API tools faq
paste
Advertisement
Guest User

GMER log 20.07.2012

a guest
Jul 22nd, 2012
134
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 97.90 KB | None | 0 0
raw download clone embed print report
  1. GMER 1.0.15.15641 - http://www.gmer.net
  2. Rootkit scan 2012-07-20 15:15:07
  3. Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 SAMSUNG_HD321KJ rev.CP100-10
  4. Running: j7d9qpcq.exe; Driver: C:\DOCUME~1\T4bzZ\USTAWI~1\Temp\ugrdrpob.sys
  5.  
  6.  
  7. ---- System - GMER 1.0.15 ----
  8.  
  9. SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAdjustPrivilegesToken [0xB3DB0824]
  10. SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwAllocateVirtualMemory [0xB3D1EF60]
  11. SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwAssignProcessToJobObject [0xB3D1EAF0]
  12. SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwConnectPort [0xB3DAFDD0]
  13. SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateFile [0xB3DB048A]
  14. SSDT \SystemRoot\system32\DRIVERS\CFRMD.sys (Safe Deletion Driver/Windows (R) Win 7 DDK provider) ZwCreateKey [0xF758989E]
  15. SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSection [0xB3DB2C26]
  16. SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSymbolicLinkObject [0xB3DB2FA4]
  17. SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwCreateThread [0xB3D1EB40]
  18. SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwDebugActiveProcess [0xB3D1EF10]
  19. SSDT \SystemRoot\system32\DRIVERS\CFRMD.sys (Safe Deletion Driver/Windows (R) Win 7 DDK provider) ZwDeleteKey [0xF75898B0]
  20. SSDT \SystemRoot\system32\DRIVERS\CFRMD.sys (Safe Deletion Driver/Windows (R) Win 7 DDK provider) ZwDeleteValueKey [0xF758F490]
  21. SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwDuplicateObject [0xB3D1F180]
  22. SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwEnumerateKey [0xB3DB1830]
  23. SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwEnumerateValueKey [0xB3DB1A86]
  24. SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwLoadDriver [0xB3DB2658]
  25. SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwMakeTemporaryObject [0xB3DB0098]
  26. SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenFile [0xB3DB0666]
  27. SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenKey [0xB3DB1052]
  28. SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwOpenProcess [0xB3D1F490]
  29. SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwOpenSection [0xB3D1ECD0]
  30. SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwOpenThread [0xB3D1F320]
  31. SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwProtectVirtualMemory [0xB3D1EBE0]
  32. SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwQueryKey [0xB3DB1C94]
  33. SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwQueryMultipleValueKey [0xB3DB20E8]
  34. SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwQueryValueKey [0xB3DB1EA6]
  35. SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRenameKey [0xB3DB15C8]
  36. SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwSetContextThread [0xB3D1EAA0]
  37. SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSecurityObject [0xB3DB0E76]
  38. SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSystemInformation [0xB3DB2944]
  39. SSDT \SystemRoot\system32\DRIVERS\CFRMD.sys (Safe Deletion Driver/Windows (R) Win 7 DDK provider) ZwSetValueKey [0xF758F688]
  40. SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwShutdownSystem [0xB3DB0002]
  41. SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwSystemDebugControl [0xB3D1EE80]
  42. SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwTerminateProcess [0xB3D1F630]
  43. SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwTerminateThread [0xB3D1EC80]
  44. SSDT \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx) ZwWriteVirtualMemory [0xB3D1F000]
  45.  
  46. ---- Kernel code sections - GMER 1.0.15 ----
  47.  
  48. .text ntoskrnl.exe!ZwYieldExecution + C2 804E491C 4 Bytes [F0, EA, D1, B3]
  49. .text ntoskrnl.exe!ZwYieldExecution + 3CA 804E4C24 4 Bytes [A0, EA, D1, B3]
  50. .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB71583A0, 0x88C445, 0xE8000020]
  51. .text win32k.sys!EngAcquireSemaphore + 20EE BF808302 5 Bytes JMP B3DB4638 \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  52. .text win32k.sys!EngFreeUserMem + 674 BF80992D 5 Bytes JMP B3DB54D4 \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  53. .text win32k.sys!EngFreeUserMem + 5BD5 BF80EE8E 5 Bytes JMP B3DB49AE \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  54. .text win32k.sys!EngDeleteSurface + 45 BF813921 5 Bytes JMP B3DB5D80 \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  55. .text win32k.sys!BRUSHOBJ_pvAllocRbrush + 11D3 BF81C58B 5 Bytes JMP B3DB4E8E \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  56. .text win32k.sys!EngSetLastError + 79A8 BF8240FB 5 Bytes JMP B3DB437E \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  57. .text win32k.sys!EngCreateBitmap + F9C BF828A65 5 Bytes JMP B3DB5614 \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  58. .text win32k.sys!EngCreateBitmap + 138F BF828E58 5 Bytes JMP B3DB407A \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  59. .text win32k.sys!EngUnmapFontFileFD + B687 BF839EE7 7 Bytes JMP B3DB5C3A \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  60. .text win32k.sys!FONTOBJ_pxoGetXform + 84ED BF851775 5 Bytes JMP B3DB451C \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  61. .text win32k.sys!XLATEOBJ_iXlate + F17 BF85BCAA 7 Bytes JMP B3DB4D3A \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  62. .text win32k.sys!XLATEOBJ_iXlate + 2EDB BF85DC6E 5 Bytes JMP B3DB47F2 \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  63. .text win32k.sys!EngCreatePalette + 88 BF85F612 5 Bytes JMP B3DB5DBE \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  64. .text win32k.sys!EngGetLastError + 1606 BF890E16 5 Bytes JMP B3DB5B0A \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  65. .text win32k.sys!EngGradientFill + 26EE BF8943C1 5 Bytes JMP B3DB58A0 \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  66. .text win32k.sys!EngCopyBits + 3862 BF89C24E 5 Bytes JMP B3DB4FF2 \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  67. .text win32k.sys!EngTextOut + 59C7 BF8AAF3E 5 Bytes JMP B3DB420A \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  68. .text win32k.sys!EngEraseSurface + A9E0 BF8C1D20 7 Bytes JMP B3DB4BB6 \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  69. .text win32k.sys!EngFillPath + 1517 BF8CA1B1 5 Bytes JMP B3DB5254 \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  70. .text win32k.sys!EngFillPath + 1797 BF8CA431 7 Bytes JMP B3DB59E6 \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  71. .text win32k.sys!EngDeleteSemaphore + 3AFB BF8EBDB4 5 Bytes JMP B3DB6054 \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  72. .text win32k.sys!EngCreateClip + 2603 BF914EB8 5 Bytes JMP B3DB534C \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  73. .text win32k.sys!EngCreateClip + 4F7C BF917831 7 Bytes JMP B3DB5156 \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  74. .text win32k.sys!EngPlgBlt + 1947 BF947980 7 Bytes JMP B3DB5760 \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)
