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA]                                                                                                     [00481290] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress]                                                                                [00443D90] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA]                                                                                  [00443C00] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW]                                                                                  [00443C40] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA]                                                                              [00443D00] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateThread]                                                                                  [00443730] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]                                                                              [00443D90] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA]                                                                                [00443C00] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA]                                                                            [00443D00] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW]                                                                              [00443CC0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread]                                                                                [00443730] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW]                                                                                [00443C40] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress]                                                                                [00443D90] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA]                                                                                  [00443C00] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW]                                                                                  [00443C40] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateThread]                                                                                  [00443730] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW]                                                                                 [00443C40] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread]                                                                                 [00443730] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA]                                                                             [00443D00] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW]                                                                               [00443CC0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA]                                                                                 [00443C00] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]                                                                               [00443D90] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [GDI32.dll!DeleteObject]                                                                                    [00442EB0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!GetSysColor]                                                                                    [00442E60] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!RegisterClassW]                                                                                 [00443880] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!RegisterClassA]                                                                                 [004437C0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW]                                                                                 [00443320] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA]                                                                                 [00443290] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW]                                                                               [00443CC0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateThread]                                                                                 [00443730] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress]                                                                               [00443D90] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW]                                                                                 [00443C40] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA]                                                                                 [00443C00] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!DeleteObject]                                                                                    [00442EB0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!AdjustWindowRectEx]                                                                             [00443A20] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!CallWindowProcW]                                                                                [00443150] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetScrollInfo]                                                                                  [004430E0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!SystemParametersInfoW]                                                                          [00443940] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DrawEdge]                                                                                       [00443B80] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DrawFrameControl]                                                                               [00443BA0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetSysColorBrush]                                                                               [00442EF0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetSysColor]                                                                                    [00442E60] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!RegisterClassW]                                                                                 [00443880] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!FillRect]                                                                                       [00443B30] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DefWindowProcW]                                                                                 [00443320] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\SHELL32.dll [USER32.dll!SetScrollInfo]                                                                                  [00442FD0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [GDI32.dll!DeleteObject]                                                                                      [00442EB0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateThread]                                                                                   [00443730] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW]                                                                                 [00443CC0] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW]                                                                                   [00443C40] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA]                                                                                   [00443C00] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress]                                                                                 [00443D90] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [USER32.dll!SystemParametersInfoW]                                                                            [00443940] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [USER32.dll!GetSysColor]                                                                                      [00442E60] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [USER32.dll!CallWindowProcW]                                                                                  [00443150] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [USER32.dll!RegisterClassW]                                                                                   [00443880] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)
IAT             C:\Program Files\Comodo\VEngine\VEngine.exe[4456] @ C:\Windows\system32\ole32.dll [USER32.dll!DefWindowProcW]                                                                                   [00443320] C:\Program Files\Comodo\VEngine\VEngine.exe (Verification Engine/Comodo CA Ltd.)

---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                                                                                                                         Wdf01000.sys (WDF dinamico/Microsoft Corporation)
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                                                                                                                         Wdf01000.sys (WDF dinamico/Microsoft Corporation)
AttachedDevice  \Driver\tdx \Device\Tcp                                                                                                                                                                         cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice  \Driver\tdx \Device\Udp                                                                                                                                                                         cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice  \Driver\tdx \Device\RawIp                                                                                                                                                                       cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)

---- Processes - GMER 1.0.15 ----

Process         hidden process (*** hidden *** )                                                                                                                                                                4908                                                                                                                                                                 
Process         hidden process (*** hidden *** )                                                                                                                                                                4948                                                                                                                                                                 
Process         hidden process (*** hidden *** )                                                                                                                                                                17628                                                                                                                                                                
Process         hidden process (*** hidden *** )                                                                                                                                                                19600                                                                                                                                                                
Process         wmpnscfg.exe (*** hidden *** )                                                                                                                                                                  26248                                                                                                                                                                
Process         hidden process (*** hidden *** )                                                                                                                                                                36456                                                                                                                                                                
Process         hidden process (*** hidden *** )                                                                                                                                                                36484                                                                                                                                                                
Process         hidden process (*** hidden *** )                                                                                                                                                                36512                                                                                                                                                                

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch                                                                                                                                 78733

---- EOF - GMER 1.0.15 ----
ivant87 è offline   Rispondi citando il messaggio o parte di esso
Old 01-05-2010, 09:58   #309
lalloghin
Junior Member
 