  75.  
  76. ---- User code sections - GMER 1.0.15 ----
  77.  
  78. .text C:\WINDOWS\Explorer.EXE[320] ntdll.dll!NtWriteFile 7C90DF7E 5 Bytes JMP 022A7B40 C:\WINDOWS\system32\PxSecure.dll (Prevx Security Library/Prevx)
  79. .text C:\WINDOWS\Explorer.EXE[320] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 022A7090 C:\WINDOWS\system32\PxSecure.dll (Prevx Security Library/Prevx)
  80. .text C:\WINDOWS\Explorer.EXE[320] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  81. .text C:\WINDOWS\Explorer.EXE[320] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  82. .text C:\WINDOWS\Explorer.EXE[320] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  83. .text C:\WINDOWS\Explorer.EXE[320] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  84. .text C:\WINDOWS\Explorer.EXE[320] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  85. .text C:\WINDOWS\Explorer.EXE[320] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  86. .text C:\WINDOWS\Explorer.EXE[320] USER32.dll!SetWindowTextW 7E37960E 5 Bytes JMP 022A7800 C:\WINDOWS\system32\PxSecure.dll (Prevx Security Library/Prevx)
  87. .text C:\WINDOWS\RTHDCPL.EXE[516] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  88. .text C:\WINDOWS\RTHDCPL.EXE[516] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  89. .text C:\WINDOWS\RTHDCPL.EXE[516] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  90. .text C:\WINDOWS\RTHDCPL.EXE[516] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  91. .text C:\WINDOWS\RTHDCPL.EXE[516] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  92. .text C:\WINDOWS\RTHDCPL.EXE[516] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  93. .text C:\WINDOWS\RTHDCPL.EXE[516] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  94. .text C:\WINDOWS\RTHDCPL.EXE[516] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  95. .text C:\WINDOWS\RTHDCPL.EXE[516] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  96. .text C:\WINDOWS\RTHDCPL.EXE[516] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  97. .text C:\WINDOWS\RTHDCPL.EXE[516] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  98. .text C:\WINDOWS\RTHDCPL.EXE[516] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  99. .text C:\WINDOWS\RTHDCPL.EXE[516] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  100. .text C:\WINDOWS\RTHDCPL.EXE[516] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  101. .text F:\PROGRAMY\Logitech SetPoint\SetPointP\SetPoint.exe[524] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 00A6D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  102. .text F:\PROGRAMY\Logitech SetPoint\SetPointP\SetPoint.exe[524] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [16, 84]
  103. .text F:\PROGRAMY\Logitech SetPoint\SetPointP\SetPoint.exe[524] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 00A7BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  104. .text F:\PROGRAMY\Logitech SetPoint\SetPointP\SetPoint.exe[524] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 00A7B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  105. .text F:\PROGRAMY\Logitech SetPoint\SetPointP\SetPoint.exe[524] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 00A77DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  106. .text F:\PROGRAMY\Logitech SetPoint\SetPointP\SetPoint.exe[524] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 00A6D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  107. .text F:\PROGRAMY\Logitech SetPoint\SetPointP\SetPoint.exe[524] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00A74F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  108. .text F:\PROGRAMY\Logitech SetPoint\SetPointP\SetPoint.exe[524] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00A75AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  109. .text F:\PROGRAMY\Logitech SetPoint\SetPointP\SetPoint.exe[524] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 00A73A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  110. .text F:\PROGRAMY\Logitech SetPoint\SetPointP\SetPoint.exe[524] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 00A74390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  111. .text F:\PROGRAMY\Logitech SetPoint\SetPointP\SetPoint.exe[524] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 00A78BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  112. .text F:\PROGRAMY\Logitech SetPoint\SetPointP\SetPoint.exe[524] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 00A78990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  113. .text F:\PROGRAMY\Logitech SetPoint\SetPointP\SetPoint.exe[524] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 00A79CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  114. .text F:\PROGRAMY\Logitech SetPoint\SetPointP\SetPoint.exe[524] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 00A79BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  115. .text C:\WINDOWS\system32\RUNDLL32.EXE[612] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  116. .text C:\WINDOWS\system32\RUNDLL32.EXE[612] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  117. .text C:\WINDOWS\system32\RUNDLL32.EXE[612] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  118. .text C:\WINDOWS\system32\RUNDLL32.EXE[612] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  119. .text C:\WINDOWS\system32\RUNDLL32.EXE[612] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  120. .text C:\WINDOWS\system32\RUNDLL32.EXE[612] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  121. .text C:\WINDOWS\system32\RUNDLL32.EXE[612] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  122. .text C:\WINDOWS\system32\RUNDLL32.EXE[612] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  123. .text C:\WINDOWS\system32\RUNDLL32.EXE[612] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  124. .text C:\WINDOWS\system32\RUNDLL32.EXE[612] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  125. .text C:\WINDOWS\system32\RUNDLL32.EXE[612] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  126. .text C:\WINDOWS\system32\RUNDLL32.EXE[612] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  127. .text C:\WINDOWS\system32\RUNDLL32.EXE[612] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  128. .text C:\WINDOWS\system32\RUNDLL32.EXE[612] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  129. .text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[640] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 0077FC60 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
  130. .text C:\Documents and Settings\T4bzZ\Local Settings\Apps\F.lux\flux.exe[644] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  131. .text C:\Documents and Settings\T4bzZ\Local Settings\Apps\F.lux\flux.exe[644] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  132. .text C:\Documents and Settings\T4bzZ\Local Settings\Apps\F.lux\flux.exe[644] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  133. .text C:\Documents and Settings\T4bzZ\Local Settings\Apps\F.lux\flux.exe[644] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  134. .text C:\Documents and Settings\T4bzZ\Local Settings\Apps\F.lux\flux.exe[644] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  135. .text C:\Documents and Settings\T4bzZ\Local Settings\Apps\F.lux\flux.exe[644] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  136. .text C:\Documents and Settings\T4bzZ\Local Settings\Apps\F.lux\flux.exe[644] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  137. .text C:\Documents and Settings\T4bzZ\Local Settings\Apps\F.lux\flux.exe[644] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  138. .text C:\Documents and Settings\T4bzZ\Local Settings\Apps\F.lux\flux.exe[644] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  139. .text C:\Documents and Settings\T4bzZ\Local Settings\Apps\F.lux\flux.exe[644] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  140. .text C:\Documents and Settings\T4bzZ\Local Settings\Apps\F.lux\flux.exe[644] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  141. .text C:\Documents and Settings\T4bzZ\Local Settings\Apps\F.lux\flux.exe[644] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  142. .text C:\Documents and Settings\T4bzZ\Local Settings\Apps\F.lux\flux.exe[644] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  143. .text C:\Documents and Settings\T4bzZ\Local Settings\Apps\F.lux\flux.exe[644] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  144. .text C:\WINDOWS\system32\ctfmon.exe[656] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  145. .text C:\WINDOWS\system32\ctfmon.exe[656] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  146. .text C:\WINDOWS\system32\ctfmon.exe[656] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  147. .text C:\WINDOWS\system32\ctfmon.exe[656] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  148. .text C:\WINDOWS\system32\ctfmon.exe[656] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  149. .text C:\WINDOWS\system32\ctfmon.exe[656] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  150. .text C:\WINDOWS\system32\ctfmon.exe[656] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  151. .text C:\WINDOWS\system32\ctfmon.exe[656] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  152. .text C:\WINDOWS\system32\ctfmon.exe[656] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  153. .text C:\WINDOWS\system32\ctfmon.exe[656] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  154. .text C:\WINDOWS\system32\ctfmon.exe[656] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  155. .text C:\WINDOWS\system32\ctfmon.exe[656] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  156. .text C:\WINDOWS\system32\ctfmon.exe[656] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  157. .text C:\WINDOWS\system32\ctfmon.exe[656] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  158. .text C:\Program Files\Windows Desktop Search\WindowsSearch.exe[724] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  159. .text C:\Program Files\Windows Desktop Search\WindowsSearch.exe[724] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  160. .text C:\Program Files\Windows Desktop Search\WindowsSearch.exe[724] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  161. .text C:\Program Files\Windows Desktop Search\WindowsSearch.exe[724] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  162. .text C:\Program Files\Windows Desktop Search\WindowsSearch.exe[724] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  163. .text C:\Program Files\Windows Desktop Search\WindowsSearch.exe[724] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  164. .text C:\Program Files\Windows Desktop Search\WindowsSearch.exe[724] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  165. .text C:\Program Files\Windows Desktop Search\WindowsSearch.exe[724] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  166. .text C:\Program Files\Windows Desktop Search\WindowsSearch.exe[724] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  167. .text C:\Program Files\Windows Desktop Search\WindowsSearch.exe[724] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  168. .text C:\Program Files\Windows Desktop Search\WindowsSearch.exe[724] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  169. .text C:\Program Files\Windows Desktop Search\WindowsSearch.exe[724] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  170. .text C:\Program Files\Windows Desktop Search\WindowsSearch.exe[724] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  171. .text C:\Program Files\Windows Desktop Search\WindowsSearch.exe[724] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  172. .text C:\Documents and Settings\T4bzZ\Dane aplikacji\Dropbox\bin\Dropbox.exe[816] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  173. .text C:\Documents and Settings\T4bzZ\Dane aplikacji\Dropbox\bin\Dropbox.exe[816] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  174. .text C:\Documents and Settings\T4bzZ\Dane aplikacji\Dropbox\bin\Dropbox.exe[816] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  175. .text C:\Documents and Settings\T4bzZ\Dane aplikacji\Dropbox\bin\Dropbox.exe[816] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  176. .text C:\Documents and Settings\T4bzZ\Dane aplikacji\Dropbox\bin\Dropbox.exe[816] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  177. .text C:\Documents and Settings\T4bzZ\Dane aplikacji\Dropbox\bin\Dropbox.exe[816] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  178. .text C:\Documents and Settings\T4bzZ\Dane aplikacji\Dropbox\bin\Dropbox.exe[816] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  179. .text C:\Documents and Settings\T4bzZ\Dane aplikacji\Dropbox\bin\Dropbox.exe[816] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  180. .text C:\Documents and Settings\T4bzZ\Dane aplikacji\Dropbox\bin\Dropbox.exe[816] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  181. .text C:\Documents and Settings\T4bzZ\Dane aplikacji\Dropbox\bin\Dropbox.exe[816] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  182. .text C:\Documents and Settings\T4bzZ\Dane aplikacji\Dropbox\bin\Dropbox.exe[816] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  183. .text C:\Documents and Settings\T4bzZ\Dane aplikacji\Dropbox\bin\Dropbox.exe[816] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  184. .text C:\Documents and Settings\T4bzZ\Dane aplikacji\Dropbox\bin\Dropbox.exe[816] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  185. .text C:\Documents and Settings\T4bzZ\Dane aplikacji\Dropbox\bin\Dropbox.exe[816] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  186. .text C:\WINDOWS\system32\csrss.exe[996] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 10001450 C:\WINDOWS\system32\cmdcsr.dll (COMODO Internet Security/COMODO)