Iscritto dal: May 2010
Messaggi: 15
boot frblsf
Ciao a tutti. Ho questo problema:
Ieri il PC si blocca ed in ripartenza appare la finestra CHIPAWAYVIRUS con quello che ne segue.
Cerco su Google 'chipaway...', e intanto faccio girare Gmer, c'è un hidden service in rosso segnalato come Rootkit:

Service (*** hidden *** ) [BOOT] frblsf <-- ROOTKIT !!!

faccio la scansione completa e sulla prima videata di gmer resta solo questa voce\linea rossa e, al momento del tentativo di delete (GIUSTAMENTE CREDO), gmer mi dice che potrei mandare a rotoli l'intero sistema in quanto boot.

Intanto applico MBr.exe (che trova un rootkit) e poi mbr.exe -f che mi segnala che il rootkit è stato eliminato con successo.

Riavvio il sistema, e CHIPAWAY.... è scomparso, rilancio quindi gmer... ma il 'rootkit' frblsf è ancora lì.....
Cerco su Google ma nulla corrisponde alla sigla frblsf

Il breve Log iniziale (non quello totale) lo allego.

Come mi devo comportare per non rischiare di schiantare il sistema?
Allegati
File Type: txt gmer.txt (1.3 KB, 2 visite)
lalloghin è offline   Rispondi citando il messaggio o parte di esso
Old 01-05-2010, 19:53   #310
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da lalloghin Guarda i messaggi
Ciao a tutti. Ho questo problema:
Ieri il PC si blocca ed in ripartenza appare la finestra CHIPAWAYVIRUS con quello che ne segue.
Cerco su Google 'chipaway...', e intanto faccio girare Gmer, c'è un hidden service in rosso segnalato come Rootkit:

Service (*** hidden *** ) [BOOT] frblsf <-- ROOTKIT !!!

faccio la scansione completa e sulla prima videata di gmer resta solo questa voce\linea rossa e, al momento del tentativo di delete (GIUSTAMENTE CREDO), gmer mi dice che potrei mandare a rotoli l'intero sistema in quanto boot.

Intanto applico MBr.exe (che trova un rootkit) e poi mbr.exe -f che mi segnala che il rootkit è stato eliminato con successo.

Riavvio il sistema, e CHIPAWAY.... è scomparso, rilancio quindi gmer... ma il 'rootkit' frblsf è ancora lì.....
Cerco su Google ma nulla corrisponde alla sigla frblsf

Il breve Log iniziale (non quello totale) lo allego.

Come mi devo comportare per non rischiare di schiantare il sistema?
Ciao, segui esattamente quanto indicato in questa Guida http://www.hwupgrade.it/forum/showthread.php?t=1715546 solo dopo aver fatto girare questo tool:

http://support.kaspersky.com/downloa...tdsskiller.zip scompatta l'archivio ed esegui TDSSKiller.exe al termine allega il log, che trovi in C:\TDSSKiller..................log.txt

I log per il controllo andranno allegati secondo le modalità, dove appena indicato.
__________________
Try again and you will be luckier.
Ultima modifica di Chill-Out : 01-05-2010 alle 20:19.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 18-05-2010, 10:00   #311
xcdegasp
Moderatore
 
L'Avatar di xcdegasp
 
Iscritto dal: Nov 2001
Città: Fidenza(pr) da Trento
Messaggi: 27465
Quote:
Originariamente inviato da c.m.g Guarda i messaggi
salve ragazzi,
ho pensato di aprire un tread ufficiale per l'analisi dei log di gmer e per parlare di tutto quello che riguarda questo software antirootkit.
ci sono un sacco di tread dispersivi ma con questo si aiuterà più velocemente chi cerca info a riguardo.
questo software serve per scovare eventuali rootkit malevoli nonchè anche gli ADS (alternate data stream) nei vostri pc.