  187. .text C:\WINDOWS\system32\csrss.exe[996] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 100017F0 C:\WINDOWS\system32\cmdcsr.dll (COMODO Internet Security/COMODO)
  188. .text C:\Documents and Settings\T4bzZ\Pulpit\j7d9qpcq.exe[1052] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  189. .text C:\Documents and Settings\T4bzZ\Pulpit\j7d9qpcq.exe[1052] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  190. .text C:\Documents and Settings\T4bzZ\Pulpit\j7d9qpcq.exe[1052] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  191. .text C:\Documents and Settings\T4bzZ\Pulpit\j7d9qpcq.exe[1052] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  192. .text C:\Documents and Settings\T4bzZ\Pulpit\j7d9qpcq.exe[1052] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  193. .text C:\Documents and Settings\T4bzZ\Pulpit\j7d9qpcq.exe[1052] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  194. .text C:\Documents and Settings\T4bzZ\Pulpit\j7d9qpcq.exe[1052] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  195. .text C:\Documents and Settings\T4bzZ\Pulpit\j7d9qpcq.exe[1052] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  196. .text C:\Documents and Settings\T4bzZ\Pulpit\j7d9qpcq.exe[1052] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  197. .text C:\Documents and Settings\T4bzZ\Pulpit\j7d9qpcq.exe[1052] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  198. .text C:\Documents and Settings\T4bzZ\Pulpit\j7d9qpcq.exe[1052] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  199. .text C:\Documents and Settings\T4bzZ\Pulpit\j7d9qpcq.exe[1052] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  200. .text C:\Documents and Settings\T4bzZ\Pulpit\j7d9qpcq.exe[1052] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  201. .text C:\Documents and Settings\T4bzZ\Pulpit\j7d9qpcq.exe[1052] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  202. .text C:\WINDOWS\system32\services.exe[1068] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  203. .text C:\WINDOWS\system32\services.exe[1068] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  204. .text C:\WINDOWS\system32\services.exe[1068] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  205. .text C:\WINDOWS\system32\services.exe[1068] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  206. .text C:\WINDOWS\system32\services.exe[1068] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  207. .text C:\WINDOWS\system32\services.exe[1068] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  208. .text C:\WINDOWS\system32\services.exe[1068] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  209. .text C:\WINDOWS\system32\services.exe[1068] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  210. .text C:\WINDOWS\system32\services.exe[1068] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  211. .text C:\WINDOWS\system32\services.exe[1068] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  212. .text C:\WINDOWS\system32\services.exe[1068] RPCRT4.dll!RpcServerRegisterIfEx 77E8CD53 5 Bytes JMP 1001F060 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  213. .text C:\WINDOWS\system32\services.exe[1068] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  214. .text C:\WINDOWS\system32\services.exe[1068] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  215. .text C:\WINDOWS\system32\services.exe[1068] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  216. .text C:\WINDOWS\system32\services.exe[1068] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  217. .text C:\WINDOWS\system32\lsass.exe[1080] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  218. .text C:\WINDOWS\system32\lsass.exe[1080] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  219. .text C:\WINDOWS\system32\lsass.exe[1080] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  220. .text C:\WINDOWS\system32\lsass.exe[1080] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  221. .text C:\WINDOWS\system32\lsass.exe[1080] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  222. .text C:\WINDOWS\system32\lsass.exe[1080] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  223. .text C:\WINDOWS\system32\lsass.exe[1080] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  224. .text C:\WINDOWS\system32\lsass.exe[1080] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  225. .text C:\WINDOWS\system32\lsass.exe[1080] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  226. .text C:\WINDOWS\system32\lsass.exe[1080] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  227. .text C:\WINDOWS\system32\lsass.exe[1080] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  228. .text C:\WINDOWS\system32\lsass.exe[1080] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  229. .text C:\WINDOWS\system32\lsass.exe[1080] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  230. .text C:\WINDOWS\system32\lsass.exe[1080] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  231. .text C:\WINDOWS\system32\svchost.exe[1292] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  232. .text C:\WINDOWS\system32\svchost.exe[1292] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  233. .text C:\WINDOWS\system32\svchost.exe[1292] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  234. .text C:\WINDOWS\system32\svchost.exe[1292] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  235. .text C:\WINDOWS\system32\svchost.exe[1292] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  236. .text C:\WINDOWS\system32\svchost.exe[1292] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  237. .text C:\WINDOWS\system32\svchost.exe[1292] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  238. .text C:\WINDOWS\system32\svchost.exe[1292] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  239. .text C:\WINDOWS\system32\svchost.exe[1292] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  240. .text C:\WINDOWS\system32\svchost.exe[1292] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  241. .text C:\WINDOWS\system32\svchost.exe[1292] RPCRT4.dll!RpcServerRegisterIfEx 77E8CD53 5 Bytes JMP 1001F060 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  242. .text C:\WINDOWS\system32\svchost.exe[1292] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  243. .text C:\WINDOWS\system32\svchost.exe[1292] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  244. .text C:\WINDOWS\system32\svchost.exe[1292] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  245. .text C:\WINDOWS\system32\svchost.exe[1292] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  246. .text C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE[1312] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  247. .text C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE[1312] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  248. .text C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE[1312] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  249. .text C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE[1312] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  250. .text C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE[1312] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  251. .text C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE[1312] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  252. .text C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE[1312] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  253. .text C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE[1312] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  254. .text C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE[1312] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  255. .text C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE[1312] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  256. .text C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE[1312] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  257. .text C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE[1312] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  258. .text C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE[1312] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  259. .text C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE[1312] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  260. .text C:\WINDOWS\system32\svchost.exe[1356] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  261. .text C:\WINDOWS\system32\svchost.exe[1356] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  262. .text C:\WINDOWS\system32\svchost.exe[1356] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  263. .text C:\WINDOWS\system32\svchost.exe[1356] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  264. .text C:\WINDOWS\system32\svchost.exe[1356] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  265. .text C:\WINDOWS\system32\svchost.exe[1356] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  266. .text C:\WINDOWS\system32\svchost.exe[1356] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  267. .text C:\WINDOWS\system32\svchost.exe[1356] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  268. .text C:\WINDOWS\system32\svchost.exe[1356] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  269. .text C:\WINDOWS\system32\svchost.exe[1356] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  270. .text C:\WINDOWS\system32\svchost.exe[1356] RPCRT4.dll!RpcServerRegisterIfEx 77E8CD53 5 Bytes JMP 1001F060 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  271. .text C:\WINDOWS\system32\svchost.exe[1356] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  272. .text C:\WINDOWS\system32\svchost.exe[1356] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  273. .text C:\WINDOWS\system32\svchost.exe[1356] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  274. .text C:\WINDOWS\system32\svchost.exe[1356] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  275. .text C:\WINDOWS\system32\svchost.exe[1356] rpcss.dll!WhichService 76A64234 8 Bytes JMP ED501001
  276. .text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1480] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 00533F00 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)
  277. .text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1480] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 0054D9A0 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)
  278. .text C:\WINDOWS\system32\svchost.exe[1520] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  279. .text C:\WINDOWS\system32\svchost.exe[1520] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  280. .text C:\WINDOWS\system32\svchost.exe[1520] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  281. .text C:\WINDOWS\system32\svchost.exe[1520] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  282. .text C:\WINDOWS\system32\svchost.exe[1520] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  283. .text C:\WINDOWS\system32\svchost.exe[1520] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  284. .text C:\WINDOWS\system32\svchost.exe[1520] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  285. .text C:\WINDOWS\system32\svchost.exe[1520] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  286. .text C:\WINDOWS\system32\svchost.exe[1520] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  287. .text C:\WINDOWS\system32\svchost.exe[1520] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  288. .text C:\WINDOWS\system32\svchost.exe[1520] RPCRT4.dll!RpcServerRegisterIfEx 77E8CD53 5 Bytes JMP 1001F060 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  289. .text C:\WINDOWS\system32\svchost.exe[1520] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  290. .text C:\WINDOWS\system32\svchost.exe[1520] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  291. .text C:\WINDOWS\system32\svchost.exe[1520] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  292. .text C:\WINDOWS\system32\svchost.exe[1520] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  293. .text C:\WINDOWS\system32\svchost.exe[1588] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  294. .text C:\WINDOWS\system32\svchost.exe[1588] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  295. .text C:\WINDOWS\system32\svchost.exe[1588] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  296. .text C:\WINDOWS\system32\svchost.exe[1588] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  297. .text C:\WINDOWS\system32\svchost.exe[1588] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  298. .text C:\WINDOWS\system32\svchost.exe[1588] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  299. .text C:\WINDOWS\system32\svchost.exe[1588] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  300. .text C:\WINDOWS\system32\svchost.exe[1588] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  301. .text C:\WINDOWS\system32\svchost.exe[1588] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  302. .text C:\WINDOWS\system32\svchost.exe[1588] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  303. .text