NOTA BENE:

non mi assumo nessuna responsabilità su danni hardware e/o software e dati che possono avvenire per l'uso di questo software. alcune funzioni di questo programma possono produrre effetti di crash di sistema specie se il servizio terminato riguarda il sistema operativo che state utilizzando. usate tale software a vostro rischio e pericolo. questo tread ha il solo scopo informativo e non mi assumo responsabilità su eventuali imprecisioni che vi sono all'interno, se notate qualcosa di incongruente sulle informazioni contenute in questo tread provvedete a segnalarmelo tramite messaggio privato ed io provvederò ad aggiornare il post.

saluti

c.m.g
Piccola nota informativa:
http://www.hwupgrade.it/forum/showpo...&postcount=635
xcdegasp è offline   Rispondi citando il messaggio o parte di esso
Old 10-12-2010, 17:17   #312
AlexGOD
Senior Member
 
L'Avatar di AlexGOD
 
Iscritto dal: Mar 2003
Città: Napoli
Messaggi: 320
Scusate ma credo di aver bisogno di aiuto

Ho un Win 7 64 bit e sto facendo una "normale" scansione approfondita, seguendo la guida per infetti, per togliermi qualche dubbio sull'integrità del mio sistema.

Sono venute fuori solo piccole cose che dovrei aver debellato (poi aprirò un apposito topic per chiedere consiglio), però sul gmer ho qualche dubbio.

Ho eseguito gmer due volte e mi ha dato l'impressione di non funzionare bene:
- non mi permette di selezionare tutte le opzioni (System, Sections, ecc.), le uniche sono Services, Registry, File e ADS.
- non apre nessun log alla fine e l'unica cosa che produce sono due righe scritte in nero su voci di registro:

Codice:
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-12-10 17:57:06
Windows 6.1.7600  
Running: gmer.exe


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90840df1db7b                      
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90840df1db7b (not active ControlSet)  

---- EOF - GMER 1.0.15 ----
Non convinto riscarico il gmer.zip dal sito ufficiale e lo rilancio.
A questo punto esce (nella fase di avvio) un messaggio su un Rootkit rilevato (ma poi non appare nessuna scritta) e dopo aver lanciato la scansione completa vengono fuori, di nuovo e solo quelle due righe di cui sopra!

__________________
Pcs are like air conditioners: they stop working when you open windows
AlexGOD è offline   Rispondi citando il messaggio o parte di esso
Old 10-12-2010, 19:10   #313
Gonzalo Jiménez De Quesada
Bannato
 
Iscritto dal: Feb 2010
Messaggi: 36
scusate sto seguendo la procedura per gli infetti anche se non ho trovato grandi riscontri e come ho appena fatto per hijackthis vi posto il log, soerando di aver capito come si fa

Codice:
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-12-10 19:40:23
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ASUS-JM_S41_SSD rev.02.10102
Running: gmer.exe; Driver: C:\DOCUME~1\ALESSA~1\IMPOST~1\Temp\kxtdapoc.sys


---- System - GMER 1.0.15 ----

SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwAllocateVirtualMemory [0xA9E6EF60]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwAssignProcessToJobObject [0xA9E6EAF0]
SSDT            F7BC4446                                                                                              ZwCreateKey
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwCreateThread [0xA9E6EB40]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwDebugActiveProcess [0xA9E6EF10]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwDeleteKey [0xA9E6E810]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwDeleteValueKey [0xA9E6E8D0]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwDuplicateObject [0xA9E6F180]
SSDT            sptd.sys                                                                                              ZwEnumerateKey [0xF73B9C22]
SSDT            sptd.sys                                                                                              ZwEnumerateValueKey [0xF73B9F9A]
SSDT            F7BC445A                                                                                              ZwLoadKey
SSDT            sptd.sys                                                                                              ZwOpenKey [0xF73B998E]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwOpenProcess [0xA9E6F490]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwOpenSection [0xA9E6ECD0]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwOpenThread [0xA9E6F320]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwProtectVirtualMemory [0xA9E6EBE0]
SSDT            sptd.sys                                                                                              ZwQueryKey [0xF73BA064]
SSDT            sptd.sys                                                                                              ZwQueryValueKey [0xF73B9EFC]
SSDT            F7BC4464                                                                                              ZwReplaceKey
SSDT            F7BC445F                                                                                              ZwRestoreKey
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwSetContextThread [0xA9E6EAA0]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwSetValueKey [0xA9E6E9B0]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwSystemDebugControl [0xA9E6EE80]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwTerminateProcess [0xA9E6F630]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwTerminateThread [0xA9E6EC80]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwWriteVirtualMemory [0xA9E6F000]