C:\WINDOWS\system32\svchost.exe[1588] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  304. .text C:\WINDOWS\system32\svchost.exe[1588] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  305. .text C:\WINDOWS\system32\svchost.exe[1588] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  306. .text C:\WINDOWS\system32\svchost.exe[1588] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  307. .text C:\WINDOWS\system32\svchost.exe[1676] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  308. .text C:\WINDOWS\system32\svchost.exe[1676] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  309. .text C:\WINDOWS\system32\svchost.exe[1676] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  310. .text C:\WINDOWS\system32\svchost.exe[1676] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  311. .text C:\WINDOWS\system32\svchost.exe[1676] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  312. .text C:\WINDOWS\system32\svchost.exe[1676] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  313. .text C:\WINDOWS\system32\svchost.exe[1676] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  314. .text C:\WINDOWS\system32\svchost.exe[1676] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  315. .text C:\WINDOWS\system32\svchost.exe[1676] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  316. .text C:\WINDOWS\system32\svchost.exe[1676] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  317. .text C:\WINDOWS\system32\svchost.exe[1676] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  318. .text C:\WINDOWS\system32\svchost.exe[1676] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  319. .text C:\WINDOWS\system32\svchost.exe[1676] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  320. .text C:\WINDOWS\system32\svchost.exe[1676] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  321. .text C:\WINDOWS\system32\svchost.exe[1732] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  322. .text C:\WINDOWS\system32\svchost.exe[1732] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  323. .text C:\WINDOWS\system32\svchost.exe[1732] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  324. .text C:\WINDOWS\system32\svchost.exe[1732] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  325. .text C:\WINDOWS\system32\svchost.exe[1732] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  326. .text C:\WINDOWS\system32\svchost.exe[1732] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  327. .text C:\WINDOWS\system32\svchost.exe[1732] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  328. .text C:\WINDOWS\system32\svchost.exe[1732] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  329. .text C:\WINDOWS\system32\svchost.exe[1732] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  330. .text C:\WINDOWS\system32\svchost.exe[1732] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  331. .text C:\WINDOWS\system32\svchost.exe[1732] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  332. .text C:\WINDOWS\system32\svchost.exe[1732] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  333. .text C:\WINDOWS\system32\svchost.exe[1732] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  334. .text C:\WINDOWS\system32\svchost.exe[1732] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  335. .text C:\WINDOWS\system32\spoolsv.exe[1828] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  336. .text C:\WINDOWS\system32\spoolsv.exe[1828] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  337. .text C:\WINDOWS\system32\spoolsv.exe[1828] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  338. .text C:\WINDOWS\system32\spoolsv.exe[1828] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  339. .text C:\WINDOWS\system32\spoolsv.exe[1828] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  340. .text C:\WINDOWS\system32\spoolsv.exe[1828] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  341. .text C:\WINDOWS\system32\spoolsv.exe[1828] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  342. .text C:\WINDOWS\system32\spoolsv.exe[1828] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  343. .text C:\WINDOWS\system32\spoolsv.exe[1828] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  344. .text C:\WINDOWS\system32\spoolsv.exe[1828] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  345. .text C:\WINDOWS\system32\spoolsv.exe[1828] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  346. .text C:\WINDOWS\system32\spoolsv.exe[1828] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  347. .text C:\WINDOWS\system32\spoolsv.exe[1828] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  348. .text C:\WINDOWS\system32\spoolsv.exe[1828] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  349. .text C:\WINDOWS\system32\svchost.exe[2280] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  350. .text C:\WINDOWS\system32\svchost.exe[2280] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  351. .text C:\WINDOWS\system32\svchost.exe[2280] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  352. .text C:\WINDOWS\system32\svchost.exe[2280] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  353. .text C:\WINDOWS\system32\svchost.exe[2280] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  354. .text C:\WINDOWS\system32\svchost.exe[2280] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  355. .text C:\WINDOWS\system32\svchost.exe[2280] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  356. .text C:\WINDOWS\system32\svchost.exe[2280] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  357. .text C:\WINDOWS\system32\svchost.exe[2280] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  358. .text C:\WINDOWS\system32\svchost.exe[2280] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  359. .text C:\WINDOWS\system32\svchost.exe[2280] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  360. .text C:\WINDOWS\system32\svchost.exe[2280] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  361. .text C:\WINDOWS\system32\svchost.exe[2280] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  362. .text C:\WINDOWS\system32\svchost.exe[2280] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  363. .text C:\Program Files\COMODO\System Cleaner\Cleaner_Validator.exe[2332] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 0085D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  364. .text C:\Program Files\COMODO\System Cleaner\Cleaner_Validator.exe[2332] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [F5, 83]
  365. .text C:\Program Files\COMODO\System Cleaner\Cleaner_Validator.exe[2332] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 0086BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  366. .text C:\Program Files\COMODO\System Cleaner\Cleaner_Validator.exe[2332] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 0086B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  367. .text C:\Program Files\COMODO\System Cleaner\Cleaner_Validator.exe[2332] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 00867DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  368. .text C:\Program Files\COMODO\System Cleaner\Cleaner_Validator.exe[2332] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 0085D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  369. .text C:\Program Files\COMODO\System Cleaner\Cleaner_Validator.exe[2332] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00864F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  370. .text C:\Program Files\COMODO\System Cleaner\Cleaner_Validator.exe[2332] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00865AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  371. .text C:\Program Files\COMODO\System Cleaner\Cleaner_Validator.exe[2332] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 00863A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  372. .text C:\Program Files\COMODO\System Cleaner\Cleaner_Validator.exe[2332] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 00864390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  373. .text C:\Program Files\COMODO\System Cleaner\Cleaner_Validator.exe[2332] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 00868BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  374. .text C:\Program Files\COMODO\System Cleaner\Cleaner_Validator.exe[2332] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 00868990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  375. .text C:\Program Files\COMODO\System Cleaner\Cleaner_Validator.exe[2332] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 00869CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  376. .text C:\Program Files\COMODO\System Cleaner\Cleaner_Validator.exe[2332] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 00869BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  377. .text C:\Program Files\Prevx\prevx.exe[2356] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  378. .text C:\Program Files\Prevx\prevx.exe[2356] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  379. .text C:\Program Files\Prevx\prevx.exe[2356] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  380. .text C:\Program Files\Prevx\prevx.exe[2356] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  381. .text C:\Program Files\Prevx\prevx.exe[2356] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  382. .text C:\Program Files\Prevx\prevx.exe[2356] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  383. .text C:\WINDOWS\system32\nvsvc32.exe[2412] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  384. .text C:\WINDOWS\system32\nvsvc32.exe[2412] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  385. .text C:\WINDOWS\system32\nvsvc32.exe[2412] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  386. .text C:\WINDOWS\system32\nvsvc32.exe[2412] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  387. .text C:\WINDOWS\system32\nvsvc32.exe[2412] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  388. .text C:\WINDOWS\system32\nvsvc32.exe[2412] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  389. .text C:\WINDOWS\system32\nvsvc32.exe[2412] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  390. .text C:\WINDOWS\system32\nvsvc32.exe[2412] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  391. .text C:\WINDOWS\system32\nvsvc32.exe[2412] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  392. .text C:\WINDOWS\system32\nvsvc32.exe[2412] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  393. .text C:\WINDOWS\system32\nvsvc32.exe[2412] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  394. .text C:\WINDOWS\system32\nvsvc32.exe[2412] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  395. .text C:\WINDOWS\system32\nvsvc32.exe[2412] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  396. .text C:\WINDOWS\system32\nvsvc32.exe[2412] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  397. .text C:\WINDOWS\system32\SearchIndexer.exe[2604] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  398. .text C:\WINDOWS\system32\SearchIndexer.exe[2604] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  399. .text C:\WINDOWS\system32\SearchIndexer.exe[2604] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  400. .text C:\WINDOWS\system32\SearchIndexer.exe[2604] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  401. .text C:\WINDOWS\system32\SearchIndexer.exe[2604] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  402. .text C:\WINDOWS\system32\SearchIndexer.exe[2604] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  403. .text C:\WINDOWS\system32\SearchIndexer.exe[2604] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  404. .text C:\WINDOWS\system32\SearchIndexer.exe[2604] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  405. .text C:\WINDOWS\system32\SearchIndexer.exe[2604] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)
  406. .text C:\WINDOWS\system32\SearchIndexer.exe[2604] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  407. .text C:\WINDOWS\system32\SearchIndexer.exe[2604] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  408. .text C:\WINDOWS\system32\SearchIndexer.exe[2604] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  409. .text C:\WINDOWS\system32\SearchIndexer.exe[2604] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  410. .text C:\WINDOWS\system32\SearchIndexer.exe[2604] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  411. .text C:\WINDOWS\system32\SearchIndexer.exe[2604] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  412. .text C:\WINDOWS\System32\alg.exe[2756] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  413. .text C:\WINDOWS\System32\alg.exe[2756] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  414. .text C:\WINDOWS\System32\alg.exe[2756] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  415. .text C:\WINDOWS\System32\alg.exe[2756] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  416. .text C:\WINDOWS\System32\alg.exe[2756] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  417. .text C:\WINDOWS\System32\alg.exe[2756] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  418. .text C:\WINDOWS\System32\alg.exe[2756] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  419. .text C:\WINDOWS\System32\alg.exe[2756] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  420. .text C:\WINDOWS\System32\alg.exe[2756] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  421. .text C:\WINDOWS\System32\alg.exe[2756] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  422. .text C:\WINDOWS\System32\alg.exe[2756] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  423. .text C:\WINDOWS\System32\alg.exe[2756] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  424. .text C:\WINDOWS\System32\alg.exe[2756] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  425. .text C:\WINDOWS\System32\alg.exe[2756] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  426. .text C:\Program Files\Prevx\prevx.exe[3880] ntdll.dll!NtClose 7C90CFEE 2 Bytes JMP 1001D080 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  427. .text C:\Program Files\Prevx\prevx.exe[3880] ntdll.dll!NtClose + 3 7C90CFF1 2 Bytes [71, 93] {JNO 0xffffffffffffff95}