---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!ZwCallbackReturn + 2C30                                                                  805044CC 4 Bytes  JMP 189CA9E6 
.text           ntkrnlpa.exe!ZwCallbackReturn + 2CE0                                                                  8050457C 4 Bytes  CALL C9A4EF67 
.text           ntkrnlpa.exe!ZwCallbackReturn + 2CE8                                                                  80504584 4 Bytes  CALL 129AEF6F 
.text           ntkrnlpa.exe!ZwCallbackReturn + 2F38                                                                  805047D4 4 Bytes  JMP 5F96A9E6 
.text           ntkrnlpa.exe!ZwCallbackReturn + 2FC0                                                                  8050485C 4 Bytes  JMP 4144F247 
?               C:\WINDOWS\system32\drivers\sptd.sys                                                                  Impossibile accedere al file. Il file è utilizzato da un altro processo.
?               C:\WINDOWS\System32\Drivers\SPTD7101.SYS                                                              Impossibile accedere al file. Il file è utilizzato da un altro processo.

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT             atapi.sys[HAL.dll!READ_PORT_UCHAR]                                                                    [F73B5AD2] sptd.sys
IAT             atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT]                                                            [F73B5C0E] sptd.sys
IAT             atapi.sys[HAL.dll!READ_PORT_USHORT]                                                                   [F73B5B96] sptd.sys
IAT             atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT]                                                           [F73B676C] sptd.sys
IAT             atapi.sys[HAL.dll!WRITE_PORT_UCHAR]                                                                   [F73B6642] sptd.sys
IAT             \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR]                                    [F73D8056] sptd.sys

---- Devices - GMER 1.0.15 ----

Device                                                                                                                865C70E8
Device                                                                                                                Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device                                                                                                                8629D620
Device                                                                                                                Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
Device          \Driver\NetBT \Device\NetBT_Tcpip_{AD1C735E-138F-47BC-A77D-151E9879176F}                              863726C0

AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                             pxrts.sys (Prevx Realtime Security/Prevx)

Device          \Driver\Ftdisk \Device\HarddiskVolume1                                                                865C8940
Device          \Driver\Ftdisk \Device\HarddiskVolume2                                                                865C8940
Device          \FileSystem\Rdbss \Device\FsWrap                                                                      8630E630
Device          \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3                                                           [F732FB40] atapi.sys[unknown section] {MOV EAX, 0x865c85a8; XCHG [ESP], EAX; PUSH EAX; PUSH 0xf73c9e12; RET }
Device          \Driver\atapi \Device\Ide\IdePort0                                                                    [F732FB40] atapi.sys[unknown section] {MOV EAX, 0x865c85a8; XCHG [ESP], EAX; PUSH EAX; PUSH 0xf73c9e12; RET }
Device          \Driver\atapi \Device\Ide\IdePort1                                                                    [F732FB40] atapi.sys[unknown section] {MOV EAX, 0x865c85a8; XCHG [ESP], EAX; PUSH EAX; PUSH 0xf73c9e12; RET }
Device          \Driver\USBSTOR \Device\00000074                                                                      86493518
Device          \Driver\USBSTOR \Device\00000076                                                                      86493518
Device          \Driver\NetBT \Device\NetBt_Wins_Export                                                               863726C0
Device          \Driver\NetBT \Device\NetbiosSmb                                                                      863726C0
Device          \Driver\Disk \Device\Harddisk0\DR0                                                                    865C83D0
Device          \Driver\Disk \Device\Harddisk1\DR3                                                                    865C83D0
Device          \Driver\Disk \Device\Harddisk1\DP(1)0-0+4                                                             865C83D0
Device          \FileSystem\MRxSmb \Device\LanmanDatagramReceiver                                                     862ECC38
Device          \FileSystem\Npfs \Device\NamedPipe                                                                    863BF8B0
Device          \Driver\Ftdisk \Device\FtControl                                                                      865C8940
Device          \FileSystem\Msfs \Device\Mailslot                                                                     862AF5A0

AttachedDevice                                                                                                        fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s0                                                    -1712133270
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1                                                    -1508707979
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2                                                    -1354767248
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0                                                    1
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4                      
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                   0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                0xDE 0x33 0x4F 0xFC ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                       0
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                    0xDE 0x33 0x4F 0xFC ...

---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-12-10 19:40:23
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ASUS-JM_S41_SSD rev.02.10102
Running: gmer.exe; Driver: C:\DOCUME~1\ALESSA~1\IMPOST~1\Temp\kxtdapoc.sys


---- System - GMER 1.0.15 ----

SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwAllocateVirtualMemory [0xA9E6EF60]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwAssignProcessToJobObject [0xA9E6EAF0]
SSDT            F7BC4446                                                                                              ZwCreateKey
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwCreateThread [0xA9E6EB40]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwDebugActiveProcess [0xA9E6EF10]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwDeleteKey [0xA9E6E810]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwDeleteValueKey [0xA9E6E8D0]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwDuplicateObject [0xA9E6F180]
SSDT            sptd.sys                                                                                              ZwEnumerateKey [0xF73B9C22]
SSDT            sptd.sys                                                                                              ZwEnumerateValueKey [0xF73B9F9A]
SSDT            F7BC445A                                                                                              ZwLoadKey
SSDT            sptd.sys                                                                                              ZwOpenKey [0xF73B998E]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwOpenProcess [0xA9E6F490]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwOpenSection [0xA9E6ECD0]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwOpenThread [0xA9E6F320]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwProtectVirtualMemory [0xA9E6EBE0]
SSDT            sptd.sys                                                                                              ZwQueryKey [0xF73BA064]
SSDT            sptd.sys                                                                                              ZwQueryValueKey [0xF73B9EFC]
SSDT            F7BC4464                                                                                              ZwReplaceKey
SSDT            F7BC445F                                                                                              ZwRestoreKey
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwSetContextThread [0xA9E6EAA0]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwSetValueKey [0xA9E6E9B0]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwSystemDebugControl [0xA9E6EE80]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwTerminateProcess [0xA9E6F630]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwTerminateThread [0xA9E6EC80]
SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                ZwWriteVirtualMemory [0xA9E6F000]

---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!ZwCallbackReturn + 2C30                                                                  805044CC 4 Bytes  JMP 189CA9E6 
.text           ntkrnlpa.exe!ZwCallbackReturn + 2CE0                                                                  8050457C 4 Bytes  CALL C9A4EF67 
.text           ntkrnlpa.exe!ZwCallbackReturn + 2CE8                                                                  80504584 4 Bytes  CALL 129AEF6F 
.text           ntkrnlpa.exe!ZwCallbackReturn + 2F38                                                                  805047D4 4 Bytes  JMP 5F96A9E6 
.text           ntkrnlpa.exe!ZwCallbackReturn + 2FC0                                                                  8050485C 4 Bytes  JMP 4144F247 
?               C:\WINDOWS\system32\drivers\sptd.sys                                                                  Impossibile accedere al file. Il file è utilizzato da un altro processo.
?               C:\WINDOWS\System32\Drivers\SPTD7101.SYS                                                              Impossibile accedere al file. Il file è utilizzato da un altro processo.

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT             atapi.sys[HAL.dll!READ_PORT_UCHAR]                                                                    [F73B5AD2] sptd.sys
IAT             atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT]                                                            [F73B5C0E] sptd.sys
IAT             atapi.sys[HAL.dll!READ_PORT_USHORT]                                                                   [F73B5B96] sptd.sys
IAT             atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT]                                                           [F73B676C] sptd.sys
IAT             atapi.sys[HAL.dll!WRITE_PORT_UCHAR]                                                                   [F73B6642] sptd.sys
IAT             \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR]                                    [F73D8056] sptd.sys

---- Devices - GMER 1.0.15 ----

Device                                                                                                                865C70E8
Device                                                                                                                Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device                                                                                                                8629D620
Device                                                                                                                Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
Device          \Driver\NetBT \Device\NetBT_Tcpip_{AD1C735E-138F-47BC-A77D-151E9879176F}                              863726C0

AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                             pxrts.sys (Prevx Realtime Security/Prevx)