  428. .text C:\Program Files\Prevx\prevx.exe[3880] ntdll.dll!NtReplyWaitReceivePort 7C90DA8E 5 Bytes JMP 1002BB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  429. .text C:\Program Files\Prevx\prevx.exe[3880] ntdll.dll!NtReplyWaitReceivePortEx 7C90DA9E 5 Bytes JMP 1002B860 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  430. .text C:\Program Files\Prevx\prevx.exe[3880] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10027DF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  431. .text C:\Program Files\Prevx\prevx.exe[3880] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 1001D1A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  432. .text C:\Program Files\Prevx\prevx.exe[3880] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10024F30 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  433. .text C:\Program Files\Prevx\prevx.exe[3880] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10025AC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  434. .text C:\Program Files\Prevx\prevx.exe[3880] ADVAPI32.dll!CreateProcessAsUserW 77DDA8A9 5 Bytes JMP 10023A60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  435. .text C:\Program Files\Prevx\prevx.exe[3880] ADVAPI32.dll!CreateProcessAsUserA 77E00CE8 5 Bytes JMP 10024390 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  436. .text C:\Program Files\Prevx\prevx.exe[3880] GDI32.dll!DeleteDC 77F16E5F 5 Bytes JMP 10028BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  437. .text C:\Program Files\Prevx\prevx.exe[3880] GDI32.dll!GetPixel 77F1B74C 5 Bytes JMP 10028990 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  438. .text C:\Program Files\Prevx\prevx.exe[3880] GDI32.dll!CreateDCA 77F1B7D2 5 Bytes JMP 10029CC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  439. .text C:\Program Files\Prevx\prevx.exe[3880] GDI32.dll!CreateDCW 77F1BE38 5 Bytes JMP 10029BC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)
  440.  
  441. ---- Kernel IAT/EAT - GMER 1.0.15 ----
  442.  
  443. IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] [F743A750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  444. IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] [F743A820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  445. IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] [F743A7F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  446. IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [F743A7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  447. IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [F743A7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  448. IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [F743A820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  449. IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [F743A750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  450. IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [F743A7F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  451. IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [F743A7F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  452. IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [F743A7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  453. IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [F743A820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  454. IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [F743A750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  455. IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [F743A7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  456. IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [F743A7F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  457. IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [F743A750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  458. IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [F743A820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  459. IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [F743A750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  460. IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [F743A820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  461. IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [F743A7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  462. IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [F743A7F0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  463. IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [F743A7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  464. IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [F743A820] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  465. IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [F743A750] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
  466.  
  467. ---- Devices - GMER 1.0.15 ----
  468.  
  469. AttachedDevice \Driver\Tcpip \Device\Ip cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
  470. AttachedDevice \Driver\Tcpip \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
  471. AttachedDevice \Driver\Tcpip \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
  472. AttachedDevice \Driver\Tcpip \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
  473. AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
  474.  
  475. ---- Files - GMER 1.0.15 ----
  476.  
  477. File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\11904BEF-2685-4E5D-A37C-475AC8959270.data 231227392 bytes
  478. File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\11904BEF-2685-4E5D-A37C-475AC8959270.data.info 116 bytes
  479. File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\347CF654-305C-435D-85B8-86337D718473.data 298270496 bytes
  480. File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\347CF654-305C-435D-85B8-86337D718473.data.info 162 bytes
  481. File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\8BB14EC0-C0F3-46D1-BDF4-F1B3FD9E0FDB.data 210890752 bytes
  482. File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\8BB14EC0-C0F3-46D1-BDF4-F1B3FD9E0FDB.data.info 148 bytes
  483. File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\Temp 0 bytes
  484. File C:\Program Files\COMODO\COMODO Internet Security\Quarantine\Temp\baseupd 0 bytes
  485.  
  486. ---- EOF - GMER 1.0.15 ----
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!