Device          \Driver\Ftdisk \Device\HarddiskVolume1                                                                865C8940
Device          \Driver\Ftdisk \Device\HarddiskVolume2                                                                865C8940
Device          \FileSystem\Rdbss \Device\FsWrap                                                                      8630E630
Device          \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3                                                           [F732FB40] atapi.sys[unknown section] {MOV EAX, 0x865c85a8; XCHG [ESP], EAX; PUSH EAX; PUSH 0xf73c9e12; RET }
Device          \Driver\atapi \Device\Ide\IdePort0                                                                    [F732FB40] atapi.sys[unknown section] {MOV EAX, 0x865c85a8; XCHG [ESP], EAX; PUSH EAX; PUSH 0xf73c9e12; RET }
Device          \Driver\atapi \Device\Ide\IdePort1                                                                    [F732FB40] atapi.sys[unknown section] {MOV EAX, 0x865c85a8; XCHG [ESP], EAX; PUSH EAX; PUSH 0xf73c9e12; RET }
Device          \Driver\USBSTOR \Device\00000074                                                                      86493518
Device          \Driver\USBSTOR \Device\00000076                                                                      86493518
Device          \Driver\NetBT \Device\NetBt_Wins_Export                                                               863726C0
Device          \Driver\NetBT \Device\NetbiosSmb                                                                      863726C0
Device          \Driver\Disk \Device\Harddisk0\DR0                                                                    865C83D0
Device          \Driver\Disk \Device\Harddisk1\DR3                                                                    865C83D0
Device          \Driver\Disk \Device\Harddisk1\DP(1)0-0+4                                                             865C83D0
Device          \FileSystem\MRxSmb \Device\LanmanDatagramReceiver                                                     862ECC38
Device          \FileSystem\Npfs \Device\NamedPipe                                                                    863BF8B0
Device          \Driver\Ftdisk \Device\FtControl                                                                      865C8940
Device          \FileSystem\Msfs \Device\Mailslot                                                                     862AF5A0

AttachedDevice                                                                                                        fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s0                                                    -1712133270
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1                                                    -1508707979
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2                                                    -1354767248
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0                                                    1
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4                      
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                   0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                0xDE 0x33 0x4F 0xFC ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                       0
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                    0xDE 0x33 0x4F 0xFC ...

---- EOF - GMER 1.0.15 ----
Gonzalo Jiménez De Quesada è offline   Rispondi citando il messaggio o parte di esso
Old 10-12-2010, 22:06   #314
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da Gonzalo Jiménez De Quesada Guarda i messaggi
scusate sto seguendo la procedura per gli infetti anche se non ho trovato grandi riscontri e come ho appena fatto per hijackthis vi posto il log, soerando di aver capito come si fa
Dal momento che stai seguendo la Guida attendiamo tutti i log allegati correttamente ed in sezione idoena, così da avere una visione di insieme.
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 11-12-2010, 15:53   #315
Gonzalo Jiménez De Quesada
Bannato
 
Iscritto dal: Feb 2010
Messaggi: 36
Quote:
Originariamente inviato da Chill-Out Guarda i messaggi
Dal momento che stai seguendo la Guida attendiamo tutti i log allegati correttamente ed in sezione idoena, così da avere una visione di insieme.
ah ok, mi sembra più giusto effettivamente.
dove vi posto tutti i log?
Gonzalo Jiménez De Quesada è offline   Rispondi citando il messaggio o parte di esso
Old 15-12-2010, 11:18   #316
Skorpione63
Junior Member
 
Iscritto dal: Dec 2010
Messaggi: 3
voci in rosso in GMER
Salve,ho effettuato una scansione completa del mio sistema con GMER.Il risultato della scansione mi mostra tutto in rosso nella sezione REGISTRY, in LOCAL_MACHINE, nella cartella SAM e nelle sottocartelle DOMAINS e RXACT,cosi' come nella cartella SECURITY e nelle sottocartelle CACHE POLICY e RXACT.La cosa strana e' che ho eseguito REGEDIT,aperto LOCAL_MACHINE e sono andato a controllare le cartelle SAM e SECURITY e non ho trovato nessuna delle svariate sottocartelle che comparivano su GMER.Gentilmente, potete aiutarmi a capire se il mio computer e' infetto e come posso fare per ripulire il sistema?Grazie a tutti di cuore in anticipo.

qui c'e' il log di GMER http://wikisend.com/download/407654/gmer.log
Skorpione63 è offline   Rispondi citando il messaggio o parte di esso
Old 15-12-2010, 15:03   #317
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da Skorpione63 Guarda i messaggi
Salve,ho effettuato una scansione completa del mio sistema con GMER.Il risultato della scansione mi mostra tutto in rosso nella sezione REGISTRY, in LOCAL_MACHINE, nella cartella SAM e nelle sottocartelle DOMAINS e RXACT,cosi' come nella cartella SECURITY e nelle sottocartelle CACHE POLICY e RXACT.La cosa strana e' che ho eseguito REGEDIT,aperto LOCAL_MACHINE e sono andato a controllare le cartelle SAM e SECURITY e non ho trovato nessuna delle svariate sottocartelle che comparivano su GMER.Gentilmente, potete aiutarmi a capire se il mio computer e' infetto e come posso fare per ripulire il sistema?Grazie a tutti di cuore in anticipo.

qui c'e' il log di GMER http://wikisend.com/download/407654/gmer.log
Dal log non emerge nulla è pulito.
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 16-12-2010, 11:38   #318
Skorpione63
Junior Member
 
Iscritto dal: Dec 2010
Messaggi: 3
[quote=Chill-Out;33934342]Dal log non emerge nulla è pulito

Ciao, come si spiega il fatto che mi da' in rosso queste sottocartelle? Tra l'altro, ho cercato queste sottocartelle nel registro di sistema e' risultano inesistenti! Grazie per la risposta.
Ultima modifica di Skorpione63 : 16-12-2010 alle 11:52.
Skorpione63 è offline   Rispondi citando il messaggio o parte di esso
Old 17-12-2010, 18:12   #319
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da Skorpione63 Guarda i messaggi
Ciao, come si spiega il fatto che mi da' in rosso queste sottocartelle? Tra l'altro, ho cercato queste sottocartelle nel registro di sistema e' risultano inesistenti! Grazie per la risposta.
Perchè le chiavi sono nascoste e non disponi dei permessi per accedervi.
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 15-01-2011, 09:46   #320
AnywhereMX
Junior Member
 
Iscritto dal: Jan 2011
Messaggi: 9
Ciao a tutti =)
In questi giorni,"a pelle" il mio notebook mi sembra sia diventato abbastanza lento rispetto a pochi giorni prima. Ho fatto una scansione con GMER,ecco il log:
http://www.mediafire.com/?qy193g97gvsni20
Grazie in anticipo
AnywhereMX è offline   Rispondi citando il messaggio o parte di esso
Pagina 16 di 19 « Prima < 6 12 13 14 15 16 17 18 19 >
 Rispondi

« Discussione precedente | Discussione successiva »

ASUS ProArt PA32UCXR: 4K, Quantum Dot e Mini-LED i per professionisti dell'immagine ASUS ProArt PA32UCXR: 4K, Quantum Dot e Mini-LED...
HUAWEI WATCH FIT 3: lo smartwatch che ridefinisce design e fitness! Recensione HUAWEI WATCH FIT 3: lo smartwatch che ridefinisc...
HONOR 200 Lite, lo smartphone economico per ritratti, selfie, e non solo. La recensione HONOR 200 Lite, lo smartphone economico per ritr...
MG4, due settimane al volante dell'elettrica popolare: pregi, difetti e autonomia MG4, due settimane al volante dell'elettrica pop...
Tre giorni in Finlandia con OnePlus Watch 2 Nordic Blue. La nostra prova a temperature estreme Tre giorni in Finlandia con OnePlus Watch 2 Nord...
La missione cinese Chang'e-6 è en...
Boeing CST-100 Starliner: il lancio dell...
Un'altra GPU cinese raggiunge la produzi...
iPad Air non è più il tabl...
Minisforum AtomMan X7 Ti: il Mini PC da ...
iPad Pro: i nuovi modelli hanno tantissi...
Ecco come Cubbit DS3 ha permesso a Cloud...
Ring presenta Pan-Tilt Indoor Camera, la...
Apple elimina iPad 9 dalla gamma, ma ade...
Tante novità per ho.mobile: raddo...
ASUS svelerà il suo primo noteboo...
Indovinate qual è la novità...
Non solo Seagate Barracuda 8TB a 135€: p...
Niente adesivi Apple nelle confezioni de...
ByteDance contro il governo USA per legg...
Chromium
GPU-Z
OCCT
LibreOffice Portable
Opera One Portable
Opera One 106
CCleaner Portable
CCleaner Standard
Cpu-Z
Driver NVIDIA GeForce 546.65 WHQL
SmartFTP
Trillian
Google Chrome Portable
Google Chrome 120
VirtualBox
Tutti gli articoli Tutte le news Tutti i download

Strumenti

Regole
Non Puoi aprire nuove discussioni
Non Puoi rispondere ai messaggi
Non Puoi allegare file
Non Puoi modificare i tuoi messaggi
Il codice vB è On
Le Faccine sono On
Il codice [IMG] è On
Il codice HTML è Off
Vai al Forum


Tutti gli orari sono GMT +1. Ora sono le: 15:40.

Contattaci - Hardware Upgrade - Archivio - Note sulla Privacy - Su

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Served by www